gluu
公開メンバ関数 | 静的公開メンバ関数 | 静的公開変数類 | 限定公開変数類 | 全メンバ一覧
org.xdi.oxauth.ws.rs.OpenIDRequestObjectHttpTest クラス
org.xdi.oxauth.ws.rs.OpenIDRequestObjectHttpTest の継承関係図
Inheritance graph
org.xdi.oxauth.ws.rs.OpenIDRequestObjectHttpTest 連携図
Collaboration graph

公開メンバ関数

void requestParameterMethod1 (final String userId, final String userSecret, final String redirectUris, final String redirectUri, final String sectorIdentifierUri) throws Exception
 
void requestParameterMethod2 (final String userId, final String userSecret, final String redirectUris, final String redirectUri, final String sectorIdentifierUri) throws Exception
 
void requestParameterMethod3 (final String userId, final String userSecret, final String redirectUris, final String redirectUri, final String sectorIdentifierUri) throws Exception
 
void requestParameterMethod4 (final String userId, final String userSecret, final String redirectUris, final String redirectUri, final String sectorIdentifierUri) throws Exception
 
void requestParameterMethod5 (final String userId, final String userSecret, final String redirectUris, final String redirectUri, final String sectorIdentifierUri) throws Exception
 
void requestParameterMethod6 (final String userId, final String userSecret, final String redirectUris, final String redirectUri, final String sectorIdentifierUri) throws Exception
 
void requestParameterMethodRS256 (final String userId, final String userSecret, final String redirectUri, final String redirectUris, final String jwksUri, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret, final String sectorIdentifierUri) throws Exception
 
void requestParameterMethodRS384 (final String userId, final String userSecret, final String redirectUri, final String redirectUris, final String jwksUri, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret, final String sectorIdentifierUri) throws Exception
 
void requestParameterMethodRS512 (final String userId, final String userSecret, final String redirectUri, final String redirectUris, final String jwksUri, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret, final String sectorIdentifierUri) throws Exception
 
void requestParameterMethodES256 (final String userId, final String userSecret, final String redirectUri, final String redirectUris, final String jwksUri, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret, final String sectorIdentifierUri) throws Exception
 
void requestParameterMethodES384 (final String userId, final String userSecret, final String redirectUri, final String redirectUris, final String jwksUri, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret, final String sectorIdentifierUri) throws Exception
 
void requestParameterMethodES512 (final String userId, final String userSecret, final String redirectUri, final String redirectUris, final String jwksUri, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret, final String sectorIdentifierUri) throws Exception
 
void requestParameterMethodRS256X509Cert (final String userId, final String userSecret, final String redirectUri, final String redirectUris, final String jwksUri, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret, final String sectorIdentifierUri) throws Exception
 
void requestParameterMethodRS384X509Cert (final String userId, final String userSecret, final String redirectUri, final String redirectUris, final String jwksUri, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret, final String sectorIdentifierUri) throws Exception
 
void requestParameterMethodRS512X509Cert (final String userId, final String userSecret, final String redirectUri, final String redirectUris, final String jwksUri, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret, final String sectorIdentifierUri) throws Exception
 
void requestParameterMethodES256X509Cert (final String userId, final String userSecret, final String redirectUri, final String redirectUris, final String jwksUri, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret, final String sectorIdentifierUri) throws Exception
 
void requestParameterMethodES384X509Cert (final String userId, final String userSecret, final String redirectUri, final String redirectUris, final String jwksUri, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret, final String sectorIdentifierUri) throws Exception
 
void requestParameterMethodES512X509Cert (final String userId, final String userSecret, final String redirectUri, final String redirectUris, final String jwksUri, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret, final String sectorIdentifierUri) throws Exception
 
void requestParameterMethodFail1 (final String userId, final String userSecret, final String redirectUris, final String redirectUri, final String sectorIdentifierUri)
 
void requestParameterMethodFail2 (final String userId, final String userSecret, final String redirectUris, final String redirectUri, final String sectorIdentifierUri)
 
void requestParameterMethodFail3 (final String userId, final String userSecret, final String redirectUris, final String redirectUri, final String sectorIdentifierUri)
 
void requestParameterMethodFail4 (final String userId, final String userSecret, final String redirectUris, final String redirectUri, final String sectorIdentifierUri)
 
void requestFileMethod (final String userId, final String userSecret, final String redirectUris, final String redirectUri, @Optional final String requestFileBasePath, final String requestFileBaseUrl, final String sectorIdentifierUri) throws Exception
 
void requestFileMethodFail1 (final String userId, final String userSecret, final String redirectUris, final String redirectUri, final String sectorIdentifierUri)
 
void requestFileMethodFail2 (final String userId, final String userSecret, final String redirectUris, final String redirectUri, final String requestFileBaseUrl, final String sectorIdentifierUri)
 
void requestFileMethodFail3 (final String userId, final String userSecret, final String redirectUris, final String redirectUri, @Optional final String requestFileBasePath, final String requestFileBaseUrl, final String sectorIdentifierUri) throws Exception
 
void requestParameterMethodAlgNone (final String userId, final String userSecret, final String redirectUri, final String redirectUris, final String sectorIdentifierUri)
 
void requestParameterMethodAlgRSAOAEPEncA256GCM (final String userId, final String userSecret, final String redirectUri, final String redirectUris, final String sectorIdentifierUri)
 
void requestParameterMethodAlgRSA15EncA128CBCPLUSHS256 (final String userId, final String userSecret, final String redirectUri, final String redirectUris, final String sectorIdentifierUri)
 
void requestParameterMethodAlgRSA15EncA256CBCPLUSHS512 (final String userId, final String userSecret, final String redirectUri, final String redirectUris, final String sectorIdentifierUri)
 
void requestParameterMethodAlgA128KWEncA128GCM (final String userId, final String userSecret, final String redirectUri, final String redirectUris, final String sectorIdentifierUri)
 
void requestParameterMethodAlgA256KWEncA256GCM (final String userId, final String userSecret, final String redirectUri, final String redirectUris, final String sectorIdentifierUri)
 
void initTestSuite (ITestContext context) throws FileNotFoundException, IOException
 
WebDriver getDriver ()
 
void setDriver (WebDriver driver)
 
String getAuthorizationEndpoint ()
 
void setAuthorizationEndpoint (String authorizationEndpoint)
 
String getTokenEndpoint ()
 
void setTokenEndpoint (String tokenEndpoint)
 
String getUserInfoEndpoint ()
 
void setUserInfoEndpoint (String userInfoEndpoint)
 
String getClientInfoEndpoint ()
 
void setClientInfoEndpoint (String clientInfoEndpoint)
 
String getCheckSessionIFrame ()
 
void setCheckSessionIFrame (String checkSessionIFrame)
 
String getEndSessionEndpoint ()
 
void setEndSessionEndpoint (String endSessionEndpoint)
 
String getJwksUri ()
 
void setJwksUri (String jwksUri)
 
String getRegistrationEndpoint ()
 
void setRegistrationEndpoint (String registrationEndpoint)
 
String getIntrospectionEndpoint ()
 
void setIntrospectionEndpoint (String p_introspectionEndpoint)
 
Map< String, List< String > > getScopeToClaimsMapping ()
 
void setScopeToClaimsMapping (Map< String, List< String >> p_scopeToClaimsMapping)
 
String getIdGenEndpoint ()
 
void setIdGenEndpoint (String p_idGenEndpoint)
 
String getConfigurationEndpoint ()
 
void setConfigurationEndpoint (String configurationEndpoint)
 
void startSelenium ()
 
void stopSelenium ()
 
AuthorizationResponse authenticateResourceOwnerAndGrantAccess (String authorizeUrl, AuthorizationRequest authorizationRequest, String userId, String userSecret)
 
AuthorizationResponse authenticateResourceOwnerAndGrantAccess (String authorizeUrl, AuthorizationRequest authorizationRequest, String userId, String userSecret, boolean cleanupCookies)
 
AuthorizationResponse authenticateResourceOwnerAndGrantAccess (String authorizeUrl, AuthorizationRequest authorizationRequest, String userId, String userSecret, boolean cleanupCookies, boolean useNewDriver)
 
AuthorizationResponse authenticateResourceOwnerAndGrantAccess (String authorizeUrl, AuthorizationRequest authorizationRequest, String userId, String userSecret, boolean cleanupCookies, boolean useNewDriver, int authzSteps)
 
AuthorizationResponse authenticateResourceOwnerAndDenyAccess (String authorizeUrl, AuthorizationRequest authorizationRequest, String userId, String userSecret)
 
AuthorizationResponse authorizationRequestAndGrantAccess (String authorizeUrl, AuthorizationRequest authorizationRequest)
 
AuthorizationResponse authorizationRequestAndDenyAccess (String authorizeUrl, AuthorizationRequest authorizationRequest)
 
AuthorizationResponse authenticateResourceOwner (String authorizeUrl, AuthorizationRequest authorizationRequest, String userId, String userSecret, boolean cleanupCookies)
 
String waitForResourceOwnerAndGrantLoginForm (String authorizeUrl, AuthorizationRequest authorizationRequest, boolean cleanupCookies)
 
String waitForResourceOwnerAndGrantLoginForm (String authorizeUrl, AuthorizationRequest authorizationRequest)
 
void discovery (ITestContext context) throws Exception
 
void showTitle (String title)
 
void showTitle (String title)
 
void showEntity (String entity)
 
void showResponse (String title, Response response)
 

静的公開メンバ関数

static void showClient (BaseClient client)
 
static void showClient (BaseClient client, CookieStore cookieStore)
 
static void showClientUserAgent (BaseClient client)
 
static void assertErrorResponse (BaseResponseWithErrors p_response, IErrorType p_errorType)
 
static DefaultHttpClient createHttpClient ()
 
static DefaultHttpClient createHttpClient (HostnameVerifierType p_verifierType)
 
static ClientExecutor clientExecutor () throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException
 
static ClientExecutor clientExecutor (boolean trustAll) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException
 
static HttpClient createHttpClientTrustAll () throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException
 
static void showResponse (String title, Response response, Object entity)
 
static void fails (Throwable e)
 
static void output (String p_msg)
 
static Archive<?> createDeployment ()
 

静的公開変数類

static FileConfiguration testData
 

限定公開変数類

WebDriver driver
 
String authorizationEndpoint
 
String authorizationPageEndpoint
 
String gluuConfigurationEndpoint
 
String tokenEndpoint
 
String userInfoEndpoint
 
String clientInfoEndpoint
 
String checkSessionIFrame
 
String endSessionEndpoint
 
String jwksUri
 
String registrationEndpoint
 
String configurationEndpoint
 
String idGenEndpoint
 
String introspectionEndpoint
 
Map< String, List< String > > scopeToClaimsMapping
 

詳解

Functional tests for OpenID Request Object (HTTP)

著者
Javier Rojas Blum
バージョン
May 30, 2018

関数詳解

◆ assertErrorResponse()

static void org.xdi.oxauth.BaseTest.assertErrorResponse ( BaseResponseWithErrors  p_response,
IErrorType  p_errorType 
)
inlinestaticinherited
787  {
788  assertEquals(p_response.getStatus(), 400, "Unexpected response code. Entity: " + p_response.getEntity());
789  assertNotNull(p_response.getEntity(), "The entity is null");
790  assertEquals(p_response.getErrorType(), p_errorType);
791  assertTrue(StringUtils.isNotBlank(p_response.getErrorDescription()));
792  }
org.xdi.oxauth.client.BaseResponseWithErrors.getErrorType
T getErrorType()
Definition: BaseResponseWithErrors.java:48
org.xdi.oxauth.client.BaseResponse.getEntity
String getEntity()
Definition: BaseResponse.java:85
org.xdi.oxauth.client.BaseResponse.getStatus
int getStatus()
Definition: BaseResponse.java:49
org.xdi.oxauth.client.BaseResponseWithErrors.getErrorDescription
String getErrorDescription()
Definition: BaseResponseWithErrors.java:40

◆ authenticateResourceOwner()

AuthorizationResponse org.xdi.oxauth.BaseTest.authenticateResourceOwner ( String  authorizeUrl,
AuthorizationRequest  authorizationRequest,
String  userId,
String  userSecret,
boolean  cleanupCookies 
)
inlineinherited

The authorization server authenticates the resource owner (via the user-agent) No authorization page.

556  {
557  String authorizationRequestUrl = authorizeUrl + "?" + authorizationRequest.getQueryString();
558 
559  AuthorizeClient authorizeClient = new AuthorizeClient(authorizeUrl);
560  authorizeClient.setRequest(authorizationRequest);
561 
562  System.out.println("authenticateResourceOwner: authorizationRequestUrl:" + authorizationRequestUrl);
563  startSelenium();
564  if (cleanupCookies) {
565  System.out.println("authenticateResourceOwner: Cleaning cookies");
566  deleteAllCookies();
567  }
568 // try {
569  driver.navigate().to(authorizationRequestUrl);
570 // } catch (WebDriverException ex) {
571 // if (ex.getCause() instanceof ScriptException) {
572 // System.out.println("authenticateResourceOwner: Script error: " + ex.getMessage());
573 // } else {
574 // throw ex;
575 // }
576 // }
577 
578  if (userSecret != null) {
579  if (userId != null) {
580  WebElement usernameElement = driver.findElement(By.name(loginFormUsername));
581  usernameElement.sendKeys(userId);
582  }
583 
584  WebElement passwordElement = driver.findElement(By.name(loginFormPassword));
585  passwordElement.sendKeys(userSecret);
586 
587  WebElement loginButton = driver.findElement(By.name(loginFormLoginButton));
588 
589  loginButton.click();
590  }
591 
592  String authorizationResponseStr = driver.getCurrentUrl();
593 
594  Cookie sessionStateCookie = driver.manage().getCookieNamed("session_state");
595  String sessionState = null;
596  if (sessionStateCookie != null) {
597  sessionState = sessionStateCookie.getValue();
598  }
599  System.out.println("authenticateResourceOwner: sessionState:" + sessionState);
600 
601  stopSelenium();
602 
603  AuthorizationResponse authorizationResponse = new AuthorizationResponse(authorizationResponseStr);
604  if (authorizationRequest.getRedirectUri() != null && authorizationRequest.getRedirectUri().equals(authorizationResponseStr)) {
605  authorizationResponse.setResponseMode(ResponseMode.FORM_POST);
606  }
607  authorizeClient.setResponse(authorizationResponse);
608  showClientUserAgent(authorizeClient);
609 
610  return authorizationResponse;
611  }
org.xdi.oxauth.model.common.ResponseMode.FORM_POST
FORM_POST
Definition: ResponseMode.java:33
org.xdi.oxauth.BaseTest.loginFormUsername
String loginFormUsername
Definition: BaseTest.java:88
org.xdi.oxauth.BaseTest.loginFormPassword
String loginFormPassword
Definition: BaseTest.java:89
org.xdi.oxauth.BaseTest.deleteAllCookies
void deleteAllCookies()
Definition: BaseTest.java:661
org.xdi.oxauth.BaseTest.stopSelenium
void stopSelenium()
Definition: BaseTest.java:243
org.xdi.oxauth.client.AuthorizeClient
Definition: AuthorizeClient.java:29
org.xdi.oxauth.model.common.ResponseMode
Definition: ResponseMode.java:16
org.xdi.oxauth.BaseTest.startSelenium
void startSelenium()
Definition: BaseTest.java:230
org.xdi.oxauth.BaseTest.loginFormLoginButton
String loginFormLoginButton
Definition: BaseTest.java:90
org.xdi.oxauth.client.AuthorizationRequest.getRedirectUri
String getRedirectUri()
Definition: AuthorizationRequest.java:184
org.xdi.oxauth.client.AuthorizationResponse.setResponseMode
void setResponseMode(ResponseMode responseMode)
Definition: AuthorizationResponse.java:228
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.client.BaseClient.setResponse
void setResponse(V response)
Definition: BaseClient.java:76
org.xdi.oxauth.BaseTest.driver
WebDriver driver
Definition: BaseTest.java:70
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.client.AuthorizationRequest.getQueryString
String getQueryString()
Definition: AuthorizationRequest.java:486
org.xdi.oxauth.BaseTest.showClientUserAgent
static void showClientUserAgent(BaseClient client)
Definition: BaseTest.java:783

◆ authenticateResourceOwnerAndDenyAccess()

AuthorizationResponse org.xdi.oxauth.BaseTest.authenticateResourceOwnerAndDenyAccess ( String  authorizeUrl,
AuthorizationRequest  authorizationRequest,
String  userId,
String  userSecret 
)
inlineinherited
408  {
409  String authorizationRequestUrl = authorizeUrl + "?" + authorizationRequest.getQueryString();
410 
411  AuthorizeClient authorizeClient = new AuthorizeClient(authorizeUrl);
412  authorizeClient.setRequest(authorizationRequest);
413 
414  System.out.println("authenticateResourceOwnerAndDenyAccess: authorizationRequestUrl:" + authorizationRequestUrl);
415  startSelenium();
416  driver.navigate().to(authorizationRequestUrl);
417 
418  WebElement usernameElement = driver.findElement(By.name(loginFormUsername));
419  WebElement passwordElement = driver.findElement(By.name(loginFormPassword));
420  WebElement loginButton = driver.findElement(By.name(loginFormLoginButton));
421 
422  if (userId != null) {
423  usernameElement.sendKeys(userId);
424  }
425  passwordElement.sendKeys(userSecret);
426  loginButton.click();
427 
428  String authorizationResponseStr = driver.getCurrentUrl();
429 
430  WebElement doNotAllowButton = driver.findElement(By.id(authorizeFormDoNotAllowButton));
431 
432  final String previousURL = driver.getCurrentUrl();
433  doNotAllowButton.click();
434  WebDriverWait wait = new WebDriverWait(driver, 10);
435  wait.until(new ExpectedCondition<Boolean>() {
436  public Boolean apply(WebDriver d) {
437  return (d.getCurrentUrl() != previousURL);
438  }
439  });
440 
441  authorizationResponseStr = driver.getCurrentUrl();
442 
443  Cookie sessionIdCookie = driver.manage().getCookieNamed("session_id");
444  String sessionId = null;
445  if (sessionIdCookie != null) {
446  sessionId = sessionIdCookie.getValue();
447  }
448  System.out.println("authenticateResourceOwnerAndDenyAccess: sessionId:" + sessionId);
449 
450  stopSelenium();
451 
452  AuthorizationResponse authorizationResponse = new AuthorizationResponse(authorizationResponseStr);
453  if (authorizationRequest.getRedirectUri() != null && authorizationRequest.getRedirectUri().equals(authorizationResponseStr)) {
454  authorizationResponse.setResponseMode(ResponseMode.FORM_POST);
455  }
456  authorizationResponse.setSessionId(sessionId);
457  authorizeClient.setResponse(authorizationResponse);
458  showClientUserAgent(authorizeClient);
459 
460  return authorizationResponse;
461  }
org.xdi.oxauth.model.common.ResponseMode.FORM_POST
FORM_POST
Definition: ResponseMode.java:33
org.xdi.oxauth.BaseTest.loginFormUsername
String loginFormUsername
Definition: BaseTest.java:88
org.xdi.oxauth.BaseTest.loginFormPassword
String loginFormPassword
Definition: BaseTest.java:89
org.xdi.oxauth.BaseTest.stopSelenium
void stopSelenium()
Definition: BaseTest.java:243
org.xdi.oxauth.BaseTest.authorizeFormDoNotAllowButton
String authorizeFormDoNotAllowButton
Definition: BaseTest.java:92
org.xdi.oxauth.client.AuthorizationResponse.setSessionId
void setSessionId(String p_sessionId)
Definition: AuthorizationResponse.java:212
org.xdi.oxauth.client.AuthorizeClient
Definition: AuthorizeClient.java:29
org.xdi.oxauth.model.common.ResponseMode
Definition: ResponseMode.java:16
org.xdi.oxauth.BaseTest.startSelenium
void startSelenium()
Definition: BaseTest.java:230
org.xdi.oxauth.BaseTest.loginFormLoginButton
String loginFormLoginButton
Definition: BaseTest.java:90
org.xdi.oxauth.client.AuthorizationRequest.getRedirectUri
String getRedirectUri()
Definition: AuthorizationRequest.java:184
org.xdi.oxauth.client.AuthorizationResponse.setResponseMode
void setResponseMode(ResponseMode responseMode)
Definition: AuthorizationResponse.java:228
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.client.BaseClient.setResponse
void setResponse(V response)
Definition: BaseClient.java:76
org.xdi.oxauth.BaseTest.driver
WebDriver driver
Definition: BaseTest.java:70
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.client.AuthorizationRequest.getQueryString
String getQueryString()
Definition: AuthorizationRequest.java:486
org.xdi.oxauth.BaseTest.showClientUserAgent
static void showClientUserAgent(BaseClient client)
Definition: BaseTest.java:783

◆ authenticateResourceOwnerAndGrantAccess() [1/4]

AuthorizationResponse org.xdi.oxauth.BaseTest.authenticateResourceOwnerAndGrantAccess ( String  authorizeUrl,
AuthorizationRequest  authorizationRequest,
String  userId,
String  userSecret 
)
inlineinherited

The authorization server authenticates the resource owner (via the user-agent) and establishes whether the resource owner grants or denies the client's access request.

253  {
254  return authenticateResourceOwnerAndGrantAccess(authorizeUrl, authorizationRequest, userId, userSecret, true);
255  }
org.xdi.oxauth.BaseTest.authenticateResourceOwnerAndGrantAccess
AuthorizationResponse authenticateResourceOwnerAndGrantAccess(String authorizeUrl, AuthorizationRequest authorizationRequest, String userId, String userSecret)
Definition: BaseTest.java:252

◆ authenticateResourceOwnerAndGrantAccess() [2/4]

AuthorizationResponse org.xdi.oxauth.BaseTest.authenticateResourceOwnerAndGrantAccess ( String  authorizeUrl,
AuthorizationRequest  authorizationRequest,
String  userId,
String  userSecret,
boolean  cleanupCookies 
)
inlineinherited

The authorization server authenticates the resource owner (via the user-agent) and establishes whether the resource owner grants or denies the client's access request.

262  {
263  return authenticateResourceOwnerAndGrantAccess(authorizeUrl, authorizationRequest, userId, userSecret, cleanupCookies, false);
264  }
org.xdi.oxauth.BaseTest.authenticateResourceOwnerAndGrantAccess
AuthorizationResponse authenticateResourceOwnerAndGrantAccess(String authorizeUrl, AuthorizationRequest authorizationRequest, String userId, String userSecret)
Definition: BaseTest.java:252

◆ authenticateResourceOwnerAndGrantAccess() [3/4]

AuthorizationResponse org.xdi.oxauth.BaseTest.authenticateResourceOwnerAndGrantAccess ( String  authorizeUrl,
AuthorizationRequest  authorizationRequest,
String  userId,
String  userSecret,
boolean  cleanupCookies,
boolean  useNewDriver 
)
inlineinherited

The authorization server authenticates the resource owner (via the user-agent) and establishes whether the resource owner grants or denies the client's access request.

272  {
273  return authenticateResourceOwnerAndGrantAccess(authorizeUrl, authorizationRequest, userId, userSecret, cleanupCookies, useNewDriver, 1);
274  }
org.xdi.oxauth.BaseTest.authenticateResourceOwnerAndGrantAccess
AuthorizationResponse authenticateResourceOwnerAndGrantAccess(String authorizeUrl, AuthorizationRequest authorizationRequest, String userId, String userSecret)
Definition: BaseTest.java:252

◆ authenticateResourceOwnerAndGrantAccess() [4/4]

AuthorizationResponse org.xdi.oxauth.BaseTest.authenticateResourceOwnerAndGrantAccess ( String  authorizeUrl,
AuthorizationRequest  authorizationRequest,
String  userId,
String  userSecret,
boolean  cleanupCookies,
boolean  useNewDriver,
int  authzSteps 
)
inlineinherited

The authorization server authenticates the resource owner (via the user-agent) and establishes whether the resource owner grants or denies the client's access request.

282  {
283  WebDriver currentDriver = initWebDriver(useNewDriver, cleanupCookies);
284 
285  AuthorizeClient authorizeClient = processAuthentication(currentDriver, authorizeUrl, authorizationRequest,
286  userId, userSecret);
287 
288  int remainAuthzSteps = authzSteps;
289 
290  String authorizationResponseStr = null;
291  do {
292  authorizationResponseStr = acceptAuthorization(currentDriver);
293  remainAuthzSteps--;
294  } while (remainAuthzSteps >= 1);
295 
296  AuthorizationResponse authorizationResponse = buildAuthorizationResponse(authorizationRequest, useNewDriver,
297  currentDriver, authorizeClient, authorizationResponseStr);
298 
299  stopWebDriver(useNewDriver, currentDriver);
300 
301  return authorizationResponse;
302  }
org.xdi.oxauth.BaseTest.buildAuthorizationResponse
AuthorizationResponse buildAuthorizationResponse(AuthorizationRequest authorizationRequest, boolean useNewDriver, WebDriver currentDriver, AuthorizeClient authorizeClient, String authorizationResponseStr)
Definition: BaseTest.java:387
org.xdi.oxauth.BaseTest.acceptAuthorization
String acceptAuthorization(WebDriver currentDriver)
Definition: BaseTest.java:358
org.xdi.oxauth.BaseTest.processAuthentication
AuthorizeClient processAuthentication(WebDriver currentDriver, String authorizeUrl, AuthorizationRequest authorizationRequest, String userId, String userSecret)
Definition: BaseTest.java:330
org.xdi.oxauth.client.AuthorizeClient
Definition: AuthorizeClient.java:29
org.xdi.oxauth.BaseTest.initWebDriver
WebDriver initWebDriver(boolean useNewDriver, boolean cleanupCookies)
Definition: BaseTest.java:304
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.BaseTest.stopWebDriver
void stopWebDriver(boolean useNewDriver, WebDriver currentDriver)
Definition: BaseTest.java:321

◆ authorizationRequestAndDenyAccess()

AuthorizationResponse org.xdi.oxauth.BaseTest.authorizationRequestAndDenyAccess ( String  authorizeUrl,
AuthorizationRequest  authorizationRequest 
)
inlineinherited
509  {
510  String authorizationRequestUrl = authorizeUrl + "?" + authorizationRequest.getQueryString();
511 
512  AuthorizeClient authorizeClient = new AuthorizeClient(authorizeUrl);
513  authorizeClient.setRequest(authorizationRequest);
514 
515  System.out.println("authorizationRequestAndDenyAccess: authorizationRequestUrl:" + authorizationRequestUrl);
516  startSelenium();
517  driver.navigate().to(authorizationRequestUrl);
518 
519  WebElement doNotAllowButton = driver.findElement(By.id(authorizeFormDoNotAllowButton));
520 
521  final String previousURL = driver.getCurrentUrl();
522  doNotAllowButton.click();
523  WebDriverWait wait = new WebDriverWait(driver, 10);
524  wait.until(new ExpectedCondition<Boolean>() {
525  public Boolean apply(WebDriver d) {
526  return (d.getCurrentUrl() != previousURL);
527  }
528  });
529 
530  String authorizationResponseStr = driver.getCurrentUrl();
531 
532  Cookie sessionStateCookie = driver.manage().getCookieNamed("session_state");
533  String sessionState = null;
534  if (sessionStateCookie != null) {
535  sessionState = sessionStateCookie.getValue();
536  }
537  System.out.println("authorizationRequestAndDenyAccess: sessionState:" + sessionState);
538 
539  stopSelenium();
540 
541  AuthorizationResponse authorizationResponse = new AuthorizationResponse(authorizationResponseStr);
542  if (authorizationRequest.getRedirectUri() != null && authorizationRequest.getRedirectUri().equals(authorizationResponseStr)) {
543  authorizationResponse.setResponseMode(ResponseMode.FORM_POST);
544  }
545  authorizeClient.setResponse(authorizationResponse);
546  showClientUserAgent(authorizeClient);
547 
548  return authorizationResponse;
549  }
org.xdi.oxauth.model.common.ResponseMode.FORM_POST
FORM_POST
Definition: ResponseMode.java:33
org.xdi.oxauth.BaseTest.stopSelenium
void stopSelenium()
Definition: BaseTest.java:243
org.xdi.oxauth.BaseTest.authorizeFormDoNotAllowButton
String authorizeFormDoNotAllowButton
Definition: BaseTest.java:92
org.xdi.oxauth.client.AuthorizeClient
Definition: AuthorizeClient.java:29
org.xdi.oxauth.model.common.ResponseMode
Definition: ResponseMode.java:16
org.xdi.oxauth.BaseTest.startSelenium
void startSelenium()
Definition: BaseTest.java:230
org.xdi.oxauth.client.AuthorizationRequest.getRedirectUri
String getRedirectUri()
Definition: AuthorizationRequest.java:184
org.xdi.oxauth.client.AuthorizationResponse.setResponseMode
void setResponseMode(ResponseMode responseMode)
Definition: AuthorizationResponse.java:228
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.client.BaseClient.setResponse
void setResponse(V response)
Definition: BaseClient.java:76
org.xdi.oxauth.BaseTest.driver
WebDriver driver
Definition: BaseTest.java:70
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.client.AuthorizationRequest.getQueryString
String getQueryString()
Definition: AuthorizationRequest.java:486
org.xdi.oxauth.BaseTest.showClientUserAgent
static void showClientUserAgent(BaseClient client)
Definition: BaseTest.java:783

◆ authorizationRequestAndGrantAccess()

AuthorizationResponse org.xdi.oxauth.BaseTest.authorizationRequestAndGrantAccess ( String  authorizeUrl,
AuthorizationRequest  authorizationRequest 
)
inlineinherited
464  {
465  String authorizationRequestUrl = authorizeUrl + "?" + authorizationRequest.getQueryString();
466 
467  AuthorizeClient authorizeClient = new AuthorizeClient(authorizeUrl);
468  authorizeClient.setRequest(authorizationRequest);
469 
470  System.out.println("authorizationRequestAndGrantAccess: authorizationRequestUrl:" + authorizationRequestUrl);
471  startSelenium();
472  driver.navigate().to(authorizationRequestUrl);
473 
474  String authorizationResponseStr = driver.getCurrentUrl();
475 
476  WebElement allowButton = driver.findElement(By.id(authorizeFormAllowButton));
477 
478  final String previousURL = driver.getCurrentUrl();
479  allowButton.click();
480  WebDriverWait wait = new WebDriverWait(driver, 10);
481  wait.until(new ExpectedCondition<Boolean>() {
482  public Boolean apply(WebDriver d) {
483  return (d.getCurrentUrl() != previousURL);
484  }
485  });
486 
487  authorizationResponseStr = driver.getCurrentUrl();
488 
489  Cookie sessionStateCookie = driver.manage().getCookieNamed("session_state");
490  String sessionState = null;
491  if (sessionStateCookie != null) {
492  sessionState = sessionStateCookie.getValue();
493  }
494  System.out.println("authorizationRequestAndGrantAccess: sessionState:" + sessionState);
495 
496  stopSelenium();
497 
498  AuthorizationResponse authorizationResponse = new AuthorizationResponse(authorizationResponseStr);
499  if (authorizationRequest.getRedirectUri() != null && authorizationRequest.getRedirectUri().equals(authorizationResponseStr)) {
500  authorizationResponse.setResponseMode(ResponseMode.FORM_POST);
501  }
502  authorizeClient.setResponse(authorizationResponse);
503  showClientUserAgent(authorizeClient);
504 
505  return authorizationResponse;
506  }
org.xdi.oxauth.model.common.ResponseMode.FORM_POST
FORM_POST
Definition: ResponseMode.java:33
org.xdi.oxauth.BaseTest.stopSelenium
void stopSelenium()
Definition: BaseTest.java:243
org.xdi.oxauth.client.AuthorizeClient
Definition: AuthorizeClient.java:29
org.xdi.oxauth.model.common.ResponseMode
Definition: ResponseMode.java:16
org.xdi.oxauth.BaseTest.startSelenium
void startSelenium()
Definition: BaseTest.java:230
org.xdi.oxauth.client.AuthorizationRequest.getRedirectUri
String getRedirectUri()
Definition: AuthorizationRequest.java:184
org.xdi.oxauth.client.AuthorizationResponse.setResponseMode
void setResponseMode(ResponseMode responseMode)
Definition: AuthorizationResponse.java:228
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.client.BaseClient.setResponse
void setResponse(V response)
Definition: BaseClient.java:76
org.xdi.oxauth.BaseTest.driver
WebDriver driver
Definition: BaseTest.java:70
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.client.AuthorizationRequest.getQueryString
String getQueryString()
Definition: AuthorizationRequest.java:486
org.xdi.oxauth.BaseTest.showClientUserAgent
static void showClientUserAgent(BaseClient client)
Definition: BaseTest.java:783
org.xdi.oxauth.BaseTest.authorizeFormAllowButton
String authorizeFormAllowButton
Definition: BaseTest.java:91

◆ clientExecutor() [1/2]

static ClientExecutor org.xdi.oxauth.BaseTest.clientExecutor ( ) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException
inlinestaticinherited
822  {
823  return clientExecutor(false);
824  }
org.xdi.oxauth.BaseTest.clientExecutor
static ClientExecutor clientExecutor()
Definition: BaseTest.java:822

◆ clientExecutor() [2/2]

static ClientExecutor org.xdi.oxauth.BaseTest.clientExecutor ( boolean  trustAll) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException
inlinestaticinherited
826  {
827  if (trustAll) {
828  return new ApacheHttpClient4Executor(createHttpClientTrustAll());
829  }
830  return ClientRequest.getDefaultExecutor();
831  }
org.xdi.oxauth.BaseTest.createHttpClientTrustAll
static HttpClient createHttpClientTrustAll()
Definition: BaseTest.java:833

◆ createDeployment()

static Archive<?> org.xdi.oxauth.ConfigurableTest.createDeployment ( )
inlinestaticinherited
40  {
41  return Deployments.createDeployment();
42  }

◆ createHttpClient() [1/2]

static DefaultHttpClient org.xdi.oxauth.BaseTest.createHttpClient ( )
inlinestaticinherited
794  {
795  return createHttpClient(HostnameVerifierType.DEFAULT);
796  }
org.xdi.oxauth.BaseTest.createHttpClient
static DefaultHttpClient createHttpClient()
Definition: BaseTest.java:794

◆ createHttpClient() [2/2]

static DefaultHttpClient org.xdi.oxauth.BaseTest.createHttpClient ( HostnameVerifierType  p_verifierType)
inlinestaticinherited
798  {
799  if (p_verifierType != null && p_verifierType != HostnameVerifierType.DEFAULT) {
800  switch (p_verifierType) {
801  case ALLOW_ALL:
802  HostnameVerifier hostnameVerifier = org.apache.http.conn.ssl.SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER;
803 
804  DefaultHttpClient client = new DefaultHttpClient();
805 
806  SchemeRegistry registry = new SchemeRegistry();
807  SSLSocketFactory socketFactory = SSLSocketFactory.getSocketFactory();
808  socketFactory.setHostnameVerifier((X509HostnameVerifier) hostnameVerifier);
809  registry.register(new Scheme("https", socketFactory, 443));
810  SingleClientConnManager mgr = new SingleClientConnManager(client.getParams(), registry);
811 
812  // Set verifier
813  HttpsURLConnection.setDefaultHostnameVerifier(hostnameVerifier);
814  return new DefaultHttpClient(mgr, client.getParams());
815  case DEFAULT:
816  return new DefaultHttpClient();
817  }
818  }
819  return new DefaultHttpClient();
820  }

◆ createHttpClientTrustAll()

static HttpClient org.xdi.oxauth.BaseTest.createHttpClientTrustAll ( ) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException
inlinestaticinherited
833  {
834  SSLSocketFactory sf = new SSLSocketFactory(new TrustStrategy() {
835  @Override
836  public boolean isTrusted(X509Certificate[] chain, String authType) throws CertificateException {
837  return true;
838  }
839  }, new AllowAllHostnameVerifier());
840 
841  SchemeRegistry registry = new SchemeRegistry();
842  registry.register(new Scheme("http", 80, PlainSocketFactory.getSocketFactory()));
843  registry.register(new Scheme("https", 443, sf));
844  ClientConnectionManager ccm = new PoolingClientConnectionManager(registry);
845  return new DefaultHttpClient(ccm);
846  }

◆ discovery()

void org.xdi.oxauth.BaseTest.discovery ( ITestContext  context) throws Exception
inlineinherited
670  {
671  // Load Form Interaction
672  loginFormUsername = context.getCurrentXmlTest().getParameter("loginFormUsername");
673  loginFormPassword = context.getCurrentXmlTest().getParameter("loginFormPassword");
674  loginFormLoginButton = context.getCurrentXmlTest().getParameter("loginFormLoginButton");
675  authorizeFormAllowButton = context.getCurrentXmlTest().getParameter("authorizeFormAllowButton");
676  authorizeFormDoNotAllowButton = context.getCurrentXmlTest().getParameter("authorizeFormDoNotAllowButton");
677 
678  String resource = context.getCurrentXmlTest().getParameter("swdResource");
679 
680  if (StringUtils.isNotBlank(resource)) {
681 
682  showTitle("OpenID Connect Discovery");
683 
684  OpenIdConnectDiscoveryClient openIdConnectDiscoveryClient = new OpenIdConnectDiscoveryClient(resource);
685  OpenIdConnectDiscoveryResponse openIdConnectDiscoveryResponse = openIdConnectDiscoveryClient.exec(clientExecutor(true));
686 
687  showClient(openIdConnectDiscoveryClient);
688  assertEquals(openIdConnectDiscoveryResponse.getStatus(), 200, "Unexpected response code");
689  assertNotNull(openIdConnectDiscoveryResponse.getSubject());
690  assertTrue(openIdConnectDiscoveryResponse.getLinks().size() > 0);
691 
692  configurationEndpoint = openIdConnectDiscoveryResponse.getLinks().get(0).getHref() +
693  "/.well-known/openid-configuration";
694 
695  System.out.println("OpenID Connect Configuration");
696 
697  OpenIdConfigurationClient client = new OpenIdConfigurationClient(configurationEndpoint);
698  client.setExecutor(clientExecutor(true));
699  OpenIdConfigurationResponse response = client.execOpenIdConfiguration();
700 
701  showClient(client);
702  assertEquals(response.getStatus(), 200, "Unexpected response code");
703  assertNotNull(response.getIssuer(), "The issuer is null");
704  assertNotNull(response.getAuthorizationEndpoint(), "The authorizationEndpoint is null");
705  assertNotNull(response.getTokenEndpoint(), "The tokenEndpoint is null");
706  assertNotNull(response.getUserInfoEndpoint(), "The userInfoEndPoint is null");
707  assertNotNull(response.getJwksUri(), "The jwksUri is null");
708  assertNotNull(response.getRegistrationEndpoint(), "The registrationEndpoint is null");
709 
710  assertTrue(response.getScopesSupported().size() > 0, "The scopesSupported is empty");
711  assertTrue(response.getScopeToClaimsMapping().size() > 0, "The scope to claims mapping is empty");
712  assertTrue(response.getResponseTypesSupported().size() > 0, "The responseTypesSupported is empty");
713  assertTrue(response.getGrantTypesSupported().size() > 0, "The grantTypesSupported is empty");
714  assertTrue(response.getAcrValuesSupported().size() >= 0, "The acrValuesSupported is empty");
715  assertTrue(response.getSubjectTypesSupported().size() > 0, "The subjectTypesSupported is empty");
716  assertTrue(response.getIdTokenSigningAlgValuesSupported().size() > 0, "The idTokenSigningAlgValuesSupported is empty");
717  assertTrue(response.getRequestObjectSigningAlgValuesSupported().size() > 0, "The requestObjectSigningAlgValuesSupported is empty");
718  assertTrue(response.getTokenEndpointAuthMethodsSupported().size() > 0, "The tokenEndpointAuthMethodsSupported is empty");
719  assertTrue(response.getClaimsSupported().size() > 0, "The claimsSupported is empty");
720 
721  authorizationEndpoint = response.getAuthorizationEndpoint();
722  tokenEndpoint = response.getTokenEndpoint();
723  userInfoEndpoint = response.getUserInfoEndpoint();
724  clientInfoEndpoint = response.getClientInfoEndpoint();
725  checkSessionIFrame = response.getCheckSessionIFrame();
726  endSessionEndpoint = response.getEndSessionEndpoint();
727  jwksUri = response.getJwksUri();
728  registrationEndpoint = response.getRegistrationEndpoint();
729  idGenEndpoint = response.getIdGenerationEndpoint();
730  introspectionEndpoint = response.getIntrospectionEndpoint();
731  scopeToClaimsMapping = response.getScopeToClaimsMapping();
732  gluuConfigurationEndpoint = determineGluuConfigurationEndpoint(openIdConnectDiscoveryResponse.getLinks().get(0).getHref());
733  } else {
734  showTitle("Loading configuration endpoints from properties file");
735 
736  authorizationEndpoint = context.getCurrentXmlTest().getParameter("authorizationEndpoint");
737  tokenEndpoint = context.getCurrentXmlTest().getParameter("tokenEndpoint");
738  userInfoEndpoint = context.getCurrentXmlTest().getParameter("userInfoEndpoint");
739  clientInfoEndpoint = context.getCurrentXmlTest().getParameter("clientInfoEndpoint");
740  checkSessionIFrame = context.getCurrentXmlTest().getParameter("checkSessionIFrame");
741  endSessionEndpoint = context.getCurrentXmlTest().getParameter("endSessionEndpoint");
742  jwksUri = context.getCurrentXmlTest().getParameter("jwksUri");
743  registrationEndpoint = context.getCurrentXmlTest().getParameter("registrationEndpoint");
744  configurationEndpoint = context.getCurrentXmlTest().getParameter("configurationEndpoint");
745  idGenEndpoint = context.getCurrentXmlTest().getParameter("idGenEndpoint");
746  introspectionEndpoint = context.getCurrentXmlTest().getParameter("introspectionEndpoint");
747  scopeToClaimsMapping = new HashMap<String, List<String>>();
748  }
749 
750  authorizationPageEndpoint = determineAuthorizationPageEndpoint(authorizationEndpoint);
751  }
org.xdi.oxauth.BaseTest.registrationEndpoint
String registrationEndpoint
Definition: BaseTest.java:81
org.xdi.oxauth.client.OpenIdConfigurationResponse.getIntrospectionEndpoint
String getIntrospectionEndpoint()
Definition: OpenIdConfigurationResponse.java:343
org.xdi.oxauth.client.OpenIdConfigurationResponse.getTokenEndpointAuthMethodsSupported
List< String > getTokenEndpointAuthMethodsSupported()
Definition: OpenIdConfigurationResponse.java:642
org.xdi.oxauth.BaseTest.determineAuthorizationPageEndpoint
String determineAuthorizationPageEndpoint(String authorizationEndpoint)
Definition: BaseTest.java:753
org.xdi.oxauth.BaseTest.jwksUri
String jwksUri
Definition: BaseTest.java:80
org.xdi.oxauth.client.OpenIdConfigurationResponse.getRegistrationEndpoint
String getRegistrationEndpoint()
Definition: OpenIdConfigurationResponse.java:310
org.xdi.oxauth.BaseTest.clientInfoEndpoint
String clientInfoEndpoint
Definition: BaseTest.java:77
org.xdi.oxauth.client.OpenIdConfigurationResponse.getCheckSessionIFrame
String getCheckSessionIFrame()
Definition: OpenIdConfigurationResponse.java:248
org.xdi.oxauth.BaseTest.authorizationPageEndpoint
String authorizationPageEndpoint
Definition: BaseTest.java:73
org.xdi.oxauth.BaseTest.idGenEndpoint
String idGenEndpoint
Definition: BaseTest.java:83
org.xdi.oxauth.client.OpenIdConfigurationResponse.getIdGenerationEndpoint
String getIdGenerationEndpoint()
Definition: OpenIdConfigurationResponse.java:327
org.xdi.oxauth.BaseTest.showClient
static void showClient(BaseClient client)
Definition: BaseTest.java:775
org.xdi.oxauth.client.OpenIdConfigurationResponse.getRequestObjectSigningAlgValuesSupported
List< String > getRequestObjectSigningAlgValuesSupported()
Definition: OpenIdConfigurationResponse.java:579
org.xdi.oxauth.BaseTest.loginFormUsername
String loginFormUsername
Definition: BaseTest.java:88
org.xdi.oxauth.BaseTest.loginFormPassword
String loginFormPassword
Definition: BaseTest.java:89
org.xdi.oxauth.BaseTest.configurationEndpoint
String configurationEndpoint
Definition: BaseTest.java:82
org.xdi.oxauth.client.OpenIdConfigurationResponse.getSubjectTypesSupported
List< String > getSubjectTypesSupported()
Definition: OpenIdConfigurationResponse.java:438
org.xdi.oxauth.client.OpenIdConfigurationResponse.getEndSessionEndpoint
String getEndSessionEndpoint()
Definition: OpenIdConfigurationResponse.java:268
org.xdi.oxauth.BaseTest.tokenEndpoint
String tokenEndpoint
Definition: BaseTest.java:75
org.xdi.oxauth.BaseTest.authorizeFormDoNotAllowButton
String authorizeFormDoNotAllowButton
Definition: BaseTest.java:92
org.xdi.oxauth.client.OpenIdConfigurationResponse.getAcrValuesSupported
List< String > getAcrValuesSupported()
Definition: OpenIdConfigurationResponse.java:418
org.xdi.oxauth.client.OpenIdConfigurationResponse.getClientInfoEndpoint
String getClientInfoEndpoint()
Definition: OpenIdConfigurationResponse.java:228
org.xdi.oxauth.client.OpenIdConfigurationResponse.getGrantTypesSupported
List< String > getGrantTypesSupported()
Definition: OpenIdConfigurationResponse.java:398
org.xdi.oxauth.BaseTest.checkSessionIFrame
String checkSessionIFrame
Definition: BaseTest.java:78
org.xdi.oxauth.client.BaseClient.setExecutor
void setExecutor(ClientExecutor executor)
Definition: BaseClient.java:84
org.xdi.oxauth.client.OpenIdConfigurationClient.execOpenIdConfiguration
OpenIdConfigurationResponse execOpenIdConfiguration()
Definition: OpenIdConfigurationClient.java:47
org.xdi.oxauth.BaseTest.loginFormLoginButton
String loginFormLoginButton
Definition: BaseTest.java:90
org.xdi.oxauth.BaseTest.gluuConfigurationEndpoint
String gluuConfigurationEndpoint
Definition: BaseTest.java:74
org.xdi.oxauth.client.OpenIdConfigurationResponse.getScopeToClaimsMapping
Map< String, List< String > > getScopeToClaimsMapping()
Definition: OpenIdConfigurationResponse.java:136
org.xdi.oxauth.client.OpenIdConfigurationResponse.getJwksUri
String getJwksUri()
Definition: OpenIdConfigurationResponse.java:289
org.xdi.oxauth.client.OpenIdConfigurationResponse.getTokenEndpoint
String getTokenEndpoint()
Definition: OpenIdConfigurationResponse.java:192
org.xdi.oxauth.client.OpenIdConfigurationResponse.getIdTokenSigningAlgValuesSupported
List< String > getIdTokenSigningAlgValuesSupported()
Definition: OpenIdConfigurationResponse.java:519
org.xdi.oxauth.client.OpenIdConnectDiscoveryClient
Definition: OpenIdConnectDiscoveryClient.java:29
org.xdi.oxauth.BaseTest.introspectionEndpoint
String introspectionEndpoint
Definition: BaseTest.java:84
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.client.OpenIdConfigurationResponse.getResponseTypesSupported
List< String > getResponseTypesSupported()
Definition: OpenIdConfigurationResponse.java:378
org.xdi.oxauth.BaseTest.endSessionEndpoint
String endSessionEndpoint
Definition: BaseTest.java:79
org.xdi.oxauth.client.OpenIdConnectDiscoveryResponse.getSubject
String getSubject()
Definition: OpenIdConnectDiscoveryResponse.java:32
org.xdi.oxauth.client.OpenIdConfigurationResponse.getScopesSupported
List< String > getScopesSupported()
Definition: OpenIdConfigurationResponse.java:360
org.xdi.oxauth.BaseTest.determineGluuConfigurationEndpoint
String determineGluuConfigurationEndpoint(String host)
Definition: BaseTest.java:757
org.xdi.oxauth.client.OpenIdConnectDiscoveryClient.exec
OpenIdConnectDiscoveryResponse exec()
Definition: OpenIdConnectDiscoveryClient.java:47
org.xdi.oxauth.client.OpenIdConfigurationResponse.getAuthorizationEndpoint
String getAuthorizationEndpoint()
Definition: OpenIdConfigurationResponse.java:174
org.xdi.oxauth.BaseTest.userInfoEndpoint
String userInfoEndpoint
Definition: BaseTest.java:76
org.xdi.oxauth.client.OpenIdConfigurationClient
Definition: OpenIdConfigurationClient.java:27
org.xdi.oxauth.client.BaseResponse.getStatus
int getStatus()
Definition: BaseResponse.java:49
org.xdi.oxauth.client.OpenIdConnectDiscoveryResponse.getLinks
List< WebFingerLink > getLinks()
Definition: OpenIdConnectDiscoveryResponse.java:40
org.xdi.oxauth.client.OpenIdConfigurationResponse.getClaimsSupported
List< String > getClaimsSupported()
Definition: OpenIdConfigurationResponse.java:728
org.xdi.oxauth.client.OpenIdConnectDiscoveryResponse
Definition: OpenIdConnectDiscoveryResponse.java:17
org.xdi.oxauth.BaseTest.authorizationEndpoint
String authorizationEndpoint
Definition: BaseTest.java:72
org.xdi.oxauth.client.OpenIdConfigurationResponse.getUserInfoEndpoint
String getUserInfoEndpoint()
Definition: OpenIdConfigurationResponse.java:210
org.xdi.oxauth.client.OpenIdConfigurationResponse
Definition: OpenIdConfigurationResponse.java:26
org.xdi.oxauth.BaseTest.clientExecutor
static ClientExecutor clientExecutor()
Definition: BaseTest.java:822
org.xdi.oxauth.BaseTest.scopeToClaimsMapping
Map< String, List< String > > scopeToClaimsMapping
Definition: BaseTest.java:85
org.xdi.oxauth.BaseTest.authorizeFormAllowButton
String authorizeFormAllowButton
Definition: BaseTest.java:91
org.xdi.oxauth.client.OpenIdConfigurationResponse.getIssuer
String getIssuer()
Definition: OpenIdConfigurationResponse.java:156

◆ fails()

static void org.xdi.oxauth.BaseTest.fails ( Throwable  e)
inlinestaticinherited
50  {
51  Assert.fail(e.getMessage(), e);
52  }

◆ getAuthorizationEndpoint()

String org.xdi.oxauth.BaseTest.getAuthorizationEndpoint ( )
inlineinherited
134  {
135  return authorizationEndpoint;
136  }
org.xdi.oxauth.BaseTest.authorizationEndpoint
String authorizationEndpoint
Definition: BaseTest.java:72

◆ getCheckSessionIFrame()

String org.xdi.oxauth.BaseTest.getCheckSessionIFrame ( )
inlineinherited
166  {
167  return checkSessionIFrame;
168  }
org.xdi.oxauth.BaseTest.checkSessionIFrame
String checkSessionIFrame
Definition: BaseTest.java:78

◆ getClientInfoEndpoint()

String org.xdi.oxauth.BaseTest.getClientInfoEndpoint ( )
inlineinherited
158  {
159  return clientInfoEndpoint;
160  }
org.xdi.oxauth.BaseTest.clientInfoEndpoint
String clientInfoEndpoint
Definition: BaseTest.java:77

◆ getConfigurationEndpoint()

String org.xdi.oxauth.BaseTest.getConfigurationEndpoint ( )
inlineinherited
222  {
223  return configurationEndpoint;
224  }
org.xdi.oxauth.BaseTest.configurationEndpoint
String configurationEndpoint
Definition: BaseTest.java:82

◆ getDriver()

WebDriver org.xdi.oxauth.BaseTest.getDriver ( )
inlineinherited
126  {
127  return driver;
128  }
org.xdi.oxauth.BaseTest.driver
WebDriver driver
Definition: BaseTest.java:70

◆ getEndSessionEndpoint()

String org.xdi.oxauth.BaseTest.getEndSessionEndpoint ( )
inlineinherited
174  {
175  return endSessionEndpoint;
176  }
org.xdi.oxauth.BaseTest.endSessionEndpoint
String endSessionEndpoint
Definition: BaseTest.java:79

◆ getIdGenEndpoint()

String org.xdi.oxauth.BaseTest.getIdGenEndpoint ( )
inlineinherited
214  {
215  return idGenEndpoint;
216  }
org.xdi.oxauth.BaseTest.idGenEndpoint
String idGenEndpoint
Definition: BaseTest.java:83

◆ getIntrospectionEndpoint()

String org.xdi.oxauth.BaseTest.getIntrospectionEndpoint ( )
inlineinherited
198  {
199  return introspectionEndpoint;
200  }
org.xdi.oxauth.BaseTest.introspectionEndpoint
String introspectionEndpoint
Definition: BaseTest.java:84

◆ getJwksUri()

String org.xdi.oxauth.BaseTest.getJwksUri ( )
inlineinherited
182  {
183  return jwksUri;
184  }
org.xdi.oxauth.BaseTest.jwksUri
String jwksUri
Definition: BaseTest.java:80

◆ getRegistrationEndpoint()

String org.xdi.oxauth.BaseTest.getRegistrationEndpoint ( )
inlineinherited
190  {
191  return registrationEndpoint;
192  }
org.xdi.oxauth.BaseTest.registrationEndpoint
String registrationEndpoint
Definition: BaseTest.java:81

◆ getScopeToClaimsMapping()

Map<String, List<String> > org.xdi.oxauth.BaseTest.getScopeToClaimsMapping ( )
inlineinherited
206  {
207  return scopeToClaimsMapping;
208  }
org.xdi.oxauth.BaseTest.scopeToClaimsMapping
Map< String, List< String > > scopeToClaimsMapping
Definition: BaseTest.java:85

◆ getTokenEndpoint()

String org.xdi.oxauth.BaseTest.getTokenEndpoint ( )
inlineinherited
142  {
143  return tokenEndpoint;
144  }
org.xdi.oxauth.BaseTest.tokenEndpoint
String tokenEndpoint
Definition: BaseTest.java:75

◆ getUserInfoEndpoint()

String org.xdi.oxauth.BaseTest.getUserInfoEndpoint ( )
inlineinherited
150  {
151  return userInfoEndpoint;
152  }
org.xdi.oxauth.BaseTest.userInfoEndpoint
String userInfoEndpoint
Definition: BaseTest.java:76

◆ initTestSuite()

void org.xdi.oxauth.BaseTest.initTestSuite ( ITestContext  context) throws FileNotFoundException, IOException
inlineinherited
95  {
96  SecurityProviderUtility.installBCProvider();
97 
98  Reporter.log("Invoked init test suite method \n", true);
99 
100  String propertiesFile = context.getCurrentXmlTest().getParameter("propertiesFile");
101  if (StringHelper.isEmpty(propertiesFile)) {
102  propertiesFile = "target/test-classes/testng.properties";
103  //propertiesFile = "U:\\own\\project\\git\\oxAuth\\Client\\src\\test\\resources\\testng_yuriy.properties";
104  //propertiesFile = "/Users/JAVIER/IdeaProjects/oxAuth/Client/target/test-classes/testng.properties";
105  }
106 
107  FileInputStream conf = new FileInputStream(propertiesFile);
108  Properties prop = new Properties();
109  prop.load(conf);
110 
111  Map<String, String> parameters = new HashMap<String, String>();
112  for (Entry<Object, Object> entry : prop.entrySet()) {
113  Object key = entry.getKey();
114  Object value = entry.getValue();
115 
116  if (StringHelper.isEmptyString(key) || StringHelper.isEmptyString(value)) {
117  continue;
118  }
119  parameters.put(key.toString(), value.toString());
120  }
121 
122  // Overrided test paramters
123  context.getSuite().getXmlSuite().setParameters(parameters);
124  }

◆ output()

static void org.xdi.oxauth.BaseTest.output ( String  p_msg)
inlinestaticinherited
54  {
55  System.out.println(p_msg);
56  }

◆ requestFileMethod()

void org.xdi.oxauth.ws.rs.OpenIDRequestObjectHttpTest.requestFileMethod ( final String  userId,
final String  userSecret,
final String  redirectUris,
final String  redirectUri,
@Optional final String  requestFileBasePath,
final String  requestFileBaseUrl,
final String  sectorIdentifierUri 
) throws Exception
inline
1770  {
1771  showTitle("requestFileMethod");
1772 
1773  if (StringHelper.isEmpty(requestFileBasePath)) {
1774  return;
1775  }
1776 
1777  List<ResponseType> responseTypes = Arrays.asList(
1778  ResponseType.TOKEN,
1779  ResponseType.ID_TOKEN);
1780 
1781  // 1. Register client
1782  RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
1783  StringUtils.spaceSeparatedToList(redirectUris));
1784  registerRequest.setResponseTypes(responseTypes);
1785  registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
1786 
1787  RegisterClient registerClient = new RegisterClient(registrationEndpoint);
1788  registerClient.setRequest(registerRequest);
1789  RegisterResponse registerResponse = registerClient.exec();
1790 
1791  showClient(registerClient);
1792  assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
1793  assertNotNull(registerResponse.getClientId());
1794  assertNotNull(registerResponse.getClientSecret());
1795  assertNotNull(registerResponse.getRegistrationAccessToken());
1796  assertNotNull(registerResponse.getClientIdIssuedAt());
1797  assertNotNull(registerResponse.getClientSecretExpiresAt());
1798 
1799  String clientId = registerResponse.getClientId();
1800  String clientSecret = registerResponse.getClientSecret();
1801 
1802  // 2. Request Authorization
1803  OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider();
1804 
1805  List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
1806  String nonce = UUID.randomUUID().toString();
1807  String state = UUID.randomUUID().toString();
1808 
1809  AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce);
1810  authorizationRequest.setState(state);
1811 
1812  try {
1813  JwtAuthorizationRequest jwtAuthorizationRequest = new JwtAuthorizationRequest(authorizationRequest, SignatureAlgorithm.HS256, clientSecret, cryptoProvider);
1814  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.NAME, ClaimValue.createNull()));
1815  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.NICKNAME, ClaimValue.createEssential(false)));
1816  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.EMAIL, ClaimValue.createNull()));
1817  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.EMAIL_VERIFIED, ClaimValue.createNull()));
1818  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.PICTURE, ClaimValue.createEssential(false)));
1819  jwtAuthorizationRequest.addIdTokenClaim(new Claim(JwtClaimName.AUTHENTICATION_TIME, ClaimValue.createNull()));
1820  jwtAuthorizationRequest.addIdTokenClaim(new Claim(JwtClaimName.AUTHENTICATION_CONTEXT_CLASS_REFERENCE, ClaimValue.createValueList(new String[]{"2"})));
1821  jwtAuthorizationRequest.getIdTokenMember().setMaxAge(86400);
1822  String authJwt = jwtAuthorizationRequest.getEncodedJwt();
1823  String hash = Base64Util.base64urlencode(JwtUtil.getMessageDigestSHA256(authJwt));
1824  String fileName = UUID.randomUUID().toString() + ".txt";
1825  String filePath = requestFileBasePath + File.separator + fileName;
1826  String fileUrl = requestFileBaseUrl + "/" + fileName;// + "#" + hash;
1827  FileWriter fw = new FileWriter(filePath);
1828  BufferedWriter bw = new BufferedWriter(fw);
1829  bw.write(authJwt);
1830  bw.close();
1831  fw.close();
1832  authorizationRequest.setRequestUri(fileUrl);
1833  System.out.println("Request JWT: " + authJwt);
1834  System.out.println("Request File Path: " + filePath);
1835  System.out.println("Request File URL: " + fileUrl);
1836  } catch (IOException e) {
1837  e.printStackTrace();
1838  fail(e.getMessage());
1839  } catch (NoSuchAlgorithmException e) {
1840  e.printStackTrace();
1841  fail(e.getMessage());
1842  } catch (NoSuchProviderException e) {
1843  e.printStackTrace();
1844  fail(e.getMessage());
1845  }
1846 
1847  AuthorizeClient authorizeClient = new AuthorizeClient(authorizationEndpoint);
1848  authorizeClient.setRequest(authorizationRequest);
1849 
1850  AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
1851  authorizationEndpoint, authorizationRequest, userId, userSecret);
1852 
1853  assertNotNull(authorizationResponse.getLocation(), "The location is null");
1854  assertNotNull(authorizationResponse.getAccessToken(), "The accessToken is null");
1855  assertNotNull(authorizationResponse.getTokenType(), "The tokenType is null");
1856  assertNotNull(authorizationResponse.getState(), "The state is null");
1857  }
org.xdi.oxauth.model.common.ResponseType.ID_TOKEN
ID_TOKEN
Definition: ResponseType.java:47
org.xdi.oxauth.BaseTest.registrationEndpoint
String registrationEndpoint
Definition: BaseTest.java:81
org.xdi.oxauth.client.RegisterClient
Definition: RegisterClient.java:34
org.xdi.oxauth.client.RegisterResponse
Definition: RegisterResponse.java:34
org.xdi.oxauth.client.AuthorizationResponse.getState
String getState()
Definition: AuthorizationResponse.java:314
org.xdi.oxauth.client.RegisterRequest.setSectorIdentifierUri
void setSectorIdentifierUri(String sectorIdentifierUri)
Definition: RegisterRequest.java:504
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm
Definition: SignatureAlgorithm.java:20
org.xdi.oxauth.BaseTest.showClient
static void showClient(BaseClient client)
Definition: BaseTest.java:775
org.xdi.oxauth.model.util.JwtUtil
Definition: JwtUtil.java:38
org.xdi.oxauth.client.RegisterResponse.getClientSecretExpiresAt
Date getClientSecretExpiresAt()
Definition: RegisterResponse.java:205
org.xdi.oxauth.client.RegisterClient.exec
RegisterResponse exec()
Definition: RegisterClient.java:76
org.xdi.oxauth.client.AuthorizeClient
Definition: AuthorizeClient.java:29
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm.HS256
HS256
Definition: SignatureAlgorithm.java:23
org.xdi.oxauth.client.RegisterResponse.getClientSecret
String getClientSecret()
Definition: RegisterResponse.java:160
org.xdi.oxauth.model.register.ApplicationType.WEB
WEB
Definition: ApplicationType.java:28
org.xdi.oxauth.client.AuthorizationResponse.getTokenType
TokenType getTokenType()
Definition: AuthorizationResponse.java:237
org.xdi.oxauth.client.RegisterResponse.getClientId
String getClientId()
Definition: RegisterResponse.java:142
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.model.util.JwtUtil.getMessageDigestSHA256
static byte [] getMessageDigestSHA256(String data)
Definition: JwtUtil.java:69
org.xdi.oxauth.client.RegisterRequest.setResponseTypes
void setResponseTypes(List< ResponseType > responseTypes)
Definition: RegisterRequest.java:272
org.xdi.oxauth.client.AuthorizationRequest.setRequestUri
void setRequestUri(String requestUri)
Definition: AuthorizationRequest.java:379
org.xdi.oxauth.client.RegisterRequest
Definition: RegisterRequest.java:37
org.xdi.oxauth.model.common.ResponseType.TOKEN
TOKEN
Definition: ResponseType.java:43
org.xdi.oxauth.client.BaseResponse.getLocation
String getLocation()
Definition: BaseResponse.java:58
org.xdi.oxauth.client.AuthorizationRequest
Definition: AuthorizationRequest.java:33
org.xdi.oxauth.model.register.ApplicationType
Definition: ApplicationType.java:12
org.xdi.oxauth.model.common.ResponseType
Definition: ResponseType.java:34
org.xdi.oxauth.client.AuthorizationRequest.setState
void setState(String state)
Definition: AuthorizationRequest.java:217
org.xdi.oxauth.client.RegisterResponse.getClientIdIssuedAt
Date getClientIdIssuedAt()
Definition: RegisterResponse.java:189
org.xdi.oxauth.BaseTest.authorizationEndpoint
String authorizationEndpoint
Definition: BaseTest.java:72
org.xdi.oxauth.BaseTest.authenticateResourceOwnerAndGrantAccess
AuthorizationResponse authenticateResourceOwnerAndGrantAccess(String authorizeUrl, AuthorizationRequest authorizationRequest, String userId, String userSecret)
Definition: BaseTest.java:252
org.xdi.oxauth.client.AuthorizationResponse.getAccessToken
String getAccessToken()
Definition: AuthorizationResponse.java:185
org.xdi.oxauth.model.crypto.OxAuthCryptoProvider
Definition: OxAuthCryptoProvider.java:62
org.xdi.oxauth.client.RegisterResponse.getRegistrationAccessToken
String getRegistrationAccessToken()
Definition: RegisterResponse.java:173

◆ requestFileMethodFail1()

void org.xdi.oxauth.ws.rs.OpenIDRequestObjectHttpTest.requestFileMethodFail1 ( final String  userId,
final String  userSecret,
final String  redirectUris,
final String  redirectUri,
final String  sectorIdentifierUri 
)
inline
1863  {
1864  try {
1865  showTitle("requestFileMethodFail1");
1866 
1867  List<ResponseType> responseTypes = Arrays.asList(
1868  ResponseType.TOKEN,
1869  ResponseType.ID_TOKEN);
1870 
1871  // 1. Register client
1872  RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
1873  StringUtils.spaceSeparatedToList(redirectUris));
1874  registerRequest.setResponseTypes(responseTypes);
1875  registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
1876 
1877  RegisterClient registerClient = new RegisterClient(registrationEndpoint);
1878  registerClient.setRequest(registerRequest);
1879  RegisterResponse registerResponse = registerClient.exec();
1880 
1881  showClient(registerClient);
1882  assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
1883  assertNotNull(registerResponse.getClientId());
1884  assertNotNull(registerResponse.getClientSecret());
1885  assertNotNull(registerResponse.getRegistrationAccessToken());
1886  assertNotNull(registerResponse.getClientIdIssuedAt());
1887  assertNotNull(registerResponse.getClientSecretExpiresAt());
1888 
1889  String clientId = registerResponse.getClientId();
1890 
1891  // 2. Request Authorization
1892  List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
1893  String nonce = UUID.randomUUID().toString();
1894  String state = UUID.randomUUID().toString();
1895 
1896  AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce);
1897  authorizationRequest.setState(state);
1898  authorizationRequest.setAuthUsername(userId);
1899  authorizationRequest.setAuthPassword(userSecret);
1900 
1901  authorizationRequest.setRequest("FAKE_REQUEST");
1902  authorizationRequest.setRequestUri("FAKE_REQUEST_URI");
1903 
1904  AuthorizeClient authorizeClient = new AuthorizeClient(authorizationEndpoint);
1905  authorizeClient.setRequest(authorizationRequest);
1906  AuthorizationResponse response = authorizeClient.exec();
1907 
1908  showClient(authorizeClient);
1909  assertEquals(response.getStatus(), 302, "Unexpected response code: " + response.getStatus());
1910  assertNotNull(response.getLocation(), "The location is null");
1911  assertNotNull(response.getErrorType(), "The error type is null");
1912  assertNotNull(response.getErrorDescription(), "The error description is null");
1913  assertNotNull(response.getState(), "The state is null");
1914  } catch (Exception e) {
1915  fail(e.getMessage(), e);
1916  }
1917  }
org.xdi.oxauth.model.common.ResponseType.ID_TOKEN
ID_TOKEN
Definition: ResponseType.java:47
org.xdi.oxauth.BaseTest.registrationEndpoint
String registrationEndpoint
Definition: BaseTest.java:81
org.xdi.oxauth.client.RegisterClient
Definition: RegisterClient.java:34
org.xdi.oxauth.client.BaseRequest.setAuthUsername
void setAuthUsername(String authUsername)
Definition: BaseRequest.java:62
org.xdi.oxauth.client.RegisterResponse
Definition: RegisterResponse.java:34
org.xdi.oxauth.client.AuthorizationResponse.getState
String getState()
Definition: AuthorizationResponse.java:314
org.xdi.oxauth.client.AuthorizeClient.exec
AuthorizationResponse exec()
Definition: AuthorizeClient.java:167
org.xdi.oxauth.client.RegisterRequest.setSectorIdentifierUri
void setSectorIdentifierUri(String sectorIdentifierUri)
Definition: RegisterRequest.java:504
org.xdi.oxauth.BaseTest.showClient
static void showClient(BaseClient client)
Definition: BaseTest.java:775
org.xdi.oxauth.client.RegisterResponse.getClientSecretExpiresAt
Date getClientSecretExpiresAt()
Definition: RegisterResponse.java:205
org.xdi.oxauth.client.RegisterClient.exec
RegisterResponse exec()
Definition: RegisterClient.java:76
org.xdi.oxauth.client.BaseRequest.setAuthPassword
void setAuthPassword(String authPassword)
Definition: BaseRequest.java:70
org.xdi.oxauth.client.AuthorizeClient
Definition: AuthorizeClient.java:29
org.xdi.oxauth.client.RegisterResponse.getClientSecret
String getClientSecret()
Definition: RegisterResponse.java:160
org.xdi.oxauth.model.register.ApplicationType.WEB
WEB
Definition: ApplicationType.java:28
org.xdi.oxauth.client.AuthorizationResponse.getErrorType
AuthorizeErrorResponseType getErrorType()
Definition: AuthorizationResponse.java:334
org.xdi.oxauth.client.RegisterResponse.getClientId
String getClientId()
Definition: RegisterResponse.java:142
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.client.RegisterRequest.setResponseTypes
void setResponseTypes(List< ResponseType > responseTypes)
Definition: RegisterRequest.java:272
org.xdi.oxauth.client.AuthorizationRequest.setRequestUri
void setRequestUri(String requestUri)
Definition: AuthorizationRequest.java:379
org.xdi.oxauth.client.RegisterRequest
Definition: RegisterRequest.java:37
org.xdi.oxauth.client.AuthorizationRequest.setRequest
void setRequest(String request)
Definition: AuthorizationRequest.java:361
org.xdi.oxauth.model.common.ResponseType.TOKEN
TOKEN
Definition: ResponseType.java:43
org.xdi.oxauth.client.BaseResponse.getLocation
String getLocation()
Definition: BaseResponse.java:58
org.xdi.oxauth.client.BaseResponse.getStatus
int getStatus()
Definition: BaseResponse.java:49
org.xdi.oxauth.client.AuthorizationRequest
Definition: AuthorizationRequest.java:33
org.xdi.oxauth.model.register.ApplicationType
Definition: ApplicationType.java:12
org.xdi.oxauth.model.common.ResponseType
Definition: ResponseType.java:34
org.xdi.oxauth.client.AuthorizationRequest.setState
void setState(String state)
Definition: AuthorizationRequest.java:217
org.xdi.oxauth.client.RegisterResponse.getClientIdIssuedAt
Date getClientIdIssuedAt()
Definition: RegisterResponse.java:189
org.xdi.oxauth.BaseTest.authorizationEndpoint
String authorizationEndpoint
Definition: BaseTest.java:72
org.xdi.oxauth.client.AuthorizationResponse.getErrorDescription
String getErrorDescription()
Definition: AuthorizationResponse.java:355
org.xdi.oxauth.client.RegisterResponse.getRegistrationAccessToken
String getRegistrationAccessToken()
Definition: RegisterResponse.java:173

◆ requestFileMethodFail2()

void org.xdi.oxauth.ws.rs.OpenIDRequestObjectHttpTest.requestFileMethodFail2 ( final String  userId,
final String  userSecret,
final String  redirectUris,
final String  redirectUri,
final String  requestFileBaseUrl,
final String  sectorIdentifierUri 
)
inline
1923  {
1924  try {
1925  showTitle("requestFileMethodFail2");
1926 
1927  List<ResponseType> responseTypes = Arrays.asList(
1928  ResponseType.TOKEN,
1929  ResponseType.ID_TOKEN);
1930 
1931  // 1. Register client
1932  RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
1933  StringUtils.spaceSeparatedToList(redirectUris));
1934  registerRequest.setResponseTypes(responseTypes);
1935  registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
1936 
1937  RegisterClient registerClient = new RegisterClient(registrationEndpoint);
1938  registerClient.setRequest(registerRequest);
1939  RegisterResponse registerResponse = registerClient.exec();
1940 
1941  showClient(registerClient);
1942  assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
1943  assertNotNull(registerResponse.getClientId());
1944  assertNotNull(registerResponse.getClientSecret());
1945  assertNotNull(registerResponse.getRegistrationAccessToken());
1946  assertNotNull(registerResponse.getClientIdIssuedAt());
1947  assertNotNull(registerResponse.getClientSecretExpiresAt());
1948 
1949  String clientId = registerResponse.getClientId();
1950 
1951  // 2. Authorization Request
1952  List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
1953  String nonce = UUID.randomUUID().toString();
1954  String state = UUID.randomUUID().toString();
1955 
1956  AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce);
1957  authorizationRequest.setState(state);
1958  authorizationRequest.setAuthUsername(userId);
1959  authorizationRequest.setAuthPassword(userSecret);
1960 
1961  authorizationRequest.setRequestUri(requestFileBaseUrl + "/FAKE_REQUEST_URI");
1962 
1963  AuthorizeClient authorizeClient = new AuthorizeClient(authorizationEndpoint);
1964  authorizeClient.setRequest(authorizationRequest);
1965  AuthorizationResponse response = authorizeClient.exec();
1966 
1967  showClient(authorizeClient);
1968  assertEquals(response.getStatus(), 302, "Unexpected response code: " + response.getStatus());
1969  assertNotNull(response.getLocation(), "The location is null");
1970  // assertNotNull(response.getErrorType(), "The error type is null");
1971  // assertNotNull(response.getErrorDescription(), "The error description is null");
1972  assertNotNull(response.getState(), "The state is null");
1973  } catch (Exception e) {
1974  fail(e.getMessage(), e);
1975  }
1976  }
org.xdi.oxauth.model.common.ResponseType.ID_TOKEN
ID_TOKEN
Definition: ResponseType.java:47
org.xdi.oxauth.BaseTest.registrationEndpoint
String registrationEndpoint
Definition: BaseTest.java:81
org.xdi.oxauth.client.RegisterClient
Definition: RegisterClient.java:34
org.xdi.oxauth.client.BaseRequest.setAuthUsername
void setAuthUsername(String authUsername)
Definition: BaseRequest.java:62
org.xdi.oxauth.client.RegisterResponse
Definition: RegisterResponse.java:34
org.xdi.oxauth.client.AuthorizationResponse.getState
String getState()
Definition: AuthorizationResponse.java:314
org.xdi.oxauth.client.AuthorizeClient.exec
AuthorizationResponse exec()
Definition: AuthorizeClient.java:167
org.xdi.oxauth.client.RegisterRequest.setSectorIdentifierUri
void setSectorIdentifierUri(String sectorIdentifierUri)
Definition: RegisterRequest.java:504
org.xdi.oxauth.BaseTest.showClient
static void showClient(BaseClient client)
Definition: BaseTest.java:775
org.xdi.oxauth.client.RegisterResponse.getClientSecretExpiresAt
Date getClientSecretExpiresAt()
Definition: RegisterResponse.java:205
org.xdi.oxauth.client.RegisterClient.exec
RegisterResponse exec()
Definition: RegisterClient.java:76
org.xdi.oxauth.client.BaseRequest.setAuthPassword
void setAuthPassword(String authPassword)
Definition: BaseRequest.java:70
org.xdi.oxauth.client.AuthorizeClient
Definition: AuthorizeClient.java:29
org.xdi.oxauth.client.RegisterResponse.getClientSecret
String getClientSecret()
Definition: RegisterResponse.java:160
org.xdi.oxauth.model.register.ApplicationType.WEB
WEB
Definition: ApplicationType.java:28
org.xdi.oxauth.client.RegisterResponse.getClientId
String getClientId()
Definition: RegisterResponse.java:142
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.client.RegisterRequest.setResponseTypes
void setResponseTypes(List< ResponseType > responseTypes)
Definition: RegisterRequest.java:272
org.xdi.oxauth.client.AuthorizationRequest.setRequestUri
void setRequestUri(String requestUri)
Definition: AuthorizationRequest.java:379
org.xdi.oxauth.client.RegisterRequest
Definition: RegisterRequest.java:37
org.xdi.oxauth.model.common.ResponseType.TOKEN
TOKEN
Definition: ResponseType.java:43
org.xdi.oxauth.client.BaseResponse.getLocation
String getLocation()
Definition: BaseResponse.java:58
org.xdi.oxauth.client.BaseResponse.getStatus
int getStatus()
Definition: BaseResponse.java:49
org.xdi.oxauth.client.AuthorizationRequest
Definition: AuthorizationRequest.java:33
org.xdi.oxauth.model.register.ApplicationType
Definition: ApplicationType.java:12
org.xdi.oxauth.model.common.ResponseType
Definition: ResponseType.java:34
org.xdi.oxauth.client.AuthorizationRequest.setState
void setState(String state)
Definition: AuthorizationRequest.java:217
org.xdi.oxauth.client.RegisterResponse.getClientIdIssuedAt
Date getClientIdIssuedAt()
Definition: RegisterResponse.java:189
org.xdi.oxauth.BaseTest.authorizationEndpoint
String authorizationEndpoint
Definition: BaseTest.java:72
org.xdi.oxauth.client.RegisterResponse.getRegistrationAccessToken
String getRegistrationAccessToken()
Definition: RegisterResponse.java:173

◆ requestFileMethodFail3()

void org.xdi.oxauth.ws.rs.OpenIDRequestObjectHttpTest.requestFileMethodFail3 ( final String  userId,
final String  userSecret,
final String  redirectUris,
final String  redirectUri,
@Optional final String  requestFileBasePath,
final String  requestFileBaseUrl,
final String  sectorIdentifierUri 
) throws Exception
inline
1982  {
1983  showTitle("requestFileMethodFail3");
1984 
1985  if (StringHelper.isEmpty(requestFileBasePath)) {
1986  return;
1987  }
1988 
1989  List<ResponseType> responseTypes = Arrays.asList(
1990  ResponseType.TOKEN,
1991  ResponseType.ID_TOKEN);
1992 
1993  // 1. Register client
1994  RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
1995  StringUtils.spaceSeparatedToList(redirectUris));
1996  registerRequest.setResponseTypes(responseTypes);
1997  registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
1998 
1999  RegisterClient registerClient = new RegisterClient(registrationEndpoint);
2000  registerClient.setRequest(registerRequest);
2001  RegisterResponse registerResponse = registerClient.exec();
2002 
2003  showClient(registerClient);
2004  assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
2005  assertNotNull(registerResponse.getClientId());
2006  assertNotNull(registerResponse.getClientSecret());
2007  assertNotNull(registerResponse.getRegistrationAccessToken());
2008  assertNotNull(registerResponse.getClientIdIssuedAt());
2009  assertNotNull(registerResponse.getClientSecretExpiresAt());
2010 
2011  String clientId = registerResponse.getClientId();
2012  String clientSecret = registerResponse.getClientSecret();
2013 
2014  // 2. Authorization Request
2015  OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider();
2016 
2017  List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
2018  String nonce = UUID.randomUUID().toString();
2019  String state = UUID.randomUUID().toString();
2020 
2021  AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce);
2022  authorizationRequest.setState(state);
2023  authorizationRequest.setAuthUsername(userId);
2024  authorizationRequest.setAuthPassword(userSecret);
2025  authorizationRequest.getPrompts().add(Prompt.NONE);
2026 
2027  try {
2028  JwtAuthorizationRequest jwtAuthorizationRequest = new JwtAuthorizationRequest(authorizationRequest, SignatureAlgorithm.HS256, clientSecret, cryptoProvider);
2029  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.NAME, ClaimValue.createNull()));
2030  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.NICKNAME, ClaimValue.createEssential(false)));
2031  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.EMAIL, ClaimValue.createNull()));
2032  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.EMAIL_VERIFIED, ClaimValue.createNull()));
2033  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.PICTURE, ClaimValue.createEssential(false)));
2034  jwtAuthorizationRequest.addIdTokenClaim(new Claim(JwtClaimName.AUTHENTICATION_TIME, ClaimValue.createNull()));
2035  jwtAuthorizationRequest.addIdTokenClaim(new Claim(JwtClaimName.AUTHENTICATION_CONTEXT_CLASS_REFERENCE, ClaimValue.createValueList(new String[]{"2"})));
2036  jwtAuthorizationRequest.getIdTokenMember().setMaxAge(86400);
2037  String authJwt = jwtAuthorizationRequest.getEncodedJwt();
2038  String hash = "INVALID_HASH";
2039  String fileName = UUID.randomUUID().toString() + ".txt";
2040  String filePath = requestFileBasePath + File.separator + fileName;
2041  String fileUrl = requestFileBaseUrl + "/" + fileName + "#" + hash;
2042  FileWriter fw = new FileWriter(filePath);
2043  BufferedWriter bw = new BufferedWriter(fw);
2044  bw.write(authJwt);
2045  bw.close();
2046  fw.close();
2047  authorizationRequest.setRequestUri(fileUrl);
2048  System.out.println("Request JWT: " + authJwt);
2049  System.out.println("Request File Path: " + filePath);
2050  System.out.println("Request File URL: " + fileUrl);
2051  } catch (IOException e) {
2052  e.printStackTrace();
2053  fail(e.getMessage());
2054  }
2055 
2056  AuthorizeClient authorizeClient = new AuthorizeClient(authorizationEndpoint);
2057  authorizeClient.setRequest(authorizationRequest);
2058  AuthorizationResponse response = authorizeClient.exec();
2059 
2060  showClient(authorizeClient);
2061  assertEquals(response.getStatus(), 302, "Unexpected response code: " + response.getStatus());
2062  assertNotNull(response.getLocation(), "The location is null");
2063  assertNotNull(response.getErrorType(), "The error type is null");
2064  assertNotNull(response.getErrorDescription(), "The error description is null");
2065  assertNotNull(response.getState(), "The state is null");
2066  }
org.xdi.oxauth.model.common.ResponseType.ID_TOKEN
ID_TOKEN
Definition: ResponseType.java:47
org.xdi.oxauth.BaseTest.registrationEndpoint
String registrationEndpoint
Definition: BaseTest.java:81
org.xdi.oxauth.client.RegisterClient
Definition: RegisterClient.java:34
org.xdi.oxauth.client.BaseRequest.setAuthUsername
void setAuthUsername(String authUsername)
Definition: BaseRequest.java:62
org.xdi.oxauth.client.RegisterResponse
Definition: RegisterResponse.java:34
org.xdi.oxauth.client.AuthorizationRequest.getPrompts
List< Prompt > getPrompts()
Definition: AuthorizationRequest.java:275
org.xdi.oxauth.client.AuthorizationResponse.getState
String getState()
Definition: AuthorizationResponse.java:314
org.xdi.oxauth.client.RegisterRequest.setSectorIdentifierUri
void setSectorIdentifierUri(String sectorIdentifierUri)
Definition: RegisterRequest.java:504
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm
Definition: SignatureAlgorithm.java:20
org.xdi.oxauth.BaseTest.showClient
static void showClient(BaseClient client)
Definition: BaseTest.java:775
org.xdi.oxauth.client.RegisterResponse.getClientSecretExpiresAt
Date getClientSecretExpiresAt()
Definition: RegisterResponse.java:205
org.xdi.oxauth.client.RegisterClient.exec
RegisterResponse exec()
Definition: RegisterClient.java:76
org.xdi.oxauth.client.BaseRequest.setAuthPassword
void setAuthPassword(String authPassword)
Definition: BaseRequest.java:70
org.xdi.oxauth.client.AuthorizeClient
Definition: AuthorizeClient.java:29
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm.HS256
HS256
Definition: SignatureAlgorithm.java:23
org.xdi.oxauth.client.RegisterResponse.getClientSecret
String getClientSecret()
Definition: RegisterResponse.java:160
org.xdi.oxauth.model.register.ApplicationType.WEB
WEB
Definition: ApplicationType.java:28
org.xdi.oxauth.model.common.Prompt.NONE
NONE
Definition: Prompt.java:27
org.xdi.oxauth.client.AuthorizationResponse.getErrorType
AuthorizeErrorResponseType getErrorType()
Definition: AuthorizationResponse.java:334
org.xdi.oxauth.client.RegisterResponse.getClientId
String getClientId()
Definition: RegisterResponse.java:142
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.client.RegisterRequest.setResponseTypes
void setResponseTypes(List< ResponseType > responseTypes)
Definition: RegisterRequest.java:272
org.xdi.oxauth.client.AuthorizationRequest.setRequestUri
void setRequestUri(String requestUri)
Definition: AuthorizationRequest.java:379
org.xdi.oxauth.client.RegisterRequest
Definition: RegisterRequest.java:37
org.xdi.oxauth.model.common.Prompt
Definition: Prompt.java:18
org.xdi.oxauth.model.common.ResponseType.TOKEN
TOKEN
Definition: ResponseType.java:43
org.xdi.oxauth.client.BaseResponse.getLocation
String getLocation()
Definition: BaseResponse.java:58
org.xdi.oxauth.client.BaseResponse.getStatus
int getStatus()
Definition: BaseResponse.java:49
org.xdi.oxauth.client.AuthorizationRequest
Definition: AuthorizationRequest.java:33
org.xdi.oxauth.model.register.ApplicationType
Definition: ApplicationType.java:12
org.xdi.oxauth.model.common.ResponseType
Definition: ResponseType.java:34
org.xdi.oxauth.client.AuthorizationRequest.setState
void setState(String state)
Definition: AuthorizationRequest.java:217
org.xdi.oxauth.client.RegisterResponse.getClientIdIssuedAt
Date getClientIdIssuedAt()
Definition: RegisterResponse.java:189
org.xdi.oxauth.BaseTest.authorizationEndpoint
String authorizationEndpoint
Definition: BaseTest.java:72
org.xdi.oxauth.client.AuthorizationResponse.getErrorDescription
String getErrorDescription()
Definition: AuthorizationResponse.java:355
org.xdi.oxauth.model.crypto.OxAuthCryptoProvider
Definition: OxAuthCryptoProvider.java:62
org.xdi.oxauth.client.RegisterResponse.getRegistrationAccessToken
String getRegistrationAccessToken()
Definition: RegisterResponse.java:173

◆ requestParameterMethod1()

void org.xdi.oxauth.ws.rs.OpenIDRequestObjectHttpTest.requestParameterMethod1 ( final String  userId,
final String  userSecret,
final String  redirectUris,
final String  redirectUri,
final String  sectorIdentifierUri 
) throws Exception
inline
55  {
56  showTitle("requestParameterMethod1");
57 
58  List<ResponseType> responseTypes = Arrays.asList(
59  ResponseType.TOKEN,
60  ResponseType.ID_TOKEN);
61 
62  // 1. Register client
63  RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
64  StringUtils.spaceSeparatedToList(redirectUris));
65  registerRequest.setResponseTypes(responseTypes);
66  registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
67 
68  RegisterClient registerClient = new RegisterClient(registrationEndpoint);
69  registerClient.setRequest(registerRequest);
70  RegisterResponse registerResponse = registerClient.exec();
71 
72  showClient(registerClient);
73  assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
74  assertNotNull(registerResponse.getClientId());
75  assertNotNull(registerResponse.getClientSecret());
76  assertNotNull(registerResponse.getRegistrationAccessToken());
77  assertNotNull(registerResponse.getClientIdIssuedAt());
78  assertNotNull(registerResponse.getClientSecretExpiresAt());
79 
80  String clientId = registerResponse.getClientId();
81  String clientSecret = registerResponse.getClientSecret();
82 
83  // 2. Request authorization
84  OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider();
85 
86  List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
87  String nonce = UUID.randomUUID().toString();
88  String state = UUID.randomUUID().toString();
89 
90  AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce);
91  authorizationRequest.setState(state);
92 
93  JwtAuthorizationRequest jwtAuthorizationRequest = new JwtAuthorizationRequest(
94  authorizationRequest, SignatureAlgorithm.HS256, clientSecret, cryptoProvider);
95  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.NAME, ClaimValue.createNull()));
96  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.NICKNAME, ClaimValue.createEssential(false)));
97  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.EMAIL, ClaimValue.createNull()));
98  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.EMAIL_VERIFIED, ClaimValue.createNull()));
99  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.PICTURE, ClaimValue.createEssential(false)));
100  jwtAuthorizationRequest.addIdTokenClaim(new Claim(JwtClaimName.AUTHENTICATION_TIME, ClaimValue.createNull()));
101  jwtAuthorizationRequest.addIdTokenClaim(new Claim(JwtClaimName.AUTHENTICATION_CONTEXT_CLASS_REFERENCE, ClaimValue.createValueList(new String[]{"2"})));
102  jwtAuthorizationRequest.getIdTokenMember().setMaxAge(86400);
103  String authJwt = jwtAuthorizationRequest.getEncodedJwt();
104  authorizationRequest.setRequest(authJwt);
105 
106  AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
107  authorizationEndpoint, authorizationRequest, userId, userSecret);
108 
109  assertNotNull(authorizationResponse.getLocation(), "The location is null");
110  assertNotNull(authorizationResponse.getAccessToken(), "The accessToken is null");
111  assertNotNull(authorizationResponse.getTokenType(), "The tokenType is null");
112  assertNotNull(authorizationResponse.getIdToken(), "The idToken is null");
113  assertNotNull(authorizationResponse.getState(), "The state is null");
114 
115  String accessToken = authorizationResponse.getAccessToken();
116 
117  // 3. Request user info
118  UserInfoClient userInfoClient = new UserInfoClient(userInfoEndpoint);
119  UserInfoResponse userInfoResponse = userInfoClient.execUserInfo(accessToken);
120 
121  showClient(userInfoClient);
122  assertEquals(userInfoResponse.getStatus(), 200, "Unexpected response code: " + userInfoResponse.getStatus());
123  assertNotNull(userInfoResponse.getClaim(JwtClaimName.SUBJECT_IDENTIFIER));
124  assertNotNull(userInfoResponse.getClaim(JwtClaimName.NAME));
125  assertNotNull(userInfoResponse.getClaim(JwtClaimName.GIVEN_NAME));
126  assertNotNull(userInfoResponse.getClaim(JwtClaimName.FAMILY_NAME));
127  assertNotNull(userInfoResponse.getClaim(JwtClaimName.EMAIL));
128  assertNotNull(userInfoResponse.getClaim(JwtClaimName.ZONEINFO));
129  assertNotNull(userInfoResponse.getClaim(JwtClaimName.LOCALE));
130  assertNotNull(userInfoResponse.getClaim(JwtClaimName.ADDRESS));
131  }
org.xdi.oxauth.model.common.ResponseType.ID_TOKEN
ID_TOKEN
Definition: ResponseType.java:47
org.xdi.oxauth.BaseTest.registrationEndpoint
String registrationEndpoint
Definition: BaseTest.java:81
org.xdi.oxauth.client.RegisterClient
Definition: RegisterClient.java:34
org.xdi.oxauth.client.AuthorizationResponse.getIdToken
String getIdToken()
Definition: AuthorizationResponse.java:295
org.xdi.oxauth.client.UserInfoClient.execUserInfo
UserInfoResponse execUserInfo(String accessToken)
Definition: UserInfoClient.java:66
org.xdi.oxauth.client.RegisterResponse
Definition: RegisterResponse.java:34
org.xdi.oxauth.client.AuthorizationResponse.getState
String getState()
Definition: AuthorizationResponse.java:314
org.xdi.oxauth.client.RegisterRequest.setSectorIdentifierUri
void setSectorIdentifierUri(String sectorIdentifierUri)
Definition: RegisterRequest.java:504
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm
Definition: SignatureAlgorithm.java:20
org.xdi.oxauth.BaseTest.showClient
static void showClient(BaseClient client)
Definition: BaseTest.java:775
org.xdi.oxauth.client.RegisterResponse.getClientSecretExpiresAt
Date getClientSecretExpiresAt()
Definition: RegisterResponse.java:205
org.xdi.oxauth.client.RegisterClient.exec
RegisterResponse exec()
Definition: RegisterClient.java:76
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm.HS256
HS256
Definition: SignatureAlgorithm.java:23
org.xdi.oxauth.client.RegisterResponse.getClientSecret
String getClientSecret()
Definition: RegisterResponse.java:160
org.xdi.oxauth.model.register.ApplicationType.WEB
WEB
Definition: ApplicationType.java:28
org.xdi.oxauth.client.AuthorizationResponse.getTokenType
TokenType getTokenType()
Definition: AuthorizationResponse.java:237
org.xdi.oxauth.client.UserInfoResponse.getClaim
List< String > getClaim(String claimName)
Definition: UserInfoResponse.java:109
org.xdi.oxauth.client.RegisterResponse.getClientId
String getClientId()
Definition: RegisterResponse.java:142
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.client.RegisterRequest.setResponseTypes
void setResponseTypes(List< ResponseType > responseTypes)
Definition: RegisterRequest.java:272
org.xdi.oxauth.client.RegisterRequest
Definition: RegisterRequest.java:37
org.xdi.oxauth.client.UserInfoClient
Definition: UserInfoClient.java:34
org.xdi.oxauth.BaseTest.userInfoEndpoint
String userInfoEndpoint
Definition: BaseTest.java:76
org.xdi.oxauth.client.AuthorizationRequest.setRequest
void setRequest(String request)
Definition: AuthorizationRequest.java:361
org.xdi.oxauth.model.common.ResponseType.TOKEN
TOKEN
Definition: ResponseType.java:43
org.xdi.oxauth.client.BaseResponse.getLocation
String getLocation()
Definition: BaseResponse.java:58
org.xdi.oxauth.client.BaseResponse.getStatus
int getStatus()
Definition: BaseResponse.java:49
org.xdi.oxauth.client.AuthorizationRequest
Definition: AuthorizationRequest.java:33
org.xdi.oxauth.model.register.ApplicationType
Definition: ApplicationType.java:12
org.xdi.oxauth.model.common.ResponseType
Definition: ResponseType.java:34
org.xdi.oxauth.client.AuthorizationRequest.setState
void setState(String state)
Definition: AuthorizationRequest.java:217
org.xdi.oxauth.client.RegisterResponse.getClientIdIssuedAt
Date getClientIdIssuedAt()
Definition: RegisterResponse.java:189
org.xdi.oxauth.BaseTest.authorizationEndpoint
String authorizationEndpoint
Definition: BaseTest.java:72
org.xdi.oxauth.client.UserInfoResponse
Definition: UserInfoResponse.java:20
org.xdi.oxauth.BaseTest.authenticateResourceOwnerAndGrantAccess
AuthorizationResponse authenticateResourceOwnerAndGrantAccess(String authorizeUrl, AuthorizationRequest authorizationRequest, String userId, String userSecret)
Definition: BaseTest.java:252
org.xdi.oxauth.client.AuthorizationResponse.getAccessToken
String getAccessToken()
Definition: AuthorizationResponse.java:185
org.xdi.oxauth.model.crypto.OxAuthCryptoProvider
Definition: OxAuthCryptoProvider.java:62
org.xdi.oxauth.client.RegisterResponse.getRegistrationAccessToken
String getRegistrationAccessToken()
Definition: RegisterResponse.java:173

◆ requestParameterMethod2()

void org.xdi.oxauth.ws.rs.OpenIDRequestObjectHttpTest.requestParameterMethod2 ( final String  userId,
final String  userSecret,
final String  redirectUris,
final String  redirectUri,
final String  sectorIdentifierUri 
) throws Exception
inline
137  {
138  showTitle("requestParameterMethod2");
139 
140  List<ResponseType> responseTypes = Arrays.asList(
141  ResponseType.TOKEN,
142  ResponseType.ID_TOKEN);
143 
144  // 1. Register client
145  RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
146  StringUtils.spaceSeparatedToList(redirectUris));
147  registerRequest.setResponseTypes(responseTypes);
148  registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
149 
150  RegisterClient registerClient = new RegisterClient(registrationEndpoint);
151  registerClient.setRequest(registerRequest);
152  RegisterResponse registerResponse = registerClient.exec();
153 
154  showClient(registerClient);
155  assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
156  assertNotNull(registerResponse.getClientId());
157  assertNotNull(registerResponse.getClientSecret());
158  assertNotNull(registerResponse.getRegistrationAccessToken());
159  assertNotNull(registerResponse.getClientIdIssuedAt());
160  assertNotNull(registerResponse.getClientSecretExpiresAt());
161 
162  String clientId = registerResponse.getClientId();
163  String clientSecret = registerResponse.getClientSecret();
164 
165  // 2. Request authorization
166  OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider();
167 
168  List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
169  String nonce = UUID.randomUUID().toString();
170  String state = UUID.randomUUID().toString();
171 
172  AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce);
173  authorizationRequest.setState(state);
174 
175  JwtAuthorizationRequest jwtAuthorizationRequest = new JwtAuthorizationRequest(
176  authorizationRequest, SignatureAlgorithm.HS256, clientSecret, cryptoProvider);
177  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.NAME, ClaimValue.createNull()));
178  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.NICKNAME, ClaimValue.createEssential(false)));
179  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.EMAIL, ClaimValue.createNull()));
180  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.EMAIL_VERIFIED, ClaimValue.createNull()));
181  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.PICTURE, ClaimValue.createEssential(false)));
182  jwtAuthorizationRequest.addIdTokenClaim(new Claim(JwtClaimName.AUTHENTICATION_TIME, ClaimValue.createNull()));
183  jwtAuthorizationRequest.addIdTokenClaim(new Claim(JwtClaimName.AUTHENTICATION_CONTEXT_CLASS_REFERENCE, ClaimValue.createValueList(new String[]{"2"})));
184  jwtAuthorizationRequest.getIdTokenMember().setMaxAge(86400);
185  String authJwt = jwtAuthorizationRequest.getEncodedJwt();
186  authorizationRequest.setRequest(authJwt);
187 
188  AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
189  authorizationEndpoint, authorizationRequest, userId, userSecret);
190 
191  assertNotNull(authorizationResponse.getLocation(), "The location is null");
192  assertNotNull(authorizationResponse.getAccessToken(), "The accessToken is null");
193  assertNotNull(authorizationResponse.getTokenType(), "The tokenType is null");
194  assertNotNull(authorizationResponse.getState(), "The state is null");
195 
196  String accessToken = authorizationResponse.getAccessToken();
197 
198  // 3. Request user info
199  UserInfoClient userInfoClient = new UserInfoClient(userInfoEndpoint);
200  UserInfoResponse response2 = userInfoClient.execUserInfo(accessToken);
201 
202  showClient(userInfoClient);
203  assertEquals(response2.getStatus(), 200, "Unexpected response code: " + response2.getStatus());
204  assertNotNull(response2.getClaim(JwtClaimName.SUBJECT_IDENTIFIER));
205  assertNotNull(response2.getClaim(JwtClaimName.NAME));
206  assertNotNull(response2.getClaim(JwtClaimName.GIVEN_NAME));
207  assertNotNull(response2.getClaim(JwtClaimName.FAMILY_NAME));
208  assertNotNull(response2.getClaim(JwtClaimName.EMAIL));
209  assertNotNull(response2.getClaim(JwtClaimName.ZONEINFO));
210  assertNotNull(response2.getClaim(JwtClaimName.LOCALE));
211  assertNotNull(response2.getClaim(JwtClaimName.ADDRESS));
212  }
org.xdi.oxauth.model.common.ResponseType.ID_TOKEN
ID_TOKEN
Definition: ResponseType.java:47
org.xdi.oxauth.BaseTest.registrationEndpoint
String registrationEndpoint
Definition: BaseTest.java:81
org.xdi.oxauth.client.RegisterClient
Definition: RegisterClient.java:34
org.xdi.oxauth.client.UserInfoClient.execUserInfo
UserInfoResponse execUserInfo(String accessToken)
Definition: UserInfoClient.java:66
org.xdi.oxauth.client.RegisterResponse
Definition: RegisterResponse.java:34
org.xdi.oxauth.client.AuthorizationResponse.getState
String getState()
Definition: AuthorizationResponse.java:314
org.xdi.oxauth.client.RegisterRequest.setSectorIdentifierUri
void setSectorIdentifierUri(String sectorIdentifierUri)
Definition: RegisterRequest.java:504
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm
Definition: SignatureAlgorithm.java:20
org.xdi.oxauth.BaseTest.showClient
static void showClient(BaseClient client)
Definition: BaseTest.java:775
org.xdi.oxauth.client.RegisterResponse.getClientSecretExpiresAt
Date getClientSecretExpiresAt()
Definition: RegisterResponse.java:205
org.xdi.oxauth.client.RegisterClient.exec
RegisterResponse exec()
Definition: RegisterClient.java:76
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm.HS256
HS256
Definition: SignatureAlgorithm.java:23
org.xdi.oxauth.client.RegisterResponse.getClientSecret
String getClientSecret()
Definition: RegisterResponse.java:160
org.xdi.oxauth.model.register.ApplicationType.WEB
WEB
Definition: ApplicationType.java:28
org.xdi.oxauth.client.AuthorizationResponse.getTokenType
TokenType getTokenType()
Definition: AuthorizationResponse.java:237
org.xdi.oxauth.client.UserInfoResponse.getClaim
List< String > getClaim(String claimName)
Definition: UserInfoResponse.java:109
org.xdi.oxauth.client.RegisterResponse.getClientId
String getClientId()
Definition: RegisterResponse.java:142
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.client.RegisterRequest.setResponseTypes
void setResponseTypes(List< ResponseType > responseTypes)
Definition: RegisterRequest.java:272
org.xdi.oxauth.client.RegisterRequest
Definition: RegisterRequest.java:37
org.xdi.oxauth.client.UserInfoClient
Definition: UserInfoClient.java:34
org.xdi.oxauth.BaseTest.userInfoEndpoint
String userInfoEndpoint
Definition: BaseTest.java:76
org.xdi.oxauth.client.AuthorizationRequest.setRequest
void setRequest(String request)
Definition: AuthorizationRequest.java:361
org.xdi.oxauth.model.common.ResponseType.TOKEN
TOKEN
Definition: ResponseType.java:43
org.xdi.oxauth.client.BaseResponse.getLocation
String getLocation()
Definition: BaseResponse.java:58
org.xdi.oxauth.client.BaseResponse.getStatus
int getStatus()
Definition: BaseResponse.java:49
org.xdi.oxauth.client.AuthorizationRequest
Definition: AuthorizationRequest.java:33
org.xdi.oxauth.model.register.ApplicationType
Definition: ApplicationType.java:12
org.xdi.oxauth.model.common.ResponseType
Definition: ResponseType.java:34
org.xdi.oxauth.client.AuthorizationRequest.setState
void setState(String state)
Definition: AuthorizationRequest.java:217
org.xdi.oxauth.client.RegisterResponse.getClientIdIssuedAt
Date getClientIdIssuedAt()
Definition: RegisterResponse.java:189
org.xdi.oxauth.BaseTest.authorizationEndpoint
String authorizationEndpoint
Definition: BaseTest.java:72
org.xdi.oxauth.client.UserInfoResponse
Definition: UserInfoResponse.java:20
org.xdi.oxauth.BaseTest.authenticateResourceOwnerAndGrantAccess
AuthorizationResponse authenticateResourceOwnerAndGrantAccess(String authorizeUrl, AuthorizationRequest authorizationRequest, String userId, String userSecret)
Definition: BaseTest.java:252
org.xdi.oxauth.client.AuthorizationResponse.getAccessToken
String getAccessToken()
Definition: AuthorizationResponse.java:185
org.xdi.oxauth.model.crypto.OxAuthCryptoProvider
Definition: OxAuthCryptoProvider.java:62
org.xdi.oxauth.client.RegisterResponse.getRegistrationAccessToken
String getRegistrationAccessToken()
Definition: RegisterResponse.java:173

◆ requestParameterMethod3()

void org.xdi.oxauth.ws.rs.OpenIDRequestObjectHttpTest.requestParameterMethod3 ( final String  userId,
final String  userSecret,
final String  redirectUris,
final String  redirectUri,
final String  sectorIdentifierUri 
) throws Exception
inline
218  {
219  showTitle("requestParameterMethod3");
220 
221  List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
222 
223  // 1. Register client
224  RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
225  StringUtils.spaceSeparatedToList(redirectUris));
226  registerRequest.setResponseTypes(responseTypes);
227  registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
228 
229  RegisterClient registerClient = new RegisterClient(registrationEndpoint);
230  registerClient.setRequest(registerRequest);
231  RegisterResponse registerResponse = registerClient.exec();
232 
233  showClient(registerClient);
234  assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
235  assertNotNull(registerResponse.getClientId());
236  assertNotNull(registerResponse.getClientSecret());
237  assertNotNull(registerResponse.getRegistrationAccessToken());
238  assertNotNull(registerResponse.getClientIdIssuedAt());
239  assertNotNull(registerResponse.getClientSecretExpiresAt());
240 
241  String clientId = registerResponse.getClientId();
242  String clientSecret = registerResponse.getClientSecret();
243 
244  // 2. Request authorization
245  OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider();
246 
247  List<String> scopes = Arrays.asList("openid");
248  String state = "STATE0";
249 
250  AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
251  authorizationRequest.setState(state);
252 
253  JwtAuthorizationRequest jwtAuthorizationRequest = new JwtAuthorizationRequest(
254  authorizationRequest, SignatureAlgorithm.HS256, clientSecret, cryptoProvider);
255  jwtAuthorizationRequest.addUserInfoClaim(new Claim("name", ClaimValue.createNull()));
256  jwtAuthorizationRequest.getIdTokenMember().setMaxAge(86400);
257  String authJwt = jwtAuthorizationRequest.getEncodedJwt();
258  authorizationRequest.setRequest(authJwt);
259 
260  AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
261  authorizationEndpoint, authorizationRequest, userId, userSecret);
262 
263  assertNotNull(authorizationResponse.getLocation(), "The location is null");
264  assertNotNull(authorizationResponse.getCode(), "The code is null");
265  }
org.xdi.oxauth.BaseTest.registrationEndpoint
String registrationEndpoint
Definition: BaseTest.java:81
org.xdi.oxauth.client.RegisterClient
Definition: RegisterClient.java:34
org.xdi.oxauth.model.common.ResponseType.CODE
CODE
Definition: ResponseType.java:39
org.xdi.oxauth.client.AuthorizationResponse.getCode
String getCode()
Definition: AuthorizationResponse.java:167
org.xdi.oxauth.client.RegisterResponse
Definition: RegisterResponse.java:34
org.xdi.oxauth.client.RegisterRequest.setSectorIdentifierUri
void setSectorIdentifierUri(String sectorIdentifierUri)
Definition: RegisterRequest.java:504
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm
Definition: SignatureAlgorithm.java:20
org.xdi.oxauth.BaseTest.showClient
static void showClient(BaseClient client)
Definition: BaseTest.java:775
org.xdi.oxauth.client.RegisterResponse.getClientSecretExpiresAt
Date getClientSecretExpiresAt()
Definition: RegisterResponse.java:205
org.xdi.oxauth.client.RegisterClient.exec
RegisterResponse exec()
Definition: RegisterClient.java:76
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm.HS256
HS256
Definition: SignatureAlgorithm.java:23
org.xdi.oxauth.client.RegisterResponse.getClientSecret
String getClientSecret()
Definition: RegisterResponse.java:160
org.xdi.oxauth.model.register.ApplicationType.WEB
WEB
Definition: ApplicationType.java:28
org.xdi.oxauth.client.RegisterResponse.getClientId
String getClientId()
Definition: RegisterResponse.java:142
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.client.RegisterRequest.setResponseTypes
void setResponseTypes(List< ResponseType > responseTypes)
Definition: RegisterRequest.java:272
org.xdi.oxauth.client.RegisterRequest
Definition: RegisterRequest.java:37
org.xdi.oxauth.client.AuthorizationRequest.setRequest
void setRequest(String request)
Definition: AuthorizationRequest.java:361
org.xdi.oxauth.client.BaseResponse.getLocation
String getLocation()
Definition: BaseResponse.java:58
org.xdi.oxauth.client.AuthorizationRequest
Definition: AuthorizationRequest.java:33
org.xdi.oxauth.model.register.ApplicationType
Definition: ApplicationType.java:12
org.xdi.oxauth.model.common.ResponseType
Definition: ResponseType.java:34
org.xdi.oxauth.client.AuthorizationRequest.setState
void setState(String state)
Definition: AuthorizationRequest.java:217
org.xdi.oxauth.client.RegisterResponse.getClientIdIssuedAt
Date getClientIdIssuedAt()
Definition: RegisterResponse.java:189
org.xdi.oxauth.BaseTest.authorizationEndpoint
String authorizationEndpoint
Definition: BaseTest.java:72
org.xdi.oxauth.BaseTest.authenticateResourceOwnerAndGrantAccess
AuthorizationResponse authenticateResourceOwnerAndGrantAccess(String authorizeUrl, AuthorizationRequest authorizationRequest, String userId, String userSecret)
Definition: BaseTest.java:252
org.xdi.oxauth.model.crypto.OxAuthCryptoProvider
Definition: OxAuthCryptoProvider.java:62
org.xdi.oxauth.client.RegisterResponse.getRegistrationAccessToken
String getRegistrationAccessToken()
Definition: RegisterResponse.java:173

◆ requestParameterMethod4()

void org.xdi.oxauth.ws.rs.OpenIDRequestObjectHttpTest.requestParameterMethod4 ( final String  userId,
final String  userSecret,
final String  redirectUris,
final String  redirectUri,
final String  sectorIdentifierUri 
) throws Exception
inline
271  {
272  showTitle("requestParameterMethod4");
273 
274  List<ResponseType> responseTypes = Arrays.asList(ResponseType.TOKEN);
275 
276  // 1. Register client
277  RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
278  StringUtils.spaceSeparatedToList(redirectUris));
279  registerRequest.setResponseTypes(responseTypes);
280  registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
281 
282  RegisterClient registerClient = new RegisterClient(registrationEndpoint);
283  registerClient.setRequest(registerRequest);
284  RegisterResponse registerResponse = registerClient.exec();
285 
286  showClient(registerClient);
287  assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
288  assertNotNull(registerResponse.getClientId());
289  assertNotNull(registerResponse.getClientSecret());
290  assertNotNull(registerResponse.getRegistrationAccessToken());
291  assertNotNull(registerResponse.getClientIdIssuedAt());
292  assertNotNull(registerResponse.getClientSecretExpiresAt());
293 
294  String clientId = registerResponse.getClientId();
295  String clientSecret = registerResponse.getClientSecret();
296 
297  // 2. Request authorization
298  OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider();
299 
300  List<String> scopes = Arrays.asList("openid");
301  String state = UUID.randomUUID().toString();
302  String nonce = UUID.randomUUID().toString();
303 
304  AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce);
305  authorizationRequest.setState(state);
306 
307  JwtAuthorizationRequest jwtAuthorizationRequest = new JwtAuthorizationRequest(
308  authorizationRequest, SignatureAlgorithm.HS384, clientSecret, cryptoProvider);
309  jwtAuthorizationRequest.addIdTokenClaim(new Claim(JwtClaimName.SUBJECT_IDENTIFIER, ClaimValue.createSingleValue(userId)));
310  String authJwt = jwtAuthorizationRequest.getEncodedJwt();
311  authorizationRequest.setRequest(authJwt);
312 
313  AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
314  authorizationEndpoint, authorizationRequest, userId, userSecret);
315 
316  assertNotNull(authorizationResponse.getLocation(), "The location is null");
317  assertNotNull(authorizationResponse.getAccessToken(), "The accessToken is null");
318  assertNotNull(authorizationResponse.getTokenType(), "The tokenType is null");
319  assertNotNull(authorizationResponse.getState(), "The state is null");
320  }
org.xdi.oxauth.BaseTest.registrationEndpoint
String registrationEndpoint
Definition: BaseTest.java:81
org.xdi.oxauth.client.RegisterClient
Definition: RegisterClient.java:34
org.xdi.oxauth.client.RegisterResponse
Definition: RegisterResponse.java:34
org.xdi.oxauth.client.AuthorizationResponse.getState
String getState()
Definition: AuthorizationResponse.java:314
org.xdi.oxauth.client.RegisterRequest.setSectorIdentifierUri
void setSectorIdentifierUri(String sectorIdentifierUri)
Definition: RegisterRequest.java:504
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm
Definition: SignatureAlgorithm.java:20
org.xdi.oxauth.BaseTest.showClient
static void showClient(BaseClient client)
Definition: BaseTest.java:775
org.xdi.oxauth.client.RegisterResponse.getClientSecretExpiresAt
Date getClientSecretExpiresAt()
Definition: RegisterResponse.java:205
org.xdi.oxauth.client.RegisterClient.exec
RegisterResponse exec()
Definition: RegisterClient.java:76
org.xdi.oxauth.client.RegisterResponse.getClientSecret
String getClientSecret()
Definition: RegisterResponse.java:160
org.xdi.oxauth.model.register.ApplicationType.WEB
WEB
Definition: ApplicationType.java:28
org.xdi.oxauth.client.AuthorizationResponse.getTokenType
TokenType getTokenType()
Definition: AuthorizationResponse.java:237
org.xdi.oxauth.client.RegisterResponse.getClientId
String getClientId()
Definition: RegisterResponse.java:142
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.client.RegisterRequest.setResponseTypes
void setResponseTypes(List< ResponseType > responseTypes)
Definition: RegisterRequest.java:272
org.xdi.oxauth.client.RegisterRequest
Definition: RegisterRequest.java:37
org.xdi.oxauth.client.AuthorizationRequest.setRequest
void setRequest(String request)
Definition: AuthorizationRequest.java:361
org.xdi.oxauth.model.common.ResponseType.TOKEN
TOKEN
Definition: ResponseType.java:43
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm.HS384
HS384
Definition: SignatureAlgorithm.java:24
org.xdi.oxauth.client.BaseResponse.getLocation
String getLocation()
Definition: BaseResponse.java:58
org.xdi.oxauth.client.AuthorizationRequest
Definition: AuthorizationRequest.java:33
org.xdi.oxauth.model.register.ApplicationType
Definition: ApplicationType.java:12
org.xdi.oxauth.model.common.ResponseType
Definition: ResponseType.java:34
org.xdi.oxauth.client.AuthorizationRequest.setState
void setState(String state)
Definition: AuthorizationRequest.java:217
org.xdi.oxauth.client.RegisterResponse.getClientIdIssuedAt
Date getClientIdIssuedAt()
Definition: RegisterResponse.java:189
org.xdi.oxauth.BaseTest.authorizationEndpoint
String authorizationEndpoint
Definition: BaseTest.java:72
org.xdi.oxauth.BaseTest.authenticateResourceOwnerAndGrantAccess
AuthorizationResponse authenticateResourceOwnerAndGrantAccess(String authorizeUrl, AuthorizationRequest authorizationRequest, String userId, String userSecret)
Definition: BaseTest.java:252
org.xdi.oxauth.client.AuthorizationResponse.getAccessToken
String getAccessToken()
Definition: AuthorizationResponse.java:185
org.xdi.oxauth.model.crypto.OxAuthCryptoProvider
Definition: OxAuthCryptoProvider.java:62
org.xdi.oxauth.client.RegisterResponse.getRegistrationAccessToken
String getRegistrationAccessToken()
Definition: RegisterResponse.java:173

◆ requestParameterMethod5()

void org.xdi.oxauth.ws.rs.OpenIDRequestObjectHttpTest.requestParameterMethod5 ( final String  userId,
final String  userSecret,
final String  redirectUris,
final String  redirectUri,
final String  sectorIdentifierUri 
) throws Exception
inline
326  {
327  showTitle("requestParameterMethod5");
328 
329  List<ResponseType> responseTypes = Arrays.asList(ResponseType.TOKEN);
330 
331  // 1. Register client
332  RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
333  StringUtils.spaceSeparatedToList(redirectUris));
334  registerRequest.setResponseTypes(responseTypes);
335  registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
336 
337  RegisterClient registerClient = new RegisterClient(registrationEndpoint);
338  registerClient.setRequest(registerRequest);
339  RegisterResponse registerResponse = registerClient.exec();
340 
341  showClient(registerClient);
342  assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
343  assertNotNull(registerResponse.getClientId());
344  assertNotNull(registerResponse.getClientSecret());
345  assertNotNull(registerResponse.getRegistrationAccessToken());
346  assertNotNull(registerResponse.getClientIdIssuedAt());
347  assertNotNull(registerResponse.getClientSecretExpiresAt());
348 
349  String clientId = registerResponse.getClientId();
350  String clientSecret = registerResponse.getClientSecret();
351 
352  // 2. Request authorization
353  OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider();
354 
355  List<String> scopes = Arrays.asList("openid");
356  String state = UUID.randomUUID().toString();
357  String nonce = UUID.randomUUID().toString();
358 
359  AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce);
360  authorizationRequest.setState(state);
361 
362  JwtAuthorizationRequest jwtAuthorizationRequest = new JwtAuthorizationRequest(
363  authorizationRequest, SignatureAlgorithm.HS512, clientSecret, cryptoProvider);
364  jwtAuthorizationRequest.addIdTokenClaim(new Claim(JwtClaimName.SUBJECT_IDENTIFIER, ClaimValue.createSingleValue(userId)));
365  String authJwt = jwtAuthorizationRequest.getEncodedJwt();
366  authorizationRequest.setRequest(authJwt);
367 
368  AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
369  authorizationEndpoint, authorizationRequest, userId, userSecret);
370 
371  assertNotNull(authorizationResponse.getLocation(), "The location is null");
372  assertNotNull(authorizationResponse.getAccessToken(), "The accessToken is null");
373  assertNotNull(authorizationResponse.getTokenType(), "The tokenType is null");
374  assertNotNull(authorizationResponse.getState(), "The state is null");
375  }
org.xdi.oxauth.BaseTest.registrationEndpoint
String registrationEndpoint
Definition: BaseTest.java:81
org.xdi.oxauth.client.RegisterClient
Definition: RegisterClient.java:34
org.xdi.oxauth.client.RegisterResponse
Definition: RegisterResponse.java:34
org.xdi.oxauth.client.AuthorizationResponse.getState
String getState()
Definition: AuthorizationResponse.java:314
org.xdi.oxauth.client.RegisterRequest.setSectorIdentifierUri
void setSectorIdentifierUri(String sectorIdentifierUri)
Definition: RegisterRequest.java:504
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm
Definition: SignatureAlgorithm.java:20
org.xdi.oxauth.BaseTest.showClient
static void showClient(BaseClient client)
Definition: BaseTest.java:775
org.xdi.oxauth.client.RegisterResponse.getClientSecretExpiresAt
Date getClientSecretExpiresAt()
Definition: RegisterResponse.java:205
org.xdi.oxauth.client.RegisterClient.exec
RegisterResponse exec()
Definition: RegisterClient.java:76
org.xdi.oxauth.client.RegisterResponse.getClientSecret
String getClientSecret()
Definition: RegisterResponse.java:160
org.xdi.oxauth.model.register.ApplicationType.WEB
WEB
Definition: ApplicationType.java:28
org.xdi.oxauth.client.AuthorizationResponse.getTokenType
TokenType getTokenType()
Definition: AuthorizationResponse.java:237
org.xdi.oxauth.client.RegisterResponse.getClientId
String getClientId()
Definition: RegisterResponse.java:142
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.client.RegisterRequest.setResponseTypes
void setResponseTypes(List< ResponseType > responseTypes)
Definition: RegisterRequest.java:272
org.xdi.oxauth.client.RegisterRequest
Definition: RegisterRequest.java:37
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm.HS512
HS512
Definition: SignatureAlgorithm.java:25
org.xdi.oxauth.client.AuthorizationRequest.setRequest
void setRequest(String request)
Definition: AuthorizationRequest.java:361
org.xdi.oxauth.model.common.ResponseType.TOKEN
TOKEN
Definition: ResponseType.java:43
org.xdi.oxauth.client.BaseResponse.getLocation
String getLocation()
Definition: BaseResponse.java:58
org.xdi.oxauth.client.AuthorizationRequest
Definition: AuthorizationRequest.java:33
org.xdi.oxauth.model.register.ApplicationType
Definition: ApplicationType.java:12
org.xdi.oxauth.model.common.ResponseType
Definition: ResponseType.java:34
org.xdi.oxauth.client.AuthorizationRequest.setState
void setState(String state)
Definition: AuthorizationRequest.java:217
org.xdi.oxauth.client.RegisterResponse.getClientIdIssuedAt
Date getClientIdIssuedAt()
Definition: RegisterResponse.java:189
org.xdi.oxauth.BaseTest.authorizationEndpoint
String authorizationEndpoint
Definition: BaseTest.java:72
org.xdi.oxauth.BaseTest.authenticateResourceOwnerAndGrantAccess
AuthorizationResponse authenticateResourceOwnerAndGrantAccess(String authorizeUrl, AuthorizationRequest authorizationRequest, String userId, String userSecret)
Definition: BaseTest.java:252
org.xdi.oxauth.client.AuthorizationResponse.getAccessToken
String getAccessToken()
Definition: AuthorizationResponse.java:185
org.xdi.oxauth.model.crypto.OxAuthCryptoProvider
Definition: OxAuthCryptoProvider.java:62
org.xdi.oxauth.client.RegisterResponse.getRegistrationAccessToken
String getRegistrationAccessToken()
Definition: RegisterResponse.java:173

◆ requestParameterMethod6()

void org.xdi.oxauth.ws.rs.OpenIDRequestObjectHttpTest.requestParameterMethod6 ( final String  userId,
final String  userSecret,
final String  redirectUris,
final String  redirectUri,
final String  sectorIdentifierUri 
) throws Exception
inline
381  {
382  showTitle("requestParameterMethod6");
383 
384  List<ResponseType> responseTypes = Arrays.asList(ResponseType.TOKEN);
385 
386  // 1. Register client
387  RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
388  StringUtils.spaceSeparatedToList(redirectUris));
389  registerRequest.setResponseTypes(responseTypes);
390  registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
391  registerRequest.setClaims(Arrays.asList(
392  JwtClaimName.NAME));
393 
394  RegisterClient registerClient = new RegisterClient(registrationEndpoint);
395  registerClient.setRequest(registerRequest);
396  RegisterResponse registerResponse = registerClient.exec();
397 
398  showClient(registerClient);
399  assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
400  assertNotNull(registerResponse.getClientId());
401  assertNotNull(registerResponse.getClientSecret());
402  assertNotNull(registerResponse.getRegistrationAccessToken());
403  assertNotNull(registerResponse.getClientIdIssuedAt());
404  assertNotNull(registerResponse.getClientSecretExpiresAt());
405 
406  String clientId = registerResponse.getClientId();
407  String clientSecret = registerResponse.getClientSecret();
408 
409  // 2. Request authorization
410  OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider();
411 
412  List<String> scopes = Arrays.asList("openid");
413  String nonce = UUID.randomUUID().toString();
414  String state = UUID.randomUUID().toString();
415 
416  AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce);
417  authorizationRequest.setState(state);
418 
419  JwtAuthorizationRequest jwtAuthorizationRequest = new JwtAuthorizationRequest(authorizationRequest, SignatureAlgorithm.HS256, clientSecret, cryptoProvider);
420  jwtAuthorizationRequest.getIdTokenMember().setMaxAge(86400);
421  jwtAuthorizationRequest.addUserInfoClaim(new Claim("name", ClaimValue.createEssential(true)));
422  String authJwt = jwtAuthorizationRequest.getEncodedJwt();
423  authorizationRequest.setRequest(authJwt);
424 
425  AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
426  authorizationEndpoint, authorizationRequest, userId, userSecret);
427 
428  assertNotNull(authorizationResponse.getLocation(), "The location is null");
429  assertNotNull(authorizationResponse.getAccessToken(), "The accessToken is null");
430  assertNotNull(authorizationResponse.getTokenType(), "The tokenType is null");
431  assertNotNull(authorizationResponse.getState(), "The state is null");
432 
433  String accessToken = authorizationResponse.getAccessToken();
434 
435  // 3. Request user info
436  UserInfoClient userInfoClient = new UserInfoClient(userInfoEndpoint);
437  UserInfoResponse userInfoResponse = userInfoClient.execUserInfo(accessToken);
438 
439  showClient(userInfoClient);
440  assertEquals(userInfoResponse.getStatus(), 200, "Unexpected response code: " + userInfoResponse.getStatus());
441  assertNotNull(userInfoResponse.getClaim(JwtClaimName.SUBJECT_IDENTIFIER));
442  assertNotNull(userInfoResponse.getClaim(JwtClaimName.NAME));
443  }
org.xdi.oxauth.BaseTest.registrationEndpoint
String registrationEndpoint
Definition: BaseTest.java:81
org.xdi.oxauth.client.RegisterClient
Definition: RegisterClient.java:34
org.xdi.oxauth.client.RegisterRequest.setClaims
void setClaims(List< String > claims)
Definition: RegisterRequest.java:903
org.xdi.oxauth.client.UserInfoClient.execUserInfo
UserInfoResponse execUserInfo(String accessToken)
Definition: UserInfoClient.java:66
org.xdi.oxauth.client.RegisterResponse
Definition: RegisterResponse.java:34
org.xdi.oxauth.client.AuthorizationResponse.getState
String getState()
Definition: AuthorizationResponse.java:314
org.xdi.oxauth.client.RegisterRequest.setSectorIdentifierUri
void setSectorIdentifierUri(String sectorIdentifierUri)
Definition: RegisterRequest.java:504
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm
Definition: SignatureAlgorithm.java:20
org.xdi.oxauth.BaseTest.showClient
static void showClient(BaseClient client)
Definition: BaseTest.java:775
org.xdi.oxauth.client.RegisterResponse.getClientSecretExpiresAt
Date getClientSecretExpiresAt()
Definition: RegisterResponse.java:205
org.xdi.oxauth.client.RegisterClient.exec
RegisterResponse exec()
Definition: RegisterClient.java:76
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm.HS256
HS256
Definition: SignatureAlgorithm.java:23
org.xdi.oxauth.client.RegisterResponse.getClientSecret
String getClientSecret()
Definition: RegisterResponse.java:160
org.xdi.oxauth.model.register.ApplicationType.WEB
WEB
Definition: ApplicationType.java:28
org.xdi.oxauth.client.AuthorizationResponse.getTokenType
TokenType getTokenType()
Definition: AuthorizationResponse.java:237
org.xdi.oxauth.client.UserInfoResponse.getClaim
List< String > getClaim(String claimName)
Definition: UserInfoResponse.java:109
org.xdi.oxauth.client.RegisterResponse.getClientId
String getClientId()
Definition: RegisterResponse.java:142
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.client.RegisterRequest.setResponseTypes
void setResponseTypes(List< ResponseType > responseTypes)
Definition: RegisterRequest.java:272
org.xdi.oxauth.client.RegisterRequest
Definition: RegisterRequest.java:37
org.xdi.oxauth.client.UserInfoClient
Definition: UserInfoClient.java:34
org.xdi.oxauth.BaseTest.userInfoEndpoint
String userInfoEndpoint
Definition: BaseTest.java:76
org.xdi.oxauth.client.AuthorizationRequest.setRequest
void setRequest(String request)
Definition: AuthorizationRequest.java:361
org.xdi.oxauth.model.common.ResponseType.TOKEN
TOKEN
Definition: ResponseType.java:43
org.xdi.oxauth.client.BaseResponse.getLocation
String getLocation()
Definition: BaseResponse.java:58
org.xdi.oxauth.client.BaseResponse.getStatus
int getStatus()
Definition: BaseResponse.java:49
org.xdi.oxauth.client.AuthorizationRequest
Definition: AuthorizationRequest.java:33
org.xdi.oxauth.model.register.ApplicationType
Definition: ApplicationType.java:12
org.xdi.oxauth.model.common.ResponseType
Definition: ResponseType.java:34
org.xdi.oxauth.client.AuthorizationRequest.setState
void setState(String state)
Definition: AuthorizationRequest.java:217
org.xdi.oxauth.client.RegisterResponse.getClientIdIssuedAt
Date getClientIdIssuedAt()
Definition: RegisterResponse.java:189
org.xdi.oxauth.BaseTest.authorizationEndpoint
String authorizationEndpoint
Definition: BaseTest.java:72
org.xdi.oxauth.client.UserInfoResponse
Definition: UserInfoResponse.java:20
org.xdi.oxauth.BaseTest.authenticateResourceOwnerAndGrantAccess
AuthorizationResponse authenticateResourceOwnerAndGrantAccess(String authorizeUrl, AuthorizationRequest authorizationRequest, String userId, String userSecret)
Definition: BaseTest.java:252
org.xdi.oxauth.client.AuthorizationResponse.getAccessToken
String getAccessToken()
Definition: AuthorizationResponse.java:185
org.xdi.oxauth.model.crypto.OxAuthCryptoProvider
Definition: OxAuthCryptoProvider.java:62
org.xdi.oxauth.client.RegisterResponse.getRegistrationAccessToken
String getRegistrationAccessToken()
Definition: RegisterResponse.java:173

◆ requestParameterMethodAlgA128KWEncA128GCM()

void org.xdi.oxauth.ws.rs.OpenIDRequestObjectHttpTest.requestParameterMethodAlgA128KWEncA128GCM ( final String  userId,
final String  userSecret,
final String  redirectUri,
final String  redirectUris,
final String  sectorIdentifierUri 
)
inline
2452  {
2453  try {
2454  showTitle("requestParameterMethodAlgA128KWEncA128GCM");
2455 
2456  List<ResponseType> responseTypes = Arrays.asList(ResponseType.TOKEN, ResponseType.ID_TOKEN);
2457 
2458  // 1. Dynamic Client Registration
2459  RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
2460  StringUtils.spaceSeparatedToList(redirectUris));
2461  registerRequest.setResponseTypes(responseTypes);
2462  registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");
2463  registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
2464 
2465  RegisterClient registerClient = new RegisterClient(registrationEndpoint);
2466  registerClient.setRequest(registerRequest);
2467  RegisterResponse response = registerClient.exec();
2468 
2469  showClient(registerClient);
2470  assertEquals(response.getStatus(), 200, "Unexpected response code: " + response.getEntity());
2471  assertNotNull(response.getClientId());
2472  assertNotNull(response.getClientSecret());
2473  assertNotNull(response.getRegistrationAccessToken());
2474  assertNotNull(response.getClientSecretExpiresAt());
2475 
2476  String clientId = response.getClientId();
2477  String clientSecret = response.getClientSecret();
2478 
2479  // 2. Request authorization
2480  List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
2481  String nonce = UUID.randomUUID().toString();
2482  String state = UUID.randomUUID().toString();
2483 
2484  AuthorizationRequest request = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce);
2485  request.setState(state);
2486  request.setAuthUsername(userId);
2487  request.setAuthPassword(userSecret);
2488  request.getPrompts().add(Prompt.NONE);
2489 
2490  JwtAuthorizationRequest jwtAuthorizationRequest = new JwtAuthorizationRequest(
2491  request, KeyEncryptionAlgorithm.A128KW, BlockEncryptionAlgorithm.A128GCM, clientSecret);
2492  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.NAME, ClaimValue.createNull()));
2493  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.NICKNAME, ClaimValue.createEssential(false)));
2494  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.EMAIL, ClaimValue.createNull()));
2495  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.EMAIL_VERIFIED, ClaimValue.createNull()));
2496  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.PICTURE, ClaimValue.createEssential(false)));
2497  jwtAuthorizationRequest.addIdTokenClaim(new Claim(JwtClaimName.AUTHENTICATION_TIME, ClaimValue.createNull()));
2498  jwtAuthorizationRequest.addIdTokenClaim(new Claim(JwtClaimName.AUTHENTICATION_CONTEXT_CLASS_REFERENCE, ClaimValue.createValueList(new String[]{"2"})));
2499  jwtAuthorizationRequest.getIdTokenMember().setMaxAge(86400);
2500  String authJwt = jwtAuthorizationRequest.getEncodedJwt();
2501  request.setRequest(authJwt);
2502 
2503  AuthorizeClient authorizeClient = new AuthorizeClient(authorizationEndpoint);
2504  authorizeClient.setRequest(request);
2505  AuthorizationResponse response1 = authorizeClient.exec();
2506 
2507  showClient(authorizeClient);
2508  assertEquals(response1.getStatus(), 302, "Unexpected response code: " + response1.getStatus());
2509  assertNotNull(response1.getLocation(), "The location is null");
2510  assertNotNull(response1.getAccessToken(), "The accessToken is null");
2511  assertNotNull(response1.getTokenType(), "The tokenType is null");
2512  assertNotNull(response1.getIdToken(), "The idToken is null");
2513  assertNotNull(response1.getState(), "The state is null");
2514 
2515  String accessToken = response1.getAccessToken();
2516 
2517  // 3. Request user info
2518  UserInfoClient userInfoClient = new UserInfoClient(userInfoEndpoint);
2519  UserInfoResponse response3 = userInfoClient.execUserInfo(accessToken);
2520 
2521  showClient(userInfoClient);
2522  assertEquals(response3.getStatus(), 200, "Unexpected response code: " + response3.getStatus());
2523  assertNotNull(response3.getClaim(JwtClaimName.SUBJECT_IDENTIFIER));
2524  assertNotNull(response3.getClaim(JwtClaimName.NAME));
2525  assertNotNull(response3.getClaim(JwtClaimName.GIVEN_NAME));
2526  assertNotNull(response3.getClaim(JwtClaimName.FAMILY_NAME));
2527  assertNotNull(response3.getClaim(JwtClaimName.EMAIL));
2528  assertNotNull(response3.getClaim(JwtClaimName.ZONEINFO));
2529  assertNotNull(response3.getClaim(JwtClaimName.LOCALE));
2530  assertNotNull(response3.getClaim(JwtClaimName.ADDRESS));
2531  } catch (Exception e) {
2532  fail(e.getMessage(), e);
2533  }
2534  }
org.xdi.oxauth.model.common.ResponseType.ID_TOKEN
ID_TOKEN
Definition: ResponseType.java:47
org.xdi.oxauth.BaseTest.registrationEndpoint
String registrationEndpoint
Definition: BaseTest.java:81
org.xdi.oxauth.client.RegisterClient
Definition: RegisterClient.java:34
org.xdi.oxauth.client.AuthorizationResponse.getIdToken
String getIdToken()
Definition: AuthorizationResponse.java:295
org.xdi.oxauth.client.UserInfoClient.execUserInfo
UserInfoResponse execUserInfo(String accessToken)
Definition: UserInfoClient.java:66
org.xdi.oxauth.client.BaseRequest.setAuthUsername
void setAuthUsername(String authUsername)
Definition: BaseRequest.java:62
org.xdi.oxauth.client.RegisterResponse
Definition: RegisterResponse.java:34
org.xdi.oxauth.client.AuthorizationRequest.getPrompts
List< Prompt > getPrompts()
Definition: AuthorizationRequest.java:275
org.xdi.oxauth.client.AuthorizationResponse.getState
String getState()
Definition: AuthorizationResponse.java:314
org.xdi.oxauth.client.AuthorizeClient.exec
AuthorizationResponse exec()
Definition: AuthorizeClient.java:167
org.xdi.oxauth.client.RegisterRequest.setSectorIdentifierUri
void setSectorIdentifierUri(String sectorIdentifierUri)
Definition: RegisterRequest.java:504
org.xdi.oxauth.BaseTest.showClient
static void showClient(BaseClient client)
Definition: BaseTest.java:775
org.xdi.oxauth.client.RegisterResponse.getClientSecretExpiresAt
Date getClientSecretExpiresAt()
Definition: RegisterResponse.java:205
org.xdi.oxauth.client.RegisterClient.exec
RegisterResponse exec()
Definition: RegisterClient.java:76
org.xdi.oxauth.client.BaseRequest.setAuthPassword
void setAuthPassword(String authPassword)
Definition: BaseRequest.java:70
org.xdi.oxauth.client.AuthorizeClient
Definition: AuthorizeClient.java:29
org.xdi.oxauth.model.crypto.encryption.KeyEncryptionAlgorithm
Definition: KeyEncryptionAlgorithm.java:12
org.xdi.oxauth.client.RegisterResponse.getClientSecret
String getClientSecret()
Definition: RegisterResponse.java:160
org.xdi.oxauth.model.register.ApplicationType.WEB
WEB
Definition: ApplicationType.java:28
org.xdi.oxauth.model.common.Prompt.NONE
NONE
Definition: Prompt.java:27
org.xdi.oxauth.client.AuthorizationResponse.getTokenType
TokenType getTokenType()
Definition: AuthorizationResponse.java:237
org.xdi.oxauth.client.UserInfoResponse.getClaim
List< String > getClaim(String claimName)
Definition: UserInfoResponse.java:109
org.xdi.oxauth.client.RegisterResponse.getClientId
String getClientId()
Definition: RegisterResponse.java:142
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.model.crypto.encryption.KeyEncryptionAlgorithm.A128KW
A128KW
Definition: KeyEncryptionAlgorithm.java:16
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.client.RegisterRequest.setResponseTypes
void setResponseTypes(List< ResponseType > responseTypes)
Definition: RegisterRequest.java:272
org.xdi.oxauth.client.RegisterRequest
Definition: RegisterRequest.java:37
org.xdi.oxauth.model.crypto.encryption.BlockEncryptionAlgorithm
Definition: BlockEncryptionAlgorithm.java:12
org.xdi.oxauth.model.common.Prompt
Definition: Prompt.java:18
org.xdi.oxauth.model.crypto.encryption.BlockEncryptionAlgorithm.A128GCM
A128GCM
Definition: BlockEncryptionAlgorithm.java:16
org.xdi.oxauth.client.UserInfoClient
Definition: UserInfoClient.java:34
org.xdi.oxauth.BaseTest.userInfoEndpoint
String userInfoEndpoint
Definition: BaseTest.java:76
org.xdi.oxauth.client.AuthorizationRequest.setRequest
void setRequest(String request)
Definition: AuthorizationRequest.java:361
org.xdi.oxauth.model.common.ResponseType.TOKEN
TOKEN
Definition: ResponseType.java:43
org.xdi.oxauth.client.BaseResponse.getLocation
String getLocation()
Definition: BaseResponse.java:58
org.xdi.oxauth.client.BaseResponse.getStatus
int getStatus()
Definition: BaseResponse.java:49
org.xdi.oxauth.client.AuthorizationRequest
Definition: AuthorizationRequest.java:33
org.xdi.oxauth.model.register.ApplicationType
Definition: ApplicationType.java:12
org.xdi.oxauth.model.common.ResponseType
Definition: ResponseType.java:34
org.xdi.oxauth.client.AuthorizationRequest.setState
void setState(String state)
Definition: AuthorizationRequest.java:217
org.xdi.oxauth.BaseTest.authorizationEndpoint
String authorizationEndpoint
Definition: BaseTest.java:72
org.xdi.oxauth.client.UserInfoResponse
Definition: UserInfoResponse.java:20
org.xdi.oxauth.client.AuthorizationResponse.getAccessToken
String getAccessToken()
Definition: AuthorizationResponse.java:185
org.xdi.oxauth.client.RegisterRequest.addCustomAttribute
void addCustomAttribute(String p_name, String p_value)
Definition: RegisterRequest.java:925
org.xdi.oxauth.client.RegisterResponse.getRegistrationAccessToken
String getRegistrationAccessToken()
Definition: RegisterResponse.java:173

◆ requestParameterMethodAlgA256KWEncA256GCM()

void org.xdi.oxauth.ws.rs.OpenIDRequestObjectHttpTest.requestParameterMethodAlgA256KWEncA256GCM ( final String  userId,
final String  userSecret,
final String  redirectUri,
final String  redirectUris,
final String  sectorIdentifierUri 
)
inline
2540  {
2541  try {
2542  showTitle("requestParameterMethodAlgA256KWEncA256GCM");
2543 
2544  List<ResponseType> responseTypes = Arrays.asList(ResponseType.TOKEN, ResponseType.ID_TOKEN);
2545 
2546  // 1. Dynamic Client Registration
2547  RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
2548  StringUtils.spaceSeparatedToList(redirectUris));
2549  registerRequest.setResponseTypes(responseTypes);
2550  registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");
2551  registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
2552 
2553  RegisterClient registerClient = new RegisterClient(registrationEndpoint);
2554  registerClient.setRequest(registerRequest);
2555  RegisterResponse response = registerClient.exec();
2556 
2557  showClient(registerClient);
2558  assertEquals(response.getStatus(), 200, "Unexpected response code: " + response.getEntity());
2559  assertNotNull(response.getClientId());
2560  assertNotNull(response.getClientSecret());
2561  assertNotNull(response.getRegistrationAccessToken());
2562  assertNotNull(response.getClientSecretExpiresAt());
2563 
2564  String clientId = response.getClientId();
2565  String clientSecret = response.getClientSecret();
2566 
2567  // 2. Request authorization
2568  List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
2569  String nonce = UUID.randomUUID().toString();
2570  String state = UUID.randomUUID().toString();
2571 
2572  AuthorizationRequest request = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce);
2573  request.setState(state);
2574  request.setAuthUsername(userId);
2575  request.setAuthPassword(userSecret);
2576  request.getPrompts().add(Prompt.NONE);
2577 
2578  JwtAuthorizationRequest jwtAuthorizationRequest = new JwtAuthorizationRequest(
2579  request, KeyEncryptionAlgorithm.A256KW, BlockEncryptionAlgorithm.A256GCM, clientSecret);
2580  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.NAME, ClaimValue.createNull()));
2581  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.NICKNAME, ClaimValue.createEssential(false)));
2582  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.EMAIL, ClaimValue.createNull()));
2583  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.EMAIL_VERIFIED, ClaimValue.createNull()));
2584  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.PICTURE, ClaimValue.createEssential(false)));
2585  jwtAuthorizationRequest.addIdTokenClaim(new Claim(JwtClaimName.AUTHENTICATION_TIME, ClaimValue.createNull()));
2586  jwtAuthorizationRequest.addIdTokenClaim(new Claim(JwtClaimName.AUTHENTICATION_CONTEXT_CLASS_REFERENCE, ClaimValue.createValueList(new String[]{"2"})));
2587  jwtAuthorizationRequest.getIdTokenMember().setMaxAge(86400);
2588  String authJwt = jwtAuthorizationRequest.getEncodedJwt();
2589  request.setRequest(authJwt);
2590 
2591  AuthorizeClient authorizeClient = new AuthorizeClient(authorizationEndpoint);
2592  authorizeClient.setRequest(request);
2593  AuthorizationResponse response1 = authorizeClient.exec();
2594 
2595  showClient(authorizeClient);
2596  assertEquals(response1.getStatus(), 302, "Unexpected response code: " + response1.getStatus());
2597  assertNotNull(response1.getLocation(), "The location is null");
2598  assertNotNull(response1.getAccessToken(), "The accessToken is null");
2599  assertNotNull(response1.getTokenType(), "The tokenType is null");
2600  assertNotNull(response1.getIdToken(), "The idToken is null");
2601  assertNotNull(response1.getState(), "The state is null");
2602 
2603  String accessToken = response1.getAccessToken();
2604 
2605  // 3. Request user info
2606  UserInfoClient userInfoClient = new UserInfoClient(userInfoEndpoint);
2607  UserInfoResponse response3 = userInfoClient.execUserInfo(accessToken);
2608 
2609  showClient(userInfoClient);
2610  assertEquals(response3.getStatus(), 200, "Unexpected response code: " + response3.getStatus());
2611  assertNotNull(response3.getClaim(JwtClaimName.SUBJECT_IDENTIFIER));
2612  assertNotNull(response3.getClaim(JwtClaimName.NAME));
2613  assertNotNull(response3.getClaim(JwtClaimName.GIVEN_NAME));
2614  assertNotNull(response3.getClaim(JwtClaimName.FAMILY_NAME));
2615  assertNotNull(response3.getClaim(JwtClaimName.EMAIL));
2616  assertNotNull(response3.getClaim(JwtClaimName.ZONEINFO));
2617  assertNotNull(response3.getClaim(JwtClaimName.LOCALE));
2618  assertNotNull(response3.getClaim(JwtClaimName.ADDRESS));
2619  } catch (Exception e) {
2620  fail(e.getMessage(), e);
2621  }
2622  }
org.xdi.oxauth.model.common.ResponseType.ID_TOKEN
ID_TOKEN
Definition: ResponseType.java:47
org.xdi.oxauth.BaseTest.registrationEndpoint
String registrationEndpoint
Definition: BaseTest.java:81
org.xdi.oxauth.client.RegisterClient
Definition: RegisterClient.java:34
org.xdi.oxauth.client.AuthorizationResponse.getIdToken
String getIdToken()
Definition: AuthorizationResponse.java:295
org.xdi.oxauth.client.UserInfoClient.execUserInfo
UserInfoResponse execUserInfo(String accessToken)
Definition: UserInfoClient.java:66
org.xdi.oxauth.client.BaseRequest.setAuthUsername
void setAuthUsername(String authUsername)
Definition: BaseRequest.java:62
org.xdi.oxauth.client.RegisterResponse
Definition: RegisterResponse.java:34
org.xdi.oxauth.model.crypto.encryption.BlockEncryptionAlgorithm.A256GCM
A256GCM
Definition: BlockEncryptionAlgorithm.java:17
org.xdi.oxauth.client.AuthorizationRequest.getPrompts
List< Prompt > getPrompts()
Definition: AuthorizationRequest.java:275
org.xdi.oxauth.client.AuthorizationResponse.getState
String getState()
Definition: AuthorizationResponse.java:314
org.xdi.oxauth.client.AuthorizeClient.exec
AuthorizationResponse exec()
Definition: AuthorizeClient.java:167
org.xdi.oxauth.client.RegisterRequest.setSectorIdentifierUri
void setSectorIdentifierUri(String sectorIdentifierUri)
Definition: RegisterRequest.java:504
org.xdi.oxauth.BaseTest.showClient
static void showClient(BaseClient client)
Definition: BaseTest.java:775
org.xdi.oxauth.client.RegisterResponse.getClientSecretExpiresAt
Date getClientSecretExpiresAt()
Definition: RegisterResponse.java:205
org.xdi.oxauth.client.RegisterClient.exec
RegisterResponse exec()
Definition: RegisterClient.java:76
org.xdi.oxauth.client.BaseRequest.setAuthPassword
void setAuthPassword(String authPassword)
Definition: BaseRequest.java:70
org.xdi.oxauth.client.AuthorizeClient
Definition: AuthorizeClient.java:29
org.xdi.oxauth.model.crypto.encryption.KeyEncryptionAlgorithm
Definition: KeyEncryptionAlgorithm.java:12
org.xdi.oxauth.client.RegisterResponse.getClientSecret
String getClientSecret()
Definition: RegisterResponse.java:160
org.xdi.oxauth.model.register.ApplicationType.WEB
WEB
Definition: ApplicationType.java:28
org.xdi.oxauth.model.common.Prompt.NONE
NONE
Definition: Prompt.java:27
org.xdi.oxauth.model.crypto.encryption.KeyEncryptionAlgorithm.A256KW
A256KW
Definition: KeyEncryptionAlgorithm.java:17
org.xdi.oxauth.client.AuthorizationResponse.getTokenType
TokenType getTokenType()
Definition: AuthorizationResponse.java:237
org.xdi.oxauth.client.UserInfoResponse.getClaim
List< String > getClaim(String claimName)
Definition: UserInfoResponse.java:109
org.xdi.oxauth.client.RegisterResponse.getClientId
String getClientId()
Definition: RegisterResponse.java:142
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.client.RegisterRequest.setResponseTypes
void setResponseTypes(List< ResponseType > responseTypes)
Definition: RegisterRequest.java:272
org.xdi.oxauth.client.RegisterRequest
Definition: RegisterRequest.java:37
org.xdi.oxauth.model.crypto.encryption.BlockEncryptionAlgorithm
Definition: BlockEncryptionAlgorithm.java:12
org.xdi.oxauth.model.common.Prompt
Definition: Prompt.java:18
org.xdi.oxauth.client.UserInfoClient
Definition: UserInfoClient.java:34
org.xdi.oxauth.BaseTest.userInfoEndpoint
String userInfoEndpoint
Definition: BaseTest.java:76
org.xdi.oxauth.client.AuthorizationRequest.setRequest
void setRequest(String request)
Definition: AuthorizationRequest.java:361
org.xdi.oxauth.model.common.ResponseType.TOKEN
TOKEN
Definition: ResponseType.java:43
org.xdi.oxauth.client.BaseResponse.getLocation
String getLocation()
Definition: BaseResponse.java:58
org.xdi.oxauth.client.BaseResponse.getStatus
int getStatus()
Definition: BaseResponse.java:49
org.xdi.oxauth.client.AuthorizationRequest
Definition: AuthorizationRequest.java:33
org.xdi.oxauth.model.register.ApplicationType
Definition: ApplicationType.java:12
org.xdi.oxauth.model.common.ResponseType
Definition: ResponseType.java:34
org.xdi.oxauth.client.AuthorizationRequest.setState
void setState(String state)
Definition: AuthorizationRequest.java:217
org.xdi.oxauth.BaseTest.authorizationEndpoint
String authorizationEndpoint
Definition: BaseTest.java:72
org.xdi.oxauth.client.UserInfoResponse
Definition: UserInfoResponse.java:20
org.xdi.oxauth.client.AuthorizationResponse.getAccessToken
String getAccessToken()
Definition: AuthorizationResponse.java:185
org.xdi.oxauth.client.RegisterRequest.addCustomAttribute
void addCustomAttribute(String p_name, String p_value)
Definition: RegisterRequest.java:925
org.xdi.oxauth.client.RegisterResponse.getRegistrationAccessToken
String getRegistrationAccessToken()
Definition: RegisterResponse.java:173

◆ requestParameterMethodAlgNone()

void org.xdi.oxauth.ws.rs.OpenIDRequestObjectHttpTest.requestParameterMethodAlgNone ( final String  userId,
final String  userSecret,
final String  redirectUri,
final String  redirectUris,
final String  sectorIdentifierUri 
)
inline
2072  {
2073  try {
2074  showTitle("requestParameterMethodAlgNone");
2075 
2076  List<ResponseType> responseTypes = Arrays.asList(ResponseType.TOKEN, ResponseType.ID_TOKEN);
2077 
2078  // 1. Dynamic Client Registration
2079  RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
2080  StringUtils.spaceSeparatedToList(redirectUris));
2081  registerRequest.setResponseTypes(responseTypes);
2082  registerRequest.setRequestObjectSigningAlg(SignatureAlgorithm.NONE);
2083  registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");
2084  registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
2085 
2086  RegisterClient registerClient = new RegisterClient(registrationEndpoint);
2087  registerClient.setRequest(registerRequest);
2088  RegisterResponse response = registerClient.exec();
2089 
2090  showClient(registerClient);
2091  assertEquals(response.getStatus(), 200, "Unexpected response code: " + response.getEntity());
2092  assertNotNull(response.getClientId());
2093  assertNotNull(response.getClientSecret());
2094  assertNotNull(response.getRegistrationAccessToken());
2095  assertNotNull(response.getClientSecretExpiresAt());
2096 
2097  String clientId = response.getClientId();
2098 
2099  // 2. Request authorization
2100  OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider();
2101 
2102  List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
2103  String nonce = UUID.randomUUID().toString();
2104  String state = UUID.randomUUID().toString();
2105 
2106  AuthorizationRequest request = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce);
2107  request.setState(state);
2108  request.setAuthUsername(userId);
2109  request.setAuthPassword(userSecret);
2110  request.getPrompts().add(Prompt.NONE);
2111 
2112  JwtAuthorizationRequest jwtAuthorizationRequest = new JwtAuthorizationRequest(request, SignatureAlgorithm.NONE, cryptoProvider);
2113  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.NAME, ClaimValue.createNull()));
2114  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.NICKNAME, ClaimValue.createEssential(false)));
2115  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.EMAIL, ClaimValue.createNull()));
2116  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.EMAIL_VERIFIED, ClaimValue.createNull()));
2117  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.PICTURE, ClaimValue.createEssential(false)));
2118  jwtAuthorizationRequest.addIdTokenClaim(new Claim(JwtClaimName.AUTHENTICATION_TIME, ClaimValue.createNull()));
2119  jwtAuthorizationRequest.addIdTokenClaim(new Claim(JwtClaimName.AUTHENTICATION_CONTEXT_CLASS_REFERENCE, ClaimValue.createValueList(new String[]{"2"})));
2120  jwtAuthorizationRequest.getIdTokenMember().setMaxAge(86400);
2121  String authJwt = jwtAuthorizationRequest.getEncodedJwt();
2122  request.setRequest(authJwt);
2123 
2124  AuthorizeClient authorizeClient = new AuthorizeClient(authorizationEndpoint);
2125  authorizeClient.setRequest(request);
2126  AuthorizationResponse response1 = authorizeClient.exec();
2127 
2128  showClient(authorizeClient);
2129  assertEquals(response1.getStatus(), 302, "Unexpected response code: " + response1.getStatus());
2130  assertNotNull(response1.getLocation(), "The location is null");
2131  assertNotNull(response1.getAccessToken(), "The accessToken is null");
2132  assertNotNull(response1.getTokenType(), "The tokenType is null");
2133  assertNotNull(response1.getIdToken(), "The idToken is null");
2134  assertNotNull(response1.getState(), "The state is null");
2135 
2136  String accessToken = response1.getAccessToken();
2137 
2138  // 3. Request user info
2139  UserInfoClient userInfoClient = new UserInfoClient(userInfoEndpoint);
2140  UserInfoResponse response3 = userInfoClient.execUserInfo(accessToken);
2141 
2142  showClient(userInfoClient);
2143  assertEquals(response3.getStatus(), 200, "Unexpected response code: " + response3.getStatus());
2144  assertNotNull(response3.getClaim(JwtClaimName.SUBJECT_IDENTIFIER));
2145  assertNotNull(response3.getClaim(JwtClaimName.NAME));
2146  assertNotNull(response3.getClaim(JwtClaimName.GIVEN_NAME));
2147  assertNotNull(response3.getClaim(JwtClaimName.FAMILY_NAME));
2148  assertNotNull(response3.getClaim(JwtClaimName.EMAIL));
2149  assertNotNull(response3.getClaim(JwtClaimName.ZONEINFO));
2150  assertNotNull(response3.getClaim(JwtClaimName.LOCALE));
2151  assertNotNull(response3.getClaim(JwtClaimName.ADDRESS));
2152  } catch (Exception e) {
2153  fail(e.getMessage(), e);
2154  }
2155  }
org.xdi.oxauth.model.common.ResponseType.ID_TOKEN
ID_TOKEN
Definition: ResponseType.java:47
org.xdi.oxauth.BaseTest.registrationEndpoint
String registrationEndpoint
Definition: BaseTest.java:81
org.xdi.oxauth.client.RegisterClient
Definition: RegisterClient.java:34
org.xdi.oxauth.client.AuthorizationResponse.getIdToken
String getIdToken()
Definition: AuthorizationResponse.java:295
org.xdi.oxauth.client.UserInfoClient.execUserInfo
UserInfoResponse execUserInfo(String accessToken)
Definition: UserInfoClient.java:66
org.xdi.oxauth.client.BaseRequest.setAuthUsername
void setAuthUsername(String authUsername)
Definition: BaseRequest.java:62
org.xdi.oxauth.client.RegisterResponse
Definition: RegisterResponse.java:34
org.xdi.oxauth.client.AuthorizationRequest.getPrompts
List< Prompt > getPrompts()
Definition: AuthorizationRequest.java:275
org.xdi.oxauth.client.AuthorizationResponse.getState
String getState()
Definition: AuthorizationResponse.java:314
org.xdi.oxauth.client.AuthorizeClient.exec
AuthorizationResponse exec()
Definition: AuthorizeClient.java:167
org.xdi.oxauth.client.RegisterRequest.setSectorIdentifierUri
void setSectorIdentifierUri(String sectorIdentifierUri)
Definition: RegisterRequest.java:504
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm
Definition: SignatureAlgorithm.java:20
org.xdi.oxauth.BaseTest.showClient
static void showClient(BaseClient client)
Definition: BaseTest.java:775
org.xdi.oxauth.client.RegisterResponse.getClientSecretExpiresAt
Date getClientSecretExpiresAt()
Definition: RegisterResponse.java:205
org.xdi.oxauth.client.RegisterClient.exec
RegisterResponse exec()
Definition: RegisterClient.java:76
org.xdi.oxauth.client.BaseRequest.setAuthPassword
void setAuthPassword(String authPassword)
Definition: BaseRequest.java:70
org.xdi.oxauth.client.AuthorizeClient
Definition: AuthorizeClient.java:29
org.xdi.oxauth.client.RegisterResponse.getClientSecret
String getClientSecret()
Definition: RegisterResponse.java:160
org.xdi.oxauth.model.register.ApplicationType.WEB
WEB
Definition: ApplicationType.java:28
org.xdi.oxauth.model.common.Prompt.NONE
NONE
Definition: Prompt.java:27
org.xdi.oxauth.client.RegisterRequest.setRequestObjectSigningAlg
void setRequestObjectSigningAlg(SignatureAlgorithm requestObjectSigningAlg)
Definition: RegisterRequest.java:664
org.xdi.oxauth.client.AuthorizationResponse.getTokenType
TokenType getTokenType()
Definition: AuthorizationResponse.java:237
org.xdi.oxauth.client.UserInfoResponse.getClaim
List< String > getClaim(String claimName)
Definition: UserInfoResponse.java:109
org.xdi.oxauth.client.RegisterResponse.getClientId
String getClientId()
Definition: RegisterResponse.java:142
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm.NONE
NONE
Definition: SignatureAlgorithm.java:22
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.client.RegisterRequest.setResponseTypes
void setResponseTypes(List< ResponseType > responseTypes)
Definition: RegisterRequest.java:272
org.xdi.oxauth.client.RegisterRequest
Definition: RegisterRequest.java:37
org.xdi.oxauth.model.common.Prompt
Definition: Prompt.java:18
org.xdi.oxauth.client.UserInfoClient
Definition: UserInfoClient.java:34
org.xdi.oxauth.BaseTest.userInfoEndpoint
String userInfoEndpoint
Definition: BaseTest.java:76
org.xdi.oxauth.client.AuthorizationRequest.setRequest
void setRequest(String request)
Definition: AuthorizationRequest.java:361
org.xdi.oxauth.model.common.ResponseType.TOKEN
TOKEN
Definition: ResponseType.java:43
org.xdi.oxauth.client.BaseResponse.getLocation
String getLocation()
Definition: BaseResponse.java:58
org.xdi.oxauth.client.BaseResponse.getStatus
int getStatus()
Definition: BaseResponse.java:49
org.xdi.oxauth.client.AuthorizationRequest
Definition: AuthorizationRequest.java:33
org.xdi.oxauth.model.register.ApplicationType
Definition: ApplicationType.java:12
org.xdi.oxauth.model.common.ResponseType
Definition: ResponseType.java:34
org.xdi.oxauth.client.AuthorizationRequest.setState
void setState(String state)
Definition: AuthorizationRequest.java:217
org.xdi.oxauth.BaseTest.authorizationEndpoint
String authorizationEndpoint
Definition: BaseTest.java:72
org.xdi.oxauth.client.UserInfoResponse
Definition: UserInfoResponse.java:20
org.xdi.oxauth.client.AuthorizationResponse.getAccessToken
String getAccessToken()
Definition: AuthorizationResponse.java:185
org.xdi.oxauth.client.RegisterRequest.addCustomAttribute
void addCustomAttribute(String p_name, String p_value)
Definition: RegisterRequest.java:925
org.xdi.oxauth.model.crypto.OxAuthCryptoProvider
Definition: OxAuthCryptoProvider.java:62
org.xdi.oxauth.client.RegisterResponse.getRegistrationAccessToken
String getRegistrationAccessToken()
Definition: RegisterResponse.java:173

◆ requestParameterMethodAlgRSA15EncA128CBCPLUSHS256()

void org.xdi.oxauth.ws.rs.OpenIDRequestObjectHttpTest.requestParameterMethodAlgRSA15EncA128CBCPLUSHS256 ( final String  userId,
final String  userSecret,
final String  redirectUri,
final String  redirectUris,
final String  sectorIdentifierUri 
)
inline
2258  {
2259  try {
2260  showTitle("requestParameterMethodAlgRSA15EncA128CBCPLUSHS256");
2261 
2262  List<ResponseType> responseTypes = Arrays.asList(ResponseType.TOKEN, ResponseType.ID_TOKEN);
2263 
2264  // 1. Dynamic Client Registration
2265  RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
2266  StringUtils.spaceSeparatedToList(redirectUris));
2267  registerRequest.setResponseTypes(responseTypes);
2268  registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");
2269  registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
2270 
2271  RegisterClient registerClient = new RegisterClient(registrationEndpoint);
2272  registerClient.setRequest(registerRequest);
2273  RegisterResponse response = registerClient.exec();
2274 
2275  showClient(registerClient);
2276  assertEquals(response.getStatus(), 200, "Unexpected response code: " + response.getEntity());
2277  assertNotNull(response.getClientId());
2278  assertNotNull(response.getClientSecret());
2279  assertNotNull(response.getRegistrationAccessToken());
2280  assertNotNull(response.getClientSecretExpiresAt());
2281 
2282  String clientId = response.getClientId();
2283 
2284  // 2. Choose encryption key
2285  JwkClient jwkClient = new JwkClient(jwksUri);
2286  JwkResponse jwkResponse = jwkClient.exec();
2287  String keyId = jwkResponse.getKeyId(SignatureAlgorithm.RS256);
2288  assertNotNull(keyId);
2289 
2290  // 3. Request authorization
2291  JSONObject jwks = JwtUtil.getJSONWebKeys(jwksUri);
2292  OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider();
2293 
2294  List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
2295  String nonce = UUID.randomUUID().toString();
2296  String state = UUID.randomUUID().toString();
2297 
2298  AuthorizationRequest request = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce);
2299  request.setState(state);
2300  request.setAuthUsername(userId);
2301  request.setAuthPassword(userSecret);
2302  request.getPrompts().add(Prompt.NONE);
2303 
2304  JwtAuthorizationRequest jwtAuthorizationRequest = new JwtAuthorizationRequest(request,
2305  KeyEncryptionAlgorithm.RSA1_5, BlockEncryptionAlgorithm.A128CBC_PLUS_HS256, cryptoProvider);
2306  jwtAuthorizationRequest.setKeyId(keyId);
2307  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.NAME, ClaimValue.createNull()));
2308  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.NICKNAME, ClaimValue.createEssential(false)));
2309  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.EMAIL, ClaimValue.createNull()));
2310  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.EMAIL_VERIFIED, ClaimValue.createNull()));
2311  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.PICTURE, ClaimValue.createEssential(false)));
2312  jwtAuthorizationRequest.addIdTokenClaim(new Claim(JwtClaimName.AUTHENTICATION_TIME, ClaimValue.createNull()));
2313  jwtAuthorizationRequest.addIdTokenClaim(new Claim(JwtClaimName.AUTHENTICATION_CONTEXT_CLASS_REFERENCE, ClaimValue.createValueList(new String[]{"2"})));
2314  jwtAuthorizationRequest.getIdTokenMember().setMaxAge(86400);
2315  String authJwt = jwtAuthorizationRequest.getEncodedJwt(jwks);
2316  request.setRequest(authJwt);
2317 
2318  AuthorizeClient authorizeClient = new AuthorizeClient(authorizationEndpoint);
2319  authorizeClient.setRequest(request);
2320  AuthorizationResponse response1 = authorizeClient.exec();
2321 
2322  showClient(authorizeClient);
2323  assertEquals(response1.getStatus(), 302, "Unexpected response code: " + response1.getStatus());
2324  assertNotNull(response1.getLocation(), "The location is null");
2325  assertNotNull(response1.getAccessToken(), "The accessToken is null");
2326  assertNotNull(response1.getTokenType(), "The tokenType is null");
2327  assertNotNull(response1.getIdToken(), "The idToken is null");
2328  assertNotNull(response1.getState(), "The state is null");
2329 
2330  String accessToken = response1.getAccessToken();
2331 
2332  // 4. Request user info
2333  UserInfoClient userInfoClient = new UserInfoClient(userInfoEndpoint);
2334  UserInfoResponse response3 = userInfoClient.execUserInfo(accessToken);
2335 
2336  showClient(userInfoClient);
2337  assertEquals(response3.getStatus(), 200, "Unexpected response code: " + response3.getStatus());
2338  assertNotNull(response3.getClaim(JwtClaimName.SUBJECT_IDENTIFIER));
2339  assertNotNull(response3.getClaim(JwtClaimName.NAME));
2340  assertNotNull(response3.getClaim(JwtClaimName.GIVEN_NAME));
2341  assertNotNull(response3.getClaim(JwtClaimName.FAMILY_NAME));
2342  assertNotNull(response3.getClaim(JwtClaimName.EMAIL));
2343  assertNotNull(response3.getClaim(JwtClaimName.ZONEINFO));
2344  assertNotNull(response3.getClaim(JwtClaimName.LOCALE));
2345  assertNotNull(response3.getClaim(JwtClaimName.ADDRESS));
2346  } catch (Exception e) {
2347  fail(e.getMessage(), e);
2348  }
2349  }
org.xdi.oxauth.model.common.ResponseType.ID_TOKEN
ID_TOKEN
Definition: ResponseType.java:47
org.xdi.oxauth.BaseTest.registrationEndpoint
String registrationEndpoint
Definition: BaseTest.java:81
org.xdi.oxauth.model.crypto.encryption.BlockEncryptionAlgorithm.A128CBC_PLUS_HS256
A128CBC_PLUS_HS256
Definition: BlockEncryptionAlgorithm.java:14
org.xdi.oxauth.client.RegisterClient
Definition: RegisterClient.java:34
org.xdi.oxauth.client.AuthorizationResponse.getIdToken
String getIdToken()
Definition: AuthorizationResponse.java:295
org.xdi.oxauth.client.UserInfoClient.execUserInfo
UserInfoResponse execUserInfo(String accessToken)
Definition: UserInfoClient.java:66
org.xdi.oxauth.BaseTest.jwksUri
String jwksUri
Definition: BaseTest.java:80
org.xdi.oxauth.client.BaseRequest.setAuthUsername
void setAuthUsername(String authUsername)
Definition: BaseRequest.java:62
org.xdi.oxauth.client.RegisterResponse
Definition: RegisterResponse.java:34
org.xdi.oxauth.client.AuthorizationRequest.getPrompts
List< Prompt > getPrompts()
Definition: AuthorizationRequest.java:275
org.xdi.oxauth.client.AuthorizationResponse.getState
String getState()
Definition: AuthorizationResponse.java:314
org.xdi.oxauth.client.AuthorizeClient.exec
AuthorizationResponse exec()
Definition: AuthorizeClient.java:167
org.xdi.oxauth.client.JwkClient.exec
JwkResponse exec()
Definition: JwkClient.java:54
org.xdi.oxauth.client.RegisterRequest.setSectorIdentifierUri
void setSectorIdentifierUri(String sectorIdentifierUri)
Definition: RegisterRequest.java:504
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm
Definition: SignatureAlgorithm.java:20
org.xdi.oxauth.BaseTest.showClient
static void showClient(BaseClient client)
Definition: BaseTest.java:775
org.xdi.oxauth.model.util.JwtUtil
Definition: JwtUtil.java:38
org.xdi.oxauth.client.RegisterResponse.getClientSecretExpiresAt
Date getClientSecretExpiresAt()
Definition: RegisterResponse.java:205
org.xdi.oxauth.client.RegisterClient.exec
RegisterResponse exec()
Definition: RegisterClient.java:76
org.xdi.oxauth.client.BaseRequest.setAuthPassword
void setAuthPassword(String authPassword)
Definition: BaseRequest.java:70
org.xdi.oxauth.client.AuthorizeClient
Definition: AuthorizeClient.java:29
org.xdi.oxauth.model.crypto.encryption.KeyEncryptionAlgorithm
Definition: KeyEncryptionAlgorithm.java:12
org.xdi.oxauth.client.RegisterResponse.getClientSecret
String getClientSecret()
Definition: RegisterResponse.java:160
org.xdi.oxauth.model.register.ApplicationType.WEB
WEB
Definition: ApplicationType.java:28
org.xdi.oxauth.model.common.Prompt.NONE
NONE
Definition: Prompt.java:27
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm.RS256
RS256
Definition: SignatureAlgorithm.java:26
org.xdi.oxauth.client.AuthorizationResponse.getTokenType
TokenType getTokenType()
Definition: AuthorizationResponse.java:237
org.xdi.oxauth.client.UserInfoResponse.getClaim
List< String > getClaim(String claimName)
Definition: UserInfoResponse.java:109
org.xdi.oxauth.client.JwkClient
Definition: JwkClient.java:29
org.xdi.oxauth.client.RegisterResponse.getClientId
String getClientId()
Definition: RegisterResponse.java:142
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.client.RegisterRequest.setResponseTypes
void setResponseTypes(List< ResponseType > responseTypes)
Definition: RegisterRequest.java:272
org.xdi.oxauth.client.RegisterRequest
Definition: RegisterRequest.java:37
org.xdi.oxauth.client.JwkResponse
Definition: JwkResponse.java:27
org.xdi.oxauth.model.crypto.encryption.BlockEncryptionAlgorithm
Definition: BlockEncryptionAlgorithm.java:12
org.xdi.oxauth.model.crypto.encryption.KeyEncryptionAlgorithm.RSA1_5
RSA1_5
Definition: KeyEncryptionAlgorithm.java:14
org.xdi.oxauth.model.common.Prompt
Definition: Prompt.java:18
org.xdi.oxauth.client.UserInfoClient
Definition: UserInfoClient.java:34
org.xdi.oxauth.BaseTest.userInfoEndpoint
String userInfoEndpoint
Definition: BaseTest.java:76
org.xdi.oxauth.client.AuthorizationRequest.setRequest
void setRequest(String request)
Definition: AuthorizationRequest.java:361
org.xdi.oxauth.model.common.ResponseType.TOKEN
TOKEN
Definition: ResponseType.java:43
org.xdi.oxauth.client.BaseResponse.getLocation
String getLocation()
Definition: BaseResponse.java:58
org.xdi.oxauth.client.BaseResponse.getStatus
int getStatus()
Definition: BaseResponse.java:49
org.xdi.oxauth.client.AuthorizationRequest
Definition: AuthorizationRequest.java:33
org.xdi.oxauth.model.register.ApplicationType
Definition: ApplicationType.java:12
org.xdi.oxauth.model.util.JwtUtil.getJSONWebKeys
static JSONObject getJSONWebKeys(String jwksUri)
Definition: JwtUtil.java:203
org.xdi.oxauth.model.common.ResponseType
Definition: ResponseType.java:34
org.xdi.oxauth.client.AuthorizationRequest.setState
void setState(String state)
Definition: AuthorizationRequest.java:217
org.xdi.oxauth.BaseTest.authorizationEndpoint
String authorizationEndpoint
Definition: BaseTest.java:72
org.xdi.oxauth.client.UserInfoResponse
Definition: UserInfoResponse.java:20
org.xdi.oxauth.client.AuthorizationResponse.getAccessToken
String getAccessToken()
Definition: AuthorizationResponse.java:185
org.xdi.oxauth.client.RegisterRequest.addCustomAttribute
void addCustomAttribute(String p_name, String p_value)
Definition: RegisterRequest.java:925
org.xdi.oxauth.client.JwkResponse.getKeyId
String getKeyId(SignatureAlgorithm signatureAlgorithm)
Definition: JwkResponse.java:112
org.xdi.oxauth.model.crypto.OxAuthCryptoProvider
Definition: OxAuthCryptoProvider.java:62
org.xdi.oxauth.client.RegisterResponse.getRegistrationAccessToken
String getRegistrationAccessToken()
Definition: RegisterResponse.java:173

◆ requestParameterMethodAlgRSA15EncA256CBCPLUSHS512()

void org.xdi.oxauth.ws.rs.OpenIDRequestObjectHttpTest.requestParameterMethodAlgRSA15EncA256CBCPLUSHS512 ( final String  userId,
final String  userSecret,
final String  redirectUri,
final String  redirectUris,
final String  sectorIdentifierUri 
)
inline
2355  {
2356  try {
2357  showTitle("requestParameterMethodAlgRSA15EncA256CBCPLUSHS512");
2358 
2359  List<ResponseType> responseTypes = Arrays.asList(ResponseType.TOKEN, ResponseType.ID_TOKEN);
2360 
2361  // 1. Dynamic Client Registration
2362  RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
2363  StringUtils.spaceSeparatedToList(redirectUris));
2364  registerRequest.setResponseTypes(responseTypes);
2365  registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");
2366  registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
2367 
2368  RegisterClient registerClient = new RegisterClient(registrationEndpoint);
2369  registerClient.setRequest(registerRequest);
2370  RegisterResponse response = registerClient.exec();
2371 
2372  showClient(registerClient);
2373  assertEquals(response.getStatus(), 200, "Unexpected response code: " + response.getEntity());
2374  assertNotNull(response.getClientId());
2375  assertNotNull(response.getClientSecret());
2376  assertNotNull(response.getRegistrationAccessToken());
2377  assertNotNull(response.getClientSecretExpiresAt());
2378 
2379  String clientId = response.getClientId();
2380 
2381  // 2. Choose encryption key
2382  JwkClient jwkClient = new JwkClient(jwksUri);
2383  JwkResponse jwkResponse = jwkClient.exec();
2384  String keyId = jwkResponse.getKeyId(SignatureAlgorithm.RS256);
2385  assertNotNull(keyId);
2386 
2387  // 3. Request authorization
2388  JSONObject jwks = JwtUtil.getJSONWebKeys(jwksUri);
2389  OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider();
2390 
2391  List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
2392  String nonce = UUID.randomUUID().toString();
2393  String state = UUID.randomUUID().toString();
2394 
2395  AuthorizationRequest request = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce);
2396  request.setState(state);
2397  request.setAuthUsername(userId);
2398  request.setAuthPassword(userSecret);
2399  request.getPrompts().add(Prompt.NONE);
2400 
2401  JwtAuthorizationRequest jwtAuthorizationRequest = new JwtAuthorizationRequest(request,
2402  KeyEncryptionAlgorithm.RSA1_5, BlockEncryptionAlgorithm.A256CBC_PLUS_HS512, cryptoProvider);
2403  jwtAuthorizationRequest.setKeyId(keyId);
2404  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.NAME, ClaimValue.createNull()));
2405  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.NICKNAME, ClaimValue.createEssential(false)));
2406  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.EMAIL, ClaimValue.createNull()));
2407  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.EMAIL_VERIFIED, ClaimValue.createNull()));
2408  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.PICTURE, ClaimValue.createEssential(false)));
2409  jwtAuthorizationRequest.addIdTokenClaim(new Claim(JwtClaimName.AUTHENTICATION_TIME, ClaimValue.createNull()));
2410  jwtAuthorizationRequest.addIdTokenClaim(new Claim(JwtClaimName.AUTHENTICATION_CONTEXT_CLASS_REFERENCE, ClaimValue.createValueList(new String[]{"2"})));
2411  jwtAuthorizationRequest.getIdTokenMember().setMaxAge(86400);
2412  String authJwt = jwtAuthorizationRequest.getEncodedJwt(jwks);
2413  request.setRequest(authJwt);
2414 
2415  AuthorizeClient authorizeClient = new AuthorizeClient(authorizationEndpoint);
2416  authorizeClient.setRequest(request);
2417  AuthorizationResponse response1 = authorizeClient.exec();
2418 
2419  showClient(authorizeClient);
2420  assertEquals(response1.getStatus(), 302, "Unexpected response code: " + response1.getStatus());
2421  assertNotNull(response1.getLocation(), "The location is null");
2422  assertNotNull(response1.getAccessToken(), "The accessToken is null");
2423  assertNotNull(response1.getTokenType(), "The tokenType is null");
2424  assertNotNull(response1.getIdToken(), "The idToken is null");
2425  assertNotNull(response1.getState(), "The state is null");
2426 
2427  String accessToken = response1.getAccessToken();
2428 
2429  // 4. Request user info
2430  UserInfoClient userInfoClient = new UserInfoClient(userInfoEndpoint);
2431  UserInfoResponse response3 = userInfoClient.execUserInfo(accessToken);
2432 
2433  showClient(userInfoClient);
2434  assertEquals(response3.getStatus(), 200, "Unexpected response code: " + response3.getStatus());
2435  assertNotNull(response3.getClaim(JwtClaimName.SUBJECT_IDENTIFIER));
2436  assertNotNull(response3.getClaim(JwtClaimName.NAME));
2437  assertNotNull(response3.getClaim(JwtClaimName.GIVEN_NAME));
2438  assertNotNull(response3.getClaim(JwtClaimName.FAMILY_NAME));
2439  assertNotNull(response3.getClaim(JwtClaimName.EMAIL));
2440  assertNotNull(response3.getClaim(JwtClaimName.ZONEINFO));
2441  assertNotNull(response3.getClaim(JwtClaimName.LOCALE));
2442  assertNotNull(response3.getClaim(JwtClaimName.ADDRESS));
2443  } catch (Exception e) {
2444  fail(e.getMessage(), e);
2445  }
2446  }
org.xdi.oxauth.model.common.ResponseType.ID_TOKEN
ID_TOKEN
Definition: ResponseType.java:47
org.xdi.oxauth.BaseTest.registrationEndpoint
String registrationEndpoint
Definition: BaseTest.java:81
org.xdi.oxauth.client.RegisterClient
Definition: RegisterClient.java:34
org.xdi.oxauth.client.AuthorizationResponse.getIdToken
String getIdToken()
Definition: AuthorizationResponse.java:295
org.xdi.oxauth.client.UserInfoClient.execUserInfo
UserInfoResponse execUserInfo(String accessToken)
Definition: UserInfoClient.java:66
org.xdi.oxauth.BaseTest.jwksUri
String jwksUri
Definition: BaseTest.java:80
org.xdi.oxauth.client.BaseRequest.setAuthUsername
void setAuthUsername(String authUsername)
Definition: BaseRequest.java:62
org.xdi.oxauth.client.RegisterResponse
Definition: RegisterResponse.java:34
org.xdi.oxauth.client.AuthorizationRequest.getPrompts
List< Prompt > getPrompts()
Definition: AuthorizationRequest.java:275
org.xdi.oxauth.client.AuthorizationResponse.getState
String getState()
Definition: AuthorizationResponse.java:314
org.xdi.oxauth.client.AuthorizeClient.exec
AuthorizationResponse exec()
Definition: AuthorizeClient.java:167
org.xdi.oxauth.client.JwkClient.exec
JwkResponse exec()
Definition: JwkClient.java:54
org.xdi.oxauth.client.RegisterRequest.setSectorIdentifierUri
void setSectorIdentifierUri(String sectorIdentifierUri)
Definition: RegisterRequest.java:504
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm
Definition: SignatureAlgorithm.java:20
org.xdi.oxauth.BaseTest.showClient
static void showClient(BaseClient client)
Definition: BaseTest.java:775
org.xdi.oxauth.model.util.JwtUtil
Definition: JwtUtil.java:38
org.xdi.oxauth.client.RegisterResponse.getClientSecretExpiresAt
Date getClientSecretExpiresAt()
Definition: RegisterResponse.java:205
org.xdi.oxauth.client.RegisterClient.exec
RegisterResponse exec()
Definition: RegisterClient.java:76
org.xdi.oxauth.client.BaseRequest.setAuthPassword
void setAuthPassword(String authPassword)
Definition: BaseRequest.java:70
org.xdi.oxauth.client.AuthorizeClient
Definition: AuthorizeClient.java:29
org.xdi.oxauth.model.crypto.encryption.KeyEncryptionAlgorithm
Definition: KeyEncryptionAlgorithm.java:12
org.xdi.oxauth.client.RegisterResponse.getClientSecret
String getClientSecret()
Definition: RegisterResponse.java:160
org.xdi.oxauth.model.register.ApplicationType.WEB
WEB
Definition: ApplicationType.java:28
org.xdi.oxauth.model.common.Prompt.NONE
NONE
Definition: Prompt.java:27
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm.RS256
RS256
Definition: SignatureAlgorithm.java:26
org.xdi.oxauth.model.crypto.encryption.BlockEncryptionAlgorithm.A256CBC_PLUS_HS512
A256CBC_PLUS_HS512
Definition: BlockEncryptionAlgorithm.java:15
org.xdi.oxauth.client.AuthorizationResponse.getTokenType
TokenType getTokenType()
Definition: AuthorizationResponse.java:237
org.xdi.oxauth.client.UserInfoResponse.getClaim
List< String > getClaim(String claimName)
Definition: UserInfoResponse.java:109
org.xdi.oxauth.client.JwkClient
Definition: JwkClient.java:29
org.xdi.oxauth.client.RegisterResponse.getClientId
String getClientId()
Definition: RegisterResponse.java:142
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.client.RegisterRequest.setResponseTypes
void setResponseTypes(List< ResponseType > responseTypes)
Definition: RegisterRequest.java:272
org.xdi.oxauth.client.RegisterRequest
Definition: RegisterRequest.java:37
org.xdi.oxauth.client.JwkResponse
Definition: JwkResponse.java:27
org.xdi.oxauth.model.crypto.encryption.BlockEncryptionAlgorithm
Definition: BlockEncryptionAlgorithm.java:12
org.xdi.oxauth.model.crypto.encryption.KeyEncryptionAlgorithm.RSA1_5
RSA1_5
Definition: KeyEncryptionAlgorithm.java:14
org.xdi.oxauth.model.common.Prompt
Definition: Prompt.java:18
org.xdi.oxauth.client.UserInfoClient
Definition: UserInfoClient.java:34
org.xdi.oxauth.BaseTest.userInfoEndpoint
String userInfoEndpoint
Definition: BaseTest.java:76
org.xdi.oxauth.client.AuthorizationRequest.setRequest
void setRequest(String request)
Definition: AuthorizationRequest.java:361
org.xdi.oxauth.model.common.ResponseType.TOKEN
TOKEN
Definition: ResponseType.java:43
org.xdi.oxauth.client.BaseResponse.getLocation
String getLocation()
Definition: BaseResponse.java:58
org.xdi.oxauth.client.BaseResponse.getStatus
int getStatus()
Definition: BaseResponse.java:49
org.xdi.oxauth.client.AuthorizationRequest
Definition: AuthorizationRequest.java:33
org.xdi.oxauth.model.register.ApplicationType
Definition: ApplicationType.java:12
org.xdi.oxauth.model.util.JwtUtil.getJSONWebKeys
static JSONObject getJSONWebKeys(String jwksUri)
Definition: JwtUtil.java:203
org.xdi.oxauth.model.common.ResponseType
Definition: ResponseType.java:34
org.xdi.oxauth.client.AuthorizationRequest.setState
void setState(String state)
Definition: AuthorizationRequest.java:217
org.xdi.oxauth.BaseTest.authorizationEndpoint
String authorizationEndpoint
Definition: BaseTest.java:72
org.xdi.oxauth.client.UserInfoResponse
Definition: UserInfoResponse.java:20
org.xdi.oxauth.client.AuthorizationResponse.getAccessToken
String getAccessToken()
Definition: AuthorizationResponse.java:185
org.xdi.oxauth.client.RegisterRequest.addCustomAttribute
void addCustomAttribute(String p_name, String p_value)
Definition: RegisterRequest.java:925
org.xdi.oxauth.client.JwkResponse.getKeyId
String getKeyId(SignatureAlgorithm signatureAlgorithm)
Definition: JwkResponse.java:112
org.xdi.oxauth.model.crypto.OxAuthCryptoProvider
Definition: OxAuthCryptoProvider.java:62
org.xdi.oxauth.client.RegisterResponse.getRegistrationAccessToken
String getRegistrationAccessToken()
Definition: RegisterResponse.java:173

◆ requestParameterMethodAlgRSAOAEPEncA256GCM()

void org.xdi.oxauth.ws.rs.OpenIDRequestObjectHttpTest.requestParameterMethodAlgRSAOAEPEncA256GCM ( final String  userId,
final String  userSecret,
final String  redirectUri,
final String  redirectUris,
final String  sectorIdentifierUri 
)
inline
2161  {
2162  try {
2163  showTitle("requestParameterMethodAlgRSAOAEPEncA256GCM");
2164 
2165  List<ResponseType> responseTypes = Arrays.asList(ResponseType.TOKEN, ResponseType.ID_TOKEN);
2166 
2167  // 1. Dynamic Client Registration
2168  RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
2169  StringUtils.spaceSeparatedToList(redirectUris));
2170  registerRequest.setResponseTypes(responseTypes);
2171  registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");
2172  registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
2173 
2174  RegisterClient registerClient = new RegisterClient(registrationEndpoint);
2175  registerClient.setRequest(registerRequest);
2176  RegisterResponse response = registerClient.exec();
2177 
2178  showClient(registerClient);
2179  assertEquals(response.getStatus(), 200, "Unexpected response code: " + response.getEntity());
2180  assertNotNull(response.getClientId());
2181  assertNotNull(response.getClientSecret());
2182  assertNotNull(response.getRegistrationAccessToken());
2183  assertNotNull(response.getClientSecretExpiresAt());
2184 
2185  String clientId = response.getClientId();
2186 
2187  // 2. Choose encryption key
2188  JwkClient jwkClient = new JwkClient(jwksUri);
2189  JwkResponse jwkResponse = jwkClient.exec();
2190  String keyId = jwkResponse.getKeyId(SignatureAlgorithm.RS256);
2191  assertNotNull(keyId);
2192 
2193  // 3. Request authorization
2194  JSONObject jwks = JwtUtil.getJSONWebKeys(jwksUri);
2195  OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider();
2196 
2197  List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
2198  String nonce = UUID.randomUUID().toString();
2199  String state = UUID.randomUUID().toString();
2200 
2201  AuthorizationRequest request = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce);
2202  request.setState(state);
2203  request.setAuthUsername(userId);
2204  request.setAuthPassword(userSecret);
2205  request.getPrompts().add(Prompt.NONE);
2206 
2207  JwtAuthorizationRequest jwtAuthorizationRequest = new JwtAuthorizationRequest(request,
2208  KeyEncryptionAlgorithm.RSA_OAEP, BlockEncryptionAlgorithm.A256GCM, cryptoProvider);
2209  jwtAuthorizationRequest.setKeyId(keyId);
2210  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.NAME, ClaimValue.createNull()));
2211  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.NICKNAME, ClaimValue.createEssential(false)));
2212  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.EMAIL, ClaimValue.createNull()));
2213  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.EMAIL_VERIFIED, ClaimValue.createNull()));
2214  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.PICTURE, ClaimValue.createEssential(false)));
2215  jwtAuthorizationRequest.addIdTokenClaim(new Claim(JwtClaimName.AUTHENTICATION_TIME, ClaimValue.createNull()));
2216  jwtAuthorizationRequest.addIdTokenClaim(new Claim(JwtClaimName.AUTHENTICATION_CONTEXT_CLASS_REFERENCE, ClaimValue.createValueList(new String[]{"2"})));
2217  jwtAuthorizationRequest.getIdTokenMember().setMaxAge(86400);
2218  String authJwt = jwtAuthorizationRequest.getEncodedJwt(jwks);
2219  request.setRequest(authJwt);
2220 
2221  AuthorizeClient authorizeClient = new AuthorizeClient(authorizationEndpoint);
2222  authorizeClient.setRequest(request);
2223  AuthorizationResponse response1 = authorizeClient.exec();
2224 
2225  showClient(authorizeClient);
2226  assertEquals(response1.getStatus(), 302, "Unexpected response code: " + response1.getStatus());
2227  assertNotNull(response1.getLocation(), "The location is null");
2228  assertNotNull(response1.getAccessToken(), "The accessToken is null");
2229  assertNotNull(response1.getTokenType(), "The tokenType is null");
2230  assertNotNull(response1.getIdToken(), "The idToken is null");
2231  assertNotNull(response1.getState(), "The state is null");
2232 
2233  String accessToken = response1.getAccessToken();
2234 
2235  // 4. Request user info
2236  UserInfoClient userInfoClient = new UserInfoClient(userInfoEndpoint);
2237  UserInfoResponse response3 = userInfoClient.execUserInfo(accessToken);
2238 
2239  showClient(userInfoClient);
2240  assertEquals(response3.getStatus(), 200, "Unexpected response code: " + response3.getStatus());
2241  assertNotNull(response3.getClaim(JwtClaimName.SUBJECT_IDENTIFIER));
2242  assertNotNull(response3.getClaim(JwtClaimName.NAME));
2243  assertNotNull(response3.getClaim(JwtClaimName.GIVEN_NAME));
2244  assertNotNull(response3.getClaim(JwtClaimName.FAMILY_NAME));
2245  assertNotNull(response3.getClaim(JwtClaimName.EMAIL));
2246  assertNotNull(response3.getClaim(JwtClaimName.ZONEINFO));
2247  assertNotNull(response3.getClaim(JwtClaimName.LOCALE));
2248  assertNotNull(response3.getClaim(JwtClaimName.ADDRESS));
2249  } catch (Exception e) {
2250  fail(e.getMessage(), e);
2251  }
2252  }
org.xdi.oxauth.model.common.ResponseType.ID_TOKEN
ID_TOKEN
Definition: ResponseType.java:47
org.xdi.oxauth.BaseTest.registrationEndpoint
String registrationEndpoint
Definition: BaseTest.java:81
org.xdi.oxauth.client.RegisterClient
Definition: RegisterClient.java:34
org.xdi.oxauth.client.AuthorizationResponse.getIdToken
String getIdToken()
Definition: AuthorizationResponse.java:295
org.xdi.oxauth.client.UserInfoClient.execUserInfo
UserInfoResponse execUserInfo(String accessToken)
Definition: UserInfoClient.java:66
org.xdi.oxauth.BaseTest.jwksUri
String jwksUri
Definition: BaseTest.java:80
org.xdi.oxauth.client.BaseRequest.setAuthUsername
void setAuthUsername(String authUsername)
Definition: BaseRequest.java:62
org.xdi.oxauth.client.RegisterResponse
Definition: RegisterResponse.java:34
org.xdi.oxauth.model.crypto.encryption.BlockEncryptionAlgorithm.A256GCM
A256GCM
Definition: BlockEncryptionAlgorithm.java:17
org.xdi.oxauth.client.AuthorizationRequest.getPrompts
List< Prompt > getPrompts()
Definition: AuthorizationRequest.java:275
org.xdi.oxauth.client.AuthorizationResponse.getState
String getState()
Definition: AuthorizationResponse.java:314
org.xdi.oxauth.client.AuthorizeClient.exec
AuthorizationResponse exec()
Definition: AuthorizeClient.java:167
org.xdi.oxauth.client.JwkClient.exec
JwkResponse exec()
Definition: JwkClient.java:54
org.xdi.oxauth.client.RegisterRequest.setSectorIdentifierUri
void setSectorIdentifierUri(String sectorIdentifierUri)
Definition: RegisterRequest.java:504
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm
Definition: SignatureAlgorithm.java:20
org.xdi.oxauth.BaseTest.showClient
static void showClient(BaseClient client)
Definition: BaseTest.java:775
org.xdi.oxauth.model.util.JwtUtil
Definition: JwtUtil.java:38
org.xdi.oxauth.client.RegisterResponse.getClientSecretExpiresAt
Date getClientSecretExpiresAt()
Definition: RegisterResponse.java:205
org.xdi.oxauth.client.RegisterClient.exec
RegisterResponse exec()
Definition: RegisterClient.java:76
org.xdi.oxauth.client.BaseRequest.setAuthPassword
void setAuthPassword(String authPassword)
Definition: BaseRequest.java:70
org.xdi.oxauth.client.AuthorizeClient
Definition: AuthorizeClient.java:29
org.xdi.oxauth.model.crypto.encryption.KeyEncryptionAlgorithm
Definition: KeyEncryptionAlgorithm.java:12
org.xdi.oxauth.model.crypto.encryption.KeyEncryptionAlgorithm.RSA_OAEP
RSA_OAEP
Definition: KeyEncryptionAlgorithm.java:15
org.xdi.oxauth.client.RegisterResponse.getClientSecret
String getClientSecret()
Definition: RegisterResponse.java:160
org.xdi.oxauth.model.register.ApplicationType.WEB
WEB
Definition: ApplicationType.java:28
org.xdi.oxauth.model.common.Prompt.NONE
NONE
Definition: Prompt.java:27
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm.RS256
RS256
Definition: SignatureAlgorithm.java:26
org.xdi.oxauth.client.AuthorizationResponse.getTokenType
TokenType getTokenType()
Definition: AuthorizationResponse.java:237
org.xdi.oxauth.client.UserInfoResponse.getClaim
List< String > getClaim(String claimName)
Definition: UserInfoResponse.java:109
org.xdi.oxauth.client.JwkClient
Definition: JwkClient.java:29
org.xdi.oxauth.client.RegisterResponse.getClientId
String getClientId()
Definition: RegisterResponse.java:142
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.client.RegisterRequest.setResponseTypes
void setResponseTypes(List< ResponseType > responseTypes)
Definition: RegisterRequest.java:272
org.xdi.oxauth.client.RegisterRequest
Definition: RegisterRequest.java:37
org.xdi.oxauth.client.JwkResponse
Definition: JwkResponse.java:27
org.xdi.oxauth.model.crypto.encryption.BlockEncryptionAlgorithm
Definition: BlockEncryptionAlgorithm.java:12
org.xdi.oxauth.model.common.Prompt
Definition: Prompt.java:18
org.xdi.oxauth.client.UserInfoClient
Definition: UserInfoClient.java:34
org.xdi.oxauth.BaseTest.userInfoEndpoint
String userInfoEndpoint
Definition: BaseTest.java:76
org.xdi.oxauth.client.AuthorizationRequest.setRequest
void setRequest(String request)
Definition: AuthorizationRequest.java:361
org.xdi.oxauth.model.common.ResponseType.TOKEN
TOKEN
Definition: ResponseType.java:43
org.xdi.oxauth.client.BaseResponse.getLocation
String getLocation()
Definition: BaseResponse.java:58
org.xdi.oxauth.client.BaseResponse.getStatus
int getStatus()
Definition: BaseResponse.java:49
org.xdi.oxauth.client.AuthorizationRequest
Definition: AuthorizationRequest.java:33
org.xdi.oxauth.model.register.ApplicationType
Definition: ApplicationType.java:12
org.xdi.oxauth.model.util.JwtUtil.getJSONWebKeys
static JSONObject getJSONWebKeys(String jwksUri)
Definition: JwtUtil.java:203
org.xdi.oxauth.model.common.ResponseType
Definition: ResponseType.java:34
org.xdi.oxauth.client.AuthorizationRequest.setState
void setState(String state)
Definition: AuthorizationRequest.java:217
org.xdi.oxauth.BaseTest.authorizationEndpoint
String authorizationEndpoint
Definition: BaseTest.java:72
org.xdi.oxauth.client.UserInfoResponse
Definition: UserInfoResponse.java:20
org.xdi.oxauth.client.AuthorizationResponse.getAccessToken
String getAccessToken()
Definition: AuthorizationResponse.java:185
org.xdi.oxauth.client.RegisterRequest.addCustomAttribute
void addCustomAttribute(String p_name, String p_value)
Definition: RegisterRequest.java:925
org.xdi.oxauth.client.JwkResponse.getKeyId
String getKeyId(SignatureAlgorithm signatureAlgorithm)
Definition: JwkResponse.java:112
org.xdi.oxauth.model.crypto.OxAuthCryptoProvider
Definition: OxAuthCryptoProvider.java:62
org.xdi.oxauth.client.RegisterResponse.getRegistrationAccessToken
String getRegistrationAccessToken()
Definition: RegisterResponse.java:173

◆ requestParameterMethodES256()

void org.xdi.oxauth.ws.rs.OpenIDRequestObjectHttpTest.requestParameterMethodES256 ( final String  userId,
final String  userSecret,
final String  redirectUri,
final String  redirectUris,
final String  jwksUri,
final String  keyId,
final String  dnName,
final String  keyStoreFile,
final String  keyStoreSecret,
final String  sectorIdentifierUri 
) throws Exception
inline
715  {
716  showTitle("requestParameterMethodES256");
717 
718  List<ResponseType> responseTypes = Arrays.asList(ResponseType.TOKEN, ResponseType.ID_TOKEN);
719 
720  // 1. Dynamic Client Registration
721  RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
722  StringUtils.spaceSeparatedToList(redirectUris));
723  registerRequest.setResponseTypes(responseTypes);
724  registerRequest.setJwksUri(jwksUri);
725  registerRequest.setRequestObjectSigningAlg(SignatureAlgorithm.ES256);
726  registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");
727  registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
728 
729  RegisterClient registerClient = new RegisterClient(registrationEndpoint);
730  registerClient.setRequest(registerRequest);
731  RegisterResponse response = registerClient.exec();
732 
733  showClient(registerClient);
734  assertEquals(response.getStatus(), 200, "Unexpected response code: " + response.getEntity());
735  assertNotNull(response.getClientId());
736  assertNotNull(response.getClientSecret());
737  assertNotNull(response.getRegistrationAccessToken());
738  assertNotNull(response.getClientSecretExpiresAt());
739 
740  String clientId = response.getClientId();
741 
742  // 2. Request authorization
743  OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
744 
745  List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
746  String nonce = UUID.randomUUID().toString();
747  String state = UUID.randomUUID().toString();
748 
749  AuthorizationRequest request = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce);
750  request.setState(state);
751  request.setAuthUsername(userId);
752  request.setAuthPassword(userSecret);
753  request.getPrompts().add(Prompt.NONE);
754 
755  JwtAuthorizationRequest jwtAuthorizationRequest = new JwtAuthorizationRequest(request, SignatureAlgorithm.ES256, cryptoProvider);
756  jwtAuthorizationRequest.setKeyId(keyId);
757  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.NAME, ClaimValue.createNull()));
758  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.NICKNAME, ClaimValue.createEssential(false)));
759  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.EMAIL, ClaimValue.createNull()));
760  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.EMAIL_VERIFIED, ClaimValue.createNull()));
761  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.PICTURE, ClaimValue.createEssential(false)));
762  jwtAuthorizationRequest.addIdTokenClaim(new Claim(JwtClaimName.AUTHENTICATION_TIME, ClaimValue.createNull()));
763  jwtAuthorizationRequest.addIdTokenClaim(new Claim(JwtClaimName.AUTHENTICATION_CONTEXT_CLASS_REFERENCE, ClaimValue.createValueList(new String[]{"2"})));
764  jwtAuthorizationRequest.getIdTokenMember().setMaxAge(86400);
765  String authJwt = jwtAuthorizationRequest.getEncodedJwt();
766  request.setRequest(authJwt);
767 
768  AuthorizeClient authorizeClient = new AuthorizeClient(authorizationEndpoint);
769  authorizeClient.setRequest(request);
770  AuthorizationResponse response1 = authorizeClient.exec();
771 
772  showClient(authorizeClient);
773  assertEquals(response1.getStatus(), 302, "Unexpected response code: " + response1.getStatus());
774  assertNotNull(response1.getLocation(), "The location is null");
775  assertNotNull(response1.getAccessToken(), "The accessToken is null");
776  assertNotNull(response1.getTokenType(), "The tokenType is null");
777  assertNotNull(response1.getIdToken(), "The idToken is null");
778  assertNotNull(response1.getState(), "The state is null");
779 
780  String accessToken = response1.getAccessToken();
781 
782  // 3. Request user info
783  UserInfoClient userInfoClient = new UserInfoClient(userInfoEndpoint);
784  UserInfoResponse response3 = userInfoClient.execUserInfo(accessToken);
785 
786  showClient(userInfoClient);
787  assertEquals(response3.getStatus(), 200, "Unexpected response code: " + response3.getStatus());
788  assertNotNull(response3.getClaim(JwtClaimName.SUBJECT_IDENTIFIER));
789  assertNotNull(response3.getClaim(JwtClaimName.NAME));
790  assertNotNull(response3.getClaim(JwtClaimName.GIVEN_NAME));
791  assertNotNull(response3.getClaim(JwtClaimName.FAMILY_NAME));
792  assertNotNull(response3.getClaim(JwtClaimName.EMAIL));
793  assertNotNull(response3.getClaim(JwtClaimName.ZONEINFO));
794  assertNotNull(response3.getClaim(JwtClaimName.LOCALE));
795  assertNotNull(response3.getClaim(JwtClaimName.ADDRESS));
796  }
org.xdi.oxauth.model.common.ResponseType.ID_TOKEN
ID_TOKEN
Definition: ResponseType.java:47
org.xdi.oxauth.BaseTest.registrationEndpoint
String registrationEndpoint
Definition: BaseTest.java:81
org.xdi.oxauth.client.RegisterClient
Definition: RegisterClient.java:34
org.xdi.oxauth.client.AuthorizationResponse.getIdToken
String getIdToken()
Definition: AuthorizationResponse.java:295
org.xdi.oxauth.client.UserInfoClient.execUserInfo
UserInfoResponse execUserInfo(String accessToken)
Definition: UserInfoClient.java:66
org.xdi.oxauth.BaseTest.jwksUri
String jwksUri
Definition: BaseTest.java:80
org.xdi.oxauth.client.BaseRequest.setAuthUsername
void setAuthUsername(String authUsername)
Definition: BaseRequest.java:62
org.xdi.oxauth.client.RegisterResponse
Definition: RegisterResponse.java:34
org.xdi.oxauth.client.AuthorizationRequest.getPrompts
List< Prompt > getPrompts()
Definition: AuthorizationRequest.java:275
org.xdi.oxauth.client.AuthorizationResponse.getState
String getState()
Definition: AuthorizationResponse.java:314
org.xdi.oxauth.client.AuthorizeClient.exec
AuthorizationResponse exec()
Definition: AuthorizeClient.java:167
org.xdi.oxauth.client.RegisterRequest.setSectorIdentifierUri
void setSectorIdentifierUri(String sectorIdentifierUri)
Definition: RegisterRequest.java:504
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm
Definition: SignatureAlgorithm.java:20
org.xdi.oxauth.BaseTest.showClient
static void showClient(BaseClient client)
Definition: BaseTest.java:775
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm.ES256
ES256
Definition: SignatureAlgorithm.java:29
org.xdi.oxauth.client.RegisterRequest.setJwksUri
void setJwksUri(String jwksUri)
Definition: RegisterRequest.java:454
org.xdi.oxauth.client.RegisterResponse.getClientSecretExpiresAt
Date getClientSecretExpiresAt()
Definition: RegisterResponse.java:205
org.xdi.oxauth.client.RegisterClient.exec
RegisterResponse exec()
Definition: RegisterClient.java:76
org.xdi.oxauth.client.BaseRequest.setAuthPassword
void setAuthPassword(String authPassword)
Definition: BaseRequest.java:70
org.xdi.oxauth.client.AuthorizeClient
Definition: AuthorizeClient.java:29
org.xdi.oxauth.client.RegisterResponse.getClientSecret
String getClientSecret()
Definition: RegisterResponse.java:160
org.xdi.oxauth.model.register.ApplicationType.WEB
WEB
Definition: ApplicationType.java:28
org.xdi.oxauth.model.common.Prompt.NONE
NONE
Definition: Prompt.java:27
org.xdi.oxauth.client.RegisterRequest.setRequestObjectSigningAlg
void setRequestObjectSigningAlg(SignatureAlgorithm requestObjectSigningAlg)
Definition: RegisterRequest.java:664
org.xdi.oxauth.client.AuthorizationResponse.getTokenType
TokenType getTokenType()
Definition: AuthorizationResponse.java:237
org.xdi.oxauth.client.UserInfoResponse.getClaim
List< String > getClaim(String claimName)
Definition: UserInfoResponse.java:109
org.xdi.oxauth.client.RegisterResponse.getClientId
String getClientId()
Definition: RegisterResponse.java:142
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.client.RegisterRequest.setResponseTypes
void setResponseTypes(List< ResponseType > responseTypes)
Definition: RegisterRequest.java:272
org.xdi.oxauth.client.RegisterRequest
Definition: RegisterRequest.java:37
org.xdi.oxauth.model.common.Prompt
Definition: Prompt.java:18
org.xdi.oxauth.client.UserInfoClient
Definition: UserInfoClient.java:34
org.xdi.oxauth.BaseTest.userInfoEndpoint
String userInfoEndpoint
Definition: BaseTest.java:76
org.xdi.oxauth.client.AuthorizationRequest.setRequest
void setRequest(String request)
Definition: AuthorizationRequest.java:361
org.xdi.oxauth.model.common.ResponseType.TOKEN
TOKEN
Definition: ResponseType.java:43
org.xdi.oxauth.client.BaseResponse.getLocation
String getLocation()
Definition: BaseResponse.java:58
org.xdi.oxauth.client.BaseResponse.getStatus
int getStatus()
Definition: BaseResponse.java:49
org.xdi.oxauth.client.AuthorizationRequest
Definition: AuthorizationRequest.java:33
org.xdi.oxauth.model.register.ApplicationType
Definition: ApplicationType.java:12
org.xdi.oxauth.model.common.ResponseType
Definition: ResponseType.java:34
org.xdi.oxauth.client.AuthorizationRequest.setState
void setState(String state)
Definition: AuthorizationRequest.java:217
org.xdi.oxauth.BaseTest.authorizationEndpoint
String authorizationEndpoint
Definition: BaseTest.java:72
org.xdi.oxauth.client.UserInfoResponse
Definition: UserInfoResponse.java:20
org.xdi.oxauth.client.AuthorizationResponse.getAccessToken
String getAccessToken()
Definition: AuthorizationResponse.java:185
org.xdi.oxauth.client.RegisterRequest.addCustomAttribute
void addCustomAttribute(String p_name, String p_value)
Definition: RegisterRequest.java:925
org.xdi.oxauth.model.crypto.OxAuthCryptoProvider
Definition: OxAuthCryptoProvider.java:62
org.xdi.oxauth.client.RegisterResponse.getRegistrationAccessToken
String getRegistrationAccessToken()
Definition: RegisterResponse.java:173

◆ requestParameterMethodES256X509Cert()

void org.xdi.oxauth.ws.rs.OpenIDRequestObjectHttpTest.requestParameterMethodES256X509Cert ( final String  userId,
final String  userSecret,
final String  redirectUri,
final String  redirectUris,
final String  jwksUri,
final String  keyId,
final String  dnName,
final String  keyStoreFile,
final String  keyStoreSecret,
final String  sectorIdentifierUri 
) throws Exception
inline
1246  {
1247  showTitle("requestParameterMethodES256X509Cert");
1248 
1249  List<ResponseType> responseTypes = Arrays.asList(ResponseType.TOKEN, ResponseType.ID_TOKEN);
1250 
1251  // 1. Dynamic Client Registration
1252  RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
1253  StringUtils.spaceSeparatedToList(redirectUris));
1254  registerRequest.setResponseTypes(responseTypes);
1255  registerRequest.setJwksUri(jwksUri);
1256  registerRequest.setRequestObjectSigningAlg(SignatureAlgorithm.ES256);
1257  registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");
1258  registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
1259 
1260  RegisterClient registerClient = new RegisterClient(registrationEndpoint);
1261  registerClient.setRequest(registerRequest);
1262  RegisterResponse response = registerClient.exec();
1263 
1264  showClient(registerClient);
1265  assertEquals(response.getStatus(), 200, "Unexpected response code: " + response.getEntity());
1266  assertNotNull(response.getClientId());
1267  assertNotNull(response.getClientSecret());
1268  assertNotNull(response.getRegistrationAccessToken());
1269  assertNotNull(response.getClientSecretExpiresAt());
1270 
1271  String clientId = response.getClientId();
1272 
1273  // 2. Request authorization
1274  OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
1275 
1276  List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
1277  String nonce = UUID.randomUUID().toString();
1278  String state = UUID.randomUUID().toString();
1279 
1280  AuthorizationRequest request = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce);
1281  request.setState(state);
1282  request.setAuthUsername(userId);
1283  request.setAuthPassword(userSecret);
1284  request.getPrompts().add(Prompt.NONE);
1285 
1286  JwtAuthorizationRequest jwtAuthorizationRequest = new JwtAuthorizationRequest(request, SignatureAlgorithm.ES256, cryptoProvider);
1287  jwtAuthorizationRequest.setKeyId(keyId);
1288  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.NAME, ClaimValue.createNull()));
1289  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.NICKNAME, ClaimValue.createEssential(false)));
1290  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.EMAIL, ClaimValue.createNull()));
1291  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.EMAIL_VERIFIED, ClaimValue.createNull()));
1292  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.PICTURE, ClaimValue.createEssential(false)));
1293  jwtAuthorizationRequest.addIdTokenClaim(new Claim(JwtClaimName.AUTHENTICATION_TIME, ClaimValue.createNull()));
1294  jwtAuthorizationRequest.addIdTokenClaim(new Claim(JwtClaimName.AUTHENTICATION_CONTEXT_CLASS_REFERENCE, ClaimValue.createValueList(new String[]{"2"})));
1295  jwtAuthorizationRequest.getIdTokenMember().setMaxAge(86400);
1296  String authJwt = jwtAuthorizationRequest.getEncodedJwt();
1297  request.setRequest(authJwt);
1298 
1299  AuthorizeClient authorizeClient = new AuthorizeClient(authorizationEndpoint);
1300  authorizeClient.setRequest(request);
1301  AuthorizationResponse response1 = authorizeClient.exec();
1302 
1303  showClient(authorizeClient);
1304  assertEquals(response1.getStatus(), 302, "Unexpected response code: " + response1.getStatus());
1305  assertNotNull(response1.getLocation(), "The location is null");
1306  assertNotNull(response1.getAccessToken(), "The accessToken is null");
1307  assertNotNull(response1.getTokenType(), "The tokenType is null");
1308  assertNotNull(response1.getIdToken(), "The idToken is null");
1309  assertNotNull(response1.getState(), "The state is null");
1310 
1311  String accessToken = response1.getAccessToken();
1312 
1313  // 3. Request user info
1314  UserInfoClient userInfoClient = new UserInfoClient(userInfoEndpoint);
1315  UserInfoResponse response3 = userInfoClient.execUserInfo(accessToken);
1316 
1317  showClient(userInfoClient);
1318  assertEquals(response3.getStatus(), 200, "Unexpected response code: " + response3.getStatus());
1319  assertNotNull(response3.getClaim(JwtClaimName.SUBJECT_IDENTIFIER));
1320  assertNotNull(response3.getClaim(JwtClaimName.NAME));
1321  assertNotNull(response3.getClaim(JwtClaimName.GIVEN_NAME));
1322  assertNotNull(response3.getClaim(JwtClaimName.FAMILY_NAME));
1323  assertNotNull(response3.getClaim(JwtClaimName.EMAIL));
1324  assertNotNull(response3.getClaim(JwtClaimName.ZONEINFO));
1325  assertNotNull(response3.getClaim(JwtClaimName.LOCALE));
1326  assertNotNull(response3.getClaim(JwtClaimName.ADDRESS));
1327  }
org.xdi.oxauth.model.common.ResponseType.ID_TOKEN
ID_TOKEN
Definition: ResponseType.java:47
org.xdi.oxauth.BaseTest.registrationEndpoint
String registrationEndpoint
Definition: BaseTest.java:81
org.xdi.oxauth.client.RegisterClient
Definition: RegisterClient.java:34
org.xdi.oxauth.client.AuthorizationResponse.getIdToken
String getIdToken()
Definition: AuthorizationResponse.java:295
org.xdi.oxauth.client.UserInfoClient.execUserInfo
UserInfoResponse execUserInfo(String accessToken)
Definition: UserInfoClient.java:66
org.xdi.oxauth.BaseTest.jwksUri
String jwksUri
Definition: BaseTest.java:80
org.xdi.oxauth.client.BaseRequest.setAuthUsername
void setAuthUsername(String authUsername)
Definition: BaseRequest.java:62
org.xdi.oxauth.client.RegisterResponse
Definition: RegisterResponse.java:34
org.xdi.oxauth.client.AuthorizationRequest.getPrompts
List< Prompt > getPrompts()
Definition: AuthorizationRequest.java:275
org.xdi.oxauth.client.AuthorizationResponse.getState
String getState()
Definition: AuthorizationResponse.java:314
org.xdi.oxauth.client.AuthorizeClient.exec
AuthorizationResponse exec()
Definition: AuthorizeClient.java:167
org.xdi.oxauth.client.RegisterRequest.setSectorIdentifierUri
void setSectorIdentifierUri(String sectorIdentifierUri)
Definition: RegisterRequest.java:504
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm
Definition: SignatureAlgorithm.java:20
org.xdi.oxauth.BaseTest.showClient
static void showClient(BaseClient client)
Definition: BaseTest.java:775
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm.ES256
ES256
Definition: SignatureAlgorithm.java:29
org.xdi.oxauth.client.RegisterRequest.setJwksUri
void setJwksUri(String jwksUri)
Definition: RegisterRequest.java:454
org.xdi.oxauth.client.RegisterResponse.getClientSecretExpiresAt
Date getClientSecretExpiresAt()
Definition: RegisterResponse.java:205
org.xdi.oxauth.client.RegisterClient.exec
RegisterResponse exec()
Definition: RegisterClient.java:76
org.xdi.oxauth.client.BaseRequest.setAuthPassword
void setAuthPassword(String authPassword)
Definition: BaseRequest.java:70
org.xdi.oxauth.client.AuthorizeClient
Definition: AuthorizeClient.java:29
org.xdi.oxauth.client.RegisterResponse.getClientSecret
String getClientSecret()
Definition: RegisterResponse.java:160
org.xdi.oxauth.model.register.ApplicationType.WEB
WEB
Definition: ApplicationType.java:28
org.xdi.oxauth.model.common.Prompt.NONE
NONE
Definition: Prompt.java:27
org.xdi.oxauth.client.RegisterRequest.setRequestObjectSigningAlg
void setRequestObjectSigningAlg(SignatureAlgorithm requestObjectSigningAlg)
Definition: RegisterRequest.java:664
org.xdi.oxauth.client.AuthorizationResponse.getTokenType
TokenType getTokenType()
Definition: AuthorizationResponse.java:237
org.xdi.oxauth.client.UserInfoResponse.getClaim
List< String > getClaim(String claimName)
Definition: UserInfoResponse.java:109
org.xdi.oxauth.client.RegisterResponse.getClientId
String getClientId()
Definition: RegisterResponse.java:142
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.client.RegisterRequest.setResponseTypes
void setResponseTypes(List< ResponseType > responseTypes)
Definition: RegisterRequest.java:272
org.xdi.oxauth.client.RegisterRequest
Definition: RegisterRequest.java:37
org.xdi.oxauth.model.common.Prompt
Definition: Prompt.java:18
org.xdi.oxauth.client.UserInfoClient
Definition: UserInfoClient.java:34
org.xdi.oxauth.BaseTest.userInfoEndpoint
String userInfoEndpoint
Definition: BaseTest.java:76
org.xdi.oxauth.client.AuthorizationRequest.setRequest
void setRequest(String request)
Definition: AuthorizationRequest.java:361
org.xdi.oxauth.model.common.ResponseType.TOKEN
TOKEN
Definition: ResponseType.java:43
org.xdi.oxauth.client.BaseResponse.getLocation
String getLocation()
Definition: BaseResponse.java:58
org.xdi.oxauth.client.BaseResponse.getStatus
int getStatus()
Definition: BaseResponse.java:49
org.xdi.oxauth.client.AuthorizationRequest
Definition: AuthorizationRequest.java:33
org.xdi.oxauth.model.register.ApplicationType
Definition: ApplicationType.java:12
org.xdi.oxauth.model.common.ResponseType
Definition: ResponseType.java:34
org.xdi.oxauth.client.AuthorizationRequest.setState
void setState(String state)
Definition: AuthorizationRequest.java:217
org.xdi.oxauth.BaseTest.authorizationEndpoint
String authorizationEndpoint
Definition: BaseTest.java:72
org.xdi.oxauth.client.UserInfoResponse
Definition: UserInfoResponse.java:20
org.xdi.oxauth.client.AuthorizationResponse.getAccessToken
String getAccessToken()
Definition: AuthorizationResponse.java:185
org.xdi.oxauth.client.RegisterRequest.addCustomAttribute
void addCustomAttribute(String p_name, String p_value)
Definition: RegisterRequest.java:925
org.xdi.oxauth.model.crypto.OxAuthCryptoProvider
Definition: OxAuthCryptoProvider.java:62
org.xdi.oxauth.client.RegisterResponse.getRegistrationAccessToken
String getRegistrationAccessToken()
Definition: RegisterResponse.java:173

◆ requestParameterMethodES384()

void org.xdi.oxauth.ws.rs.OpenIDRequestObjectHttpTest.requestParameterMethodES384 ( final String  userId,
final String  userSecret,
final String  redirectUri,
final String  redirectUris,
final String  jwksUri,
final String  keyId,
final String  dnName,
final String  keyStoreFile,
final String  keyStoreSecret,
final String  sectorIdentifierUri 
) throws Exception
inline
804  {
805  showTitle("requestParameterMethodES384");
806 
807  List<ResponseType> responseTypes = Arrays.asList(ResponseType.TOKEN, ResponseType.ID_TOKEN);
808 
809  // 1. Dynamic Client Registration
810  RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
811  StringUtils.spaceSeparatedToList(redirectUris));
812  registerRequest.setResponseTypes(responseTypes);
813  registerRequest.setJwksUri(jwksUri);
814  registerRequest.setRequestObjectSigningAlg(SignatureAlgorithm.ES384);
815  registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");
816  registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
817 
818  RegisterClient registerClient = new RegisterClient(registrationEndpoint);
819  registerClient.setRequest(registerRequest);
820  RegisterResponse response = registerClient.exec();
821 
822  showClient(registerClient);
823  assertEquals(response.getStatus(), 200, "Unexpected response code: " + response.getEntity());
824  assertNotNull(response.getClientId());
825  assertNotNull(response.getClientSecret());
826  assertNotNull(response.getRegistrationAccessToken());
827  assertNotNull(response.getClientSecretExpiresAt());
828 
829  String clientId = response.getClientId();
830  String clientSecret = response.getClientSecret();
831 
832  // 2. Request authorization
833  OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
834 
835  List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
836  String nonce = UUID.randomUUID().toString();
837  String state = UUID.randomUUID().toString();
838 
839  AuthorizationRequest request = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce);
840  request.setState(state);
841  request.setAuthUsername(userId);
842  request.setAuthPassword(userSecret);
843  request.getPrompts().add(Prompt.NONE);
844 
845  JwtAuthorizationRequest jwtAuthorizationRequest = new JwtAuthorizationRequest(request, SignatureAlgorithm.ES384, cryptoProvider);
846  jwtAuthorizationRequest.setKeyId(keyId);
847  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.NAME, ClaimValue.createNull()));
848  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.NICKNAME, ClaimValue.createEssential(false)));
849  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.EMAIL, ClaimValue.createNull()));
850  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.EMAIL_VERIFIED, ClaimValue.createNull()));
851  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.PICTURE, ClaimValue.createEssential(false)));
852  jwtAuthorizationRequest.addIdTokenClaim(new Claim(JwtClaimName.AUTHENTICATION_TIME, ClaimValue.createNull()));
853  jwtAuthorizationRequest.addIdTokenClaim(new Claim(JwtClaimName.AUTHENTICATION_CONTEXT_CLASS_REFERENCE, ClaimValue.createValueList(new String[]{"2"})));
854  jwtAuthorizationRequest.getIdTokenMember().setMaxAge(86400);
855  String authJwt = jwtAuthorizationRequest.getEncodedJwt();
856  request.setRequest(authJwt);
857 
858  AuthorizeClient authorizeClient = new AuthorizeClient(authorizationEndpoint);
859  authorizeClient.setRequest(request);
860  AuthorizationResponse response1 = authorizeClient.exec();
861 
862  showClient(authorizeClient);
863  assertEquals(response1.getStatus(), 302, "Unexpected response code: " + response1.getStatus());
864  assertNotNull(response1.getLocation(), "The location is null");
865  assertNotNull(response1.getAccessToken(), "The accessToken is null");
866  assertNotNull(response1.getTokenType(), "The tokenType is null");
867  assertNotNull(response1.getIdToken(), "The idToken is null");
868  assertNotNull(response1.getState(), "The state is null");
869 
870  String accessToken = response1.getAccessToken();
871 
872  // 3. Request user info
873  UserInfoClient userInfoClient = new UserInfoClient(userInfoEndpoint);
874  UserInfoResponse response3 = userInfoClient.execUserInfo(accessToken);
875 
876  showClient(userInfoClient);
877  assertEquals(response3.getStatus(), 200, "Unexpected response code: " + response3.getStatus());
878  assertNotNull(response3.getClaim(JwtClaimName.SUBJECT_IDENTIFIER));
879  assertNotNull(response3.getClaim(JwtClaimName.NAME));
880  assertNotNull(response3.getClaim(JwtClaimName.GIVEN_NAME));
881  assertNotNull(response3.getClaim(JwtClaimName.FAMILY_NAME));
882  assertNotNull(response3.getClaim(JwtClaimName.EMAIL));
883  assertNotNull(response3.getClaim(JwtClaimName.ZONEINFO));
884  assertNotNull(response3.getClaim(JwtClaimName.LOCALE));
885  assertNotNull(response3.getClaim(JwtClaimName.ADDRESS));
886  }
org.xdi.oxauth.model.common.ResponseType.ID_TOKEN
ID_TOKEN
Definition: ResponseType.java:47
org.xdi.oxauth.BaseTest.registrationEndpoint
String registrationEndpoint
Definition: BaseTest.java:81
org.xdi.oxauth.client.RegisterClient
Definition: RegisterClient.java:34
org.xdi.oxauth.client.AuthorizationResponse.getIdToken
String getIdToken()
Definition: AuthorizationResponse.java:295
org.xdi.oxauth.client.UserInfoClient.execUserInfo
UserInfoResponse execUserInfo(String accessToken)
Definition: UserInfoClient.java:66
org.xdi.oxauth.BaseTest.jwksUri
String jwksUri
Definition: BaseTest.java:80
org.xdi.oxauth.client.BaseRequest.setAuthUsername
void setAuthUsername(String authUsername)
Definition: BaseRequest.java:62
org.xdi.oxauth.client.RegisterResponse
Definition: RegisterResponse.java:34
org.xdi.oxauth.client.AuthorizationRequest.getPrompts
List< Prompt > getPrompts()
Definition: AuthorizationRequest.java:275
org.xdi.oxauth.client.AuthorizationResponse.getState
String getState()
Definition: AuthorizationResponse.java:314
org.xdi.oxauth.client.AuthorizeClient.exec
AuthorizationResponse exec()
Definition: AuthorizeClient.java:167
org.xdi.oxauth.client.RegisterRequest.setSectorIdentifierUri
void setSectorIdentifierUri(String sectorIdentifierUri)
Definition: RegisterRequest.java:504
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm
Definition: SignatureAlgorithm.java:20
org.xdi.oxauth.BaseTest.showClient
static void showClient(BaseClient client)
Definition: BaseTest.java:775
org.xdi.oxauth.client.RegisterRequest.setJwksUri
void setJwksUri(String jwksUri)
Definition: RegisterRequest.java:454
org.xdi.oxauth.client.RegisterResponse.getClientSecretExpiresAt
Date getClientSecretExpiresAt()
Definition: RegisterResponse.java:205
org.xdi.oxauth.client.RegisterClient.exec
RegisterResponse exec()
Definition: RegisterClient.java:76
org.xdi.oxauth.client.BaseRequest.setAuthPassword
void setAuthPassword(String authPassword)
Definition: BaseRequest.java:70
org.xdi.oxauth.client.AuthorizeClient
Definition: AuthorizeClient.java:29
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm.ES384
ES384
Definition: SignatureAlgorithm.java:30
org.xdi.oxauth.client.RegisterResponse.getClientSecret
String getClientSecret()
Definition: RegisterResponse.java:160
org.xdi.oxauth.model.register.ApplicationType.WEB
WEB
Definition: ApplicationType.java:28
org.xdi.oxauth.model.common.Prompt.NONE
NONE
Definition: Prompt.java:27
org.xdi.oxauth.client.RegisterRequest.setRequestObjectSigningAlg
void setRequestObjectSigningAlg(SignatureAlgorithm requestObjectSigningAlg)
Definition: RegisterRequest.java:664
org.xdi.oxauth.client.AuthorizationResponse.getTokenType
TokenType getTokenType()
Definition: AuthorizationResponse.java:237
org.xdi.oxauth.client.UserInfoResponse.getClaim
List< String > getClaim(String claimName)
Definition: UserInfoResponse.java:109
org.xdi.oxauth.client.RegisterResponse.getClientId
String getClientId()
Definition: RegisterResponse.java:142
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.client.RegisterRequest.setResponseTypes
void setResponseTypes(List< ResponseType > responseTypes)
Definition: RegisterRequest.java:272
org.xdi.oxauth.client.RegisterRequest
Definition: RegisterRequest.java:37
org.xdi.oxauth.model.common.Prompt
Definition: Prompt.java:18
org.xdi.oxauth.client.UserInfoClient
Definition: UserInfoClient.java:34
org.xdi.oxauth.BaseTest.userInfoEndpoint
String userInfoEndpoint
Definition: BaseTest.java:76
org.xdi.oxauth.client.AuthorizationRequest.setRequest
void setRequest(String request)
Definition: AuthorizationRequest.java:361
org.xdi.oxauth.model.common.ResponseType.TOKEN
TOKEN
Definition: ResponseType.java:43
org.xdi.oxauth.client.BaseResponse.getLocation
String getLocation()
Definition: BaseResponse.java:58
org.xdi.oxauth.client.BaseResponse.getStatus
int getStatus()
Definition: BaseResponse.java:49
org.xdi.oxauth.client.AuthorizationRequest
Definition: AuthorizationRequest.java:33
org.xdi.oxauth.model.register.ApplicationType
Definition: ApplicationType.java:12
org.xdi.oxauth.model.common.ResponseType
Definition: ResponseType.java:34
org.xdi.oxauth.client.AuthorizationRequest.setState
void setState(String state)
Definition: AuthorizationRequest.java:217
org.xdi.oxauth.BaseTest.authorizationEndpoint
String authorizationEndpoint
Definition: BaseTest.java:72
org.xdi.oxauth.client.UserInfoResponse
Definition: UserInfoResponse.java:20
org.xdi.oxauth.client.AuthorizationResponse.getAccessToken
String getAccessToken()
Definition: AuthorizationResponse.java:185
org.xdi.oxauth.client.RegisterRequest.addCustomAttribute
void addCustomAttribute(String p_name, String p_value)
Definition: RegisterRequest.java:925
org.xdi.oxauth.model.crypto.OxAuthCryptoProvider
Definition: OxAuthCryptoProvider.java:62
org.xdi.oxauth.client.RegisterResponse.getRegistrationAccessToken
String getRegistrationAccessToken()
Definition: RegisterResponse.java:173

◆ requestParameterMethodES384X509Cert()

void org.xdi.oxauth.ws.rs.OpenIDRequestObjectHttpTest.requestParameterMethodES384X509Cert ( final String  userId,
final String  userSecret,
final String  redirectUri,
final String  redirectUris,
final String  jwksUri,
final String  keyId,
final String  dnName,
final String  keyStoreFile,
final String  keyStoreSecret,
final String  sectorIdentifierUri 
) throws Exception
inline
1335  {
1336  showTitle("requestParameterMethodES384X509Cert");
1337 
1338  List<ResponseType> responseTypes = Arrays.asList(ResponseType.TOKEN, ResponseType.ID_TOKEN);
1339 
1340  // 1. Dynamic Client Registration
1341  RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
1342  StringUtils.spaceSeparatedToList(redirectUris));
1343  registerRequest.setResponseTypes(responseTypes);
1344  registerRequest.setJwksUri(jwksUri);
1345  registerRequest.setRequestObjectSigningAlg(SignatureAlgorithm.ES384);
1346  registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");
1347  registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
1348 
1349  RegisterClient registerClient = new RegisterClient(registrationEndpoint);
1350  registerClient.setRequest(registerRequest);
1351  RegisterResponse response = registerClient.exec();
1352 
1353  showClient(registerClient);
1354  assertEquals(response.getStatus(), 200, "Unexpected response code: " + response.getEntity());
1355  assertNotNull(response.getClientId());
1356  assertNotNull(response.getClientSecret());
1357  assertNotNull(response.getRegistrationAccessToken());
1358  assertNotNull(response.getClientSecretExpiresAt());
1359 
1360  String clientId = response.getClientId();
1361 
1362  // 2. Request authorization
1363  OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
1364 
1365  List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
1366  String nonce = UUID.randomUUID().toString();
1367  String state = UUID.randomUUID().toString();
1368 
1369  AuthorizationRequest request = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce);
1370  request.setState(state);
1371  request.setAuthUsername(userId);
1372  request.setAuthPassword(userSecret);
1373  request.getPrompts().add(Prompt.NONE);
1374 
1375  JwtAuthorizationRequest jwtAuthorizationRequest = new JwtAuthorizationRequest(request, SignatureAlgorithm.ES384, cryptoProvider);
1376  jwtAuthorizationRequest.setKeyId(keyId);
1377  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.NAME, ClaimValue.createNull()));
1378  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.NICKNAME, ClaimValue.createEssential(false)));
1379  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.EMAIL, ClaimValue.createNull()));
1380  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.EMAIL_VERIFIED, ClaimValue.createNull()));
1381  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.PICTURE, ClaimValue.createEssential(false)));
1382  jwtAuthorizationRequest.addIdTokenClaim(new Claim(JwtClaimName.AUTHENTICATION_TIME, ClaimValue.createNull()));
1383  jwtAuthorizationRequest.addIdTokenClaim(new Claim(JwtClaimName.AUTHENTICATION_CONTEXT_CLASS_REFERENCE, ClaimValue.createValueList(new String[]{"2"})));
1384  jwtAuthorizationRequest.getIdTokenMember().setMaxAge(86400);
1385  String authJwt = jwtAuthorizationRequest.getEncodedJwt();
1386  request.setRequest(authJwt);
1387 
1388  AuthorizeClient authorizeClient = new AuthorizeClient(authorizationEndpoint);
1389  authorizeClient.setRequest(request);
1390  AuthorizationResponse response1 = authorizeClient.exec();
1391 
1392  showClient(authorizeClient);
1393  assertEquals(response1.getStatus(), 302, "Unexpected response code: " + response1.getStatus());
1394  assertNotNull(response1.getLocation(), "The location is null");
1395  assertNotNull(response1.getAccessToken(), "The accessToken is null");
1396  assertNotNull(response1.getTokenType(), "The tokenType is null");
1397  assertNotNull(response1.getIdToken(), "The idToken is null");
1398  assertNotNull(response1.getState(), "The state is null");
1399 
1400  String accessToken = response1.getAccessToken();
1401 
1402  // 3. Request user info
1403  UserInfoClient userInfoClient = new UserInfoClient(userInfoEndpoint);
1404  UserInfoResponse response3 = userInfoClient.execUserInfo(accessToken);
1405 
1406  showClient(userInfoClient);
1407  assertEquals(response3.getStatus(), 200, "Unexpected response code: " + response3.getStatus());
1408  assertNotNull(response3.getClaim(JwtClaimName.SUBJECT_IDENTIFIER));
1409  assertNotNull(response3.getClaim(JwtClaimName.NAME));
1410  assertNotNull(response3.getClaim(JwtClaimName.GIVEN_NAME));
1411  assertNotNull(response3.getClaim(JwtClaimName.FAMILY_NAME));
1412  assertNotNull(response3.getClaim(JwtClaimName.EMAIL));
1413  assertNotNull(response3.getClaim(JwtClaimName.ZONEINFO));
1414  assertNotNull(response3.getClaim(JwtClaimName.LOCALE));
1415  assertNotNull(response3.getClaim(JwtClaimName.ADDRESS));
1416  }
org.xdi.oxauth.model.common.ResponseType.ID_TOKEN
ID_TOKEN
Definition: ResponseType.java:47
org.xdi.oxauth.BaseTest.registrationEndpoint
String registrationEndpoint
Definition: BaseTest.java:81
org.xdi.oxauth.client.RegisterClient
Definition: RegisterClient.java:34
org.xdi.oxauth.client.AuthorizationResponse.getIdToken
String getIdToken()
Definition: AuthorizationResponse.java:295
org.xdi.oxauth.client.UserInfoClient.execUserInfo
UserInfoResponse execUserInfo(String accessToken)
Definition: UserInfoClient.java:66
org.xdi.oxauth.BaseTest.jwksUri
String jwksUri
Definition: BaseTest.java:80
org.xdi.oxauth.client.BaseRequest.setAuthUsername
void setAuthUsername(String authUsername)
Definition: BaseRequest.java:62
org.xdi.oxauth.client.RegisterResponse
Definition: RegisterResponse.java:34
org.xdi.oxauth.client.AuthorizationRequest.getPrompts
List< Prompt > getPrompts()
Definition: AuthorizationRequest.java:275
org.xdi.oxauth.client.AuthorizationResponse.getState
String getState()
Definition: AuthorizationResponse.java:314
org.xdi.oxauth.client.AuthorizeClient.exec
AuthorizationResponse exec()
Definition: AuthorizeClient.java:167
org.xdi.oxauth.client.RegisterRequest.setSectorIdentifierUri
void setSectorIdentifierUri(String sectorIdentifierUri)
Definition: RegisterRequest.java:504
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm
Definition: SignatureAlgorithm.java:20
org.xdi.oxauth.BaseTest.showClient
static void showClient(BaseClient client)
Definition: BaseTest.java:775
org.xdi.oxauth.client.RegisterRequest.setJwksUri
void setJwksUri(String jwksUri)
Definition: RegisterRequest.java:454
org.xdi.oxauth.client.RegisterResponse.getClientSecretExpiresAt
Date getClientSecretExpiresAt()
Definition: RegisterResponse.java:205
org.xdi.oxauth.client.RegisterClient.exec
RegisterResponse exec()
Definition: RegisterClient.java:76
org.xdi.oxauth.client.BaseRequest.setAuthPassword
void setAuthPassword(String authPassword)
Definition: BaseRequest.java:70
org.xdi.oxauth.client.AuthorizeClient
Definition: AuthorizeClient.java:29
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm.ES384
ES384
Definition: SignatureAlgorithm.java:30
org.xdi.oxauth.client.RegisterResponse.getClientSecret
String getClientSecret()
Definition: RegisterResponse.java:160
org.xdi.oxauth.model.register.ApplicationType.WEB
WEB
Definition: ApplicationType.java:28
org.xdi.oxauth.model.common.Prompt.NONE
NONE
Definition: Prompt.java:27
org.xdi.oxauth.client.RegisterRequest.setRequestObjectSigningAlg
void setRequestObjectSigningAlg(SignatureAlgorithm requestObjectSigningAlg)
Definition: RegisterRequest.java:664
org.xdi.oxauth.client.AuthorizationResponse.getTokenType
TokenType getTokenType()
Definition: AuthorizationResponse.java:237
org.xdi.oxauth.client.UserInfoResponse.getClaim
List< String > getClaim(String claimName)
Definition: UserInfoResponse.java:109
org.xdi.oxauth.client.RegisterResponse.getClientId
String getClientId()
Definition: RegisterResponse.java:142
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.client.RegisterRequest.setResponseTypes
void setResponseTypes(List< ResponseType > responseTypes)
Definition: RegisterRequest.java:272
org.xdi.oxauth.client.RegisterRequest
Definition: RegisterRequest.java:37
org.xdi.oxauth.model.common.Prompt
Definition: Prompt.java:18
org.xdi.oxauth.client.UserInfoClient
Definition: UserInfoClient.java:34
org.xdi.oxauth.BaseTest.userInfoEndpoint
String userInfoEndpoint
Definition: BaseTest.java:76
org.xdi.oxauth.client.AuthorizationRequest.setRequest
void setRequest(String request)
Definition: AuthorizationRequest.java:361
org.xdi.oxauth.model.common.ResponseType.TOKEN
TOKEN
Definition: ResponseType.java:43
org.xdi.oxauth.client.BaseResponse.getLocation
String getLocation()
Definition: BaseResponse.java:58
org.xdi.oxauth.client.BaseResponse.getStatus
int getStatus()
Definition: BaseResponse.java:49
org.xdi.oxauth.client.AuthorizationRequest
Definition: AuthorizationRequest.java:33
org.xdi.oxauth.model.register.ApplicationType
Definition: ApplicationType.java:12
org.xdi.oxauth.model.common.ResponseType
Definition: ResponseType.java:34
org.xdi.oxauth.client.AuthorizationRequest.setState
void setState(String state)
Definition: AuthorizationRequest.java:217
org.xdi.oxauth.BaseTest.authorizationEndpoint
String authorizationEndpoint
Definition: BaseTest.java:72
org.xdi.oxauth.client.UserInfoResponse
Definition: UserInfoResponse.java:20
org.xdi.oxauth.client.AuthorizationResponse.getAccessToken
String getAccessToken()
Definition: AuthorizationResponse.java:185
org.xdi.oxauth.client.RegisterRequest.addCustomAttribute
void addCustomAttribute(String p_name, String p_value)
Definition: RegisterRequest.java:925
org.xdi.oxauth.model.crypto.OxAuthCryptoProvider
Definition: OxAuthCryptoProvider.java:62
org.xdi.oxauth.client.RegisterResponse.getRegistrationAccessToken
String getRegistrationAccessToken()
Definition: RegisterResponse.java:173

◆ requestParameterMethodES512()

void org.xdi.oxauth.ws.rs.OpenIDRequestObjectHttpTest.requestParameterMethodES512 ( final String  userId,
final String  userSecret,
final String  redirectUri,
final String  redirectUris,
final String  jwksUri,
final String  keyId,
final String  dnName,
final String  keyStoreFile,
final String  keyStoreSecret,
final String  sectorIdentifierUri 
) throws Exception
inline
894  {
895  showTitle("requestParameterMethodES512");
896 
897  List<ResponseType> responseTypes = Arrays.asList(ResponseType.TOKEN, ResponseType.ID_TOKEN);
898 
899  // 1. Dynamic Client Registration
900  RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
901  StringUtils.spaceSeparatedToList(redirectUris));
902  registerRequest.setResponseTypes(responseTypes);
903  registerRequest.setJwksUri(jwksUri);
904  registerRequest.setRequestObjectSigningAlg(SignatureAlgorithm.ES512);
905  registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");
906  registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
907 
908  RegisterClient registerClient = new RegisterClient(registrationEndpoint);
909  registerClient.setRequest(registerRequest);
910  RegisterResponse response = registerClient.exec();
911 
912  showClient(registerClient);
913  assertEquals(response.getStatus(), 200, "Unexpected response code: " + response.getEntity());
914  assertNotNull(response.getClientId());
915  assertNotNull(response.getClientSecret());
916  assertNotNull(response.getRegistrationAccessToken());
917  assertNotNull(response.getClientSecretExpiresAt());
918 
919  String clientId = response.getClientId();
920 
921  // 2. Request authorization
922  OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
923 
924  List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
925  String nonce = UUID.randomUUID().toString();
926  String state = UUID.randomUUID().toString();
927 
928  AuthorizationRequest request = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce);
929  request.setState(state);
930  request.setAuthUsername(userId);
931  request.setAuthPassword(userSecret);
932  request.getPrompts().add(Prompt.NONE);
933 
934  JwtAuthorizationRequest jwtAuthorizationRequest = new JwtAuthorizationRequest(request, SignatureAlgorithm.ES512, cryptoProvider);
935  jwtAuthorizationRequest.setKeyId(keyId);
936  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.NAME, ClaimValue.createNull()));
937  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.NICKNAME, ClaimValue.createEssential(false)));
938  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.EMAIL, ClaimValue.createNull()));
939  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.EMAIL_VERIFIED, ClaimValue.createNull()));
940  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.PICTURE, ClaimValue.createEssential(false)));
941  jwtAuthorizationRequest.addIdTokenClaim(new Claim(JwtClaimName.AUTHENTICATION_TIME, ClaimValue.createNull()));
942  jwtAuthorizationRequest.addIdTokenClaim(new Claim(JwtClaimName.AUTHENTICATION_CONTEXT_CLASS_REFERENCE, ClaimValue.createValueList(new String[]{"2"})));
943  jwtAuthorizationRequest.getIdTokenMember().setMaxAge(86400);
944  String authJwt = jwtAuthorizationRequest.getEncodedJwt();
945  request.setRequest(authJwt);
946 
947  AuthorizeClient authorizeClient = new AuthorizeClient(authorizationEndpoint);
948  authorizeClient.setRequest(request);
949  AuthorizationResponse response1 = authorizeClient.exec();
950 
951  showClient(authorizeClient);
952  assertEquals(response1.getStatus(), 302, "Unexpected response code: " + response1.getStatus());
953  assertNotNull(response1.getLocation(), "The location is null");
954  assertNotNull(response1.getAccessToken(), "The accessToken is null");
955  assertNotNull(response1.getTokenType(), "The tokenType is null");
956  assertNotNull(response1.getIdToken(), "The idToken is null");
957  assertNotNull(response1.getState(), "The state is null");
958 
959  String accessToken = response1.getAccessToken();
960 
961  // 3. Request user info
962  UserInfoClient userInfoClient = new UserInfoClient(userInfoEndpoint);
963  UserInfoResponse response3 = userInfoClient.execUserInfo(accessToken);
964 
965  showClient(userInfoClient);
966  assertEquals(response3.getStatus(), 200, "Unexpected response code: " + response3.getStatus());
967  assertNotNull(response3.getClaim(JwtClaimName.SUBJECT_IDENTIFIER));
968  assertNotNull(response3.getClaim(JwtClaimName.NAME));
969  assertNotNull(response3.getClaim(JwtClaimName.GIVEN_NAME));
970  assertNotNull(response3.getClaim(JwtClaimName.FAMILY_NAME));
971  assertNotNull(response3.getClaim(JwtClaimName.EMAIL));
972  assertNotNull(response3.getClaim(JwtClaimName.ZONEINFO));
973  assertNotNull(response3.getClaim(JwtClaimName.LOCALE));
974  }
org.xdi.oxauth.model.common.ResponseType.ID_TOKEN
ID_TOKEN
Definition: ResponseType.java:47
org.xdi.oxauth.BaseTest.registrationEndpoint
String registrationEndpoint
Definition: BaseTest.java:81
org.xdi.oxauth.client.RegisterClient
Definition: RegisterClient.java:34
org.xdi.oxauth.client.AuthorizationResponse.getIdToken
String getIdToken()
Definition: AuthorizationResponse.java:295
org.xdi.oxauth.client.UserInfoClient.execUserInfo
UserInfoResponse execUserInfo(String accessToken)
Definition: UserInfoClient.java:66
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm.ES512
ES512
Definition: SignatureAlgorithm.java:31
org.xdi.oxauth.BaseTest.jwksUri
String jwksUri
Definition: BaseTest.java:80
org.xdi.oxauth.client.BaseRequest.setAuthUsername
void setAuthUsername(String authUsername)
Definition: BaseRequest.java:62
org.xdi.oxauth.client.RegisterResponse
Definition: RegisterResponse.java:34
org.xdi.oxauth.client.AuthorizationRequest.getPrompts
List< Prompt > getPrompts()
Definition: AuthorizationRequest.java:275
org.xdi.oxauth.client.AuthorizationResponse.getState
String getState()
Definition: AuthorizationResponse.java:314
org.xdi.oxauth.client.AuthorizeClient.exec
AuthorizationResponse exec()
Definition: AuthorizeClient.java:167
org.xdi.oxauth.client.RegisterRequest.setSectorIdentifierUri
void setSectorIdentifierUri(String sectorIdentifierUri)
Definition: RegisterRequest.java:504
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm
Definition: SignatureAlgorithm.java:20
org.xdi.oxauth.BaseTest.showClient
static void showClient(BaseClient client)
Definition: BaseTest.java:775
org.xdi.oxauth.client.RegisterRequest.setJwksUri
void setJwksUri(String jwksUri)
Definition: RegisterRequest.java:454
org.xdi.oxauth.client.RegisterResponse.getClientSecretExpiresAt
Date getClientSecretExpiresAt()
Definition: RegisterResponse.java:205
org.xdi.oxauth.client.RegisterClient.exec
RegisterResponse exec()
Definition: RegisterClient.java:76
org.xdi.oxauth.client.BaseRequest.setAuthPassword
void setAuthPassword(String authPassword)
Definition: BaseRequest.java:70
org.xdi.oxauth.client.AuthorizeClient
Definition: AuthorizeClient.java:29
org.xdi.oxauth.client.RegisterResponse.getClientSecret
String getClientSecret()
Definition: RegisterResponse.java:160
org.xdi.oxauth.model.register.ApplicationType.WEB
WEB
Definition: ApplicationType.java:28
org.xdi.oxauth.model.common.Prompt.NONE
NONE
Definition: Prompt.java:27
org.xdi.oxauth.client.RegisterRequest.setRequestObjectSigningAlg
void setRequestObjectSigningAlg(SignatureAlgorithm requestObjectSigningAlg)
Definition: RegisterRequest.java:664
org.xdi.oxauth.client.AuthorizationResponse.getTokenType
TokenType getTokenType()
Definition: AuthorizationResponse.java:237
org.xdi.oxauth.client.UserInfoResponse.getClaim
List< String > getClaim(String claimName)
Definition: UserInfoResponse.java:109
org.xdi.oxauth.client.RegisterResponse.getClientId
String getClientId()
Definition: RegisterResponse.java:142
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.client.RegisterRequest.setResponseTypes
void setResponseTypes(List< ResponseType > responseTypes)
Definition: RegisterRequest.java:272
org.xdi.oxauth.client.RegisterRequest
Definition: RegisterRequest.java:37
org.xdi.oxauth.model.common.Prompt
Definition: Prompt.java:18
org.xdi.oxauth.client.UserInfoClient
Definition: UserInfoClient.java:34
org.xdi.oxauth.BaseTest.userInfoEndpoint
String userInfoEndpoint
Definition: BaseTest.java:76
org.xdi.oxauth.client.AuthorizationRequest.setRequest
void setRequest(String request)
Definition: AuthorizationRequest.java:361
org.xdi.oxauth.model.common.ResponseType.TOKEN
TOKEN
Definition: ResponseType.java:43
org.xdi.oxauth.client.BaseResponse.getLocation
String getLocation()
Definition: BaseResponse.java:58
org.xdi.oxauth.client.BaseResponse.getStatus
int getStatus()
Definition: BaseResponse.java:49
org.xdi.oxauth.client.AuthorizationRequest
Definition: AuthorizationRequest.java:33
org.xdi.oxauth.model.register.ApplicationType
Definition: ApplicationType.java:12
org.xdi.oxauth.model.common.ResponseType
Definition: ResponseType.java:34
org.xdi.oxauth.client.AuthorizationRequest.setState
void setState(String state)
Definition: AuthorizationRequest.java:217
org.xdi.oxauth.BaseTest.authorizationEndpoint
String authorizationEndpoint
Definition: BaseTest.java:72
org.xdi.oxauth.client.UserInfoResponse
Definition: UserInfoResponse.java:20
org.xdi.oxauth.client.AuthorizationResponse.getAccessToken
String getAccessToken()
Definition: AuthorizationResponse.java:185
org.xdi.oxauth.client.RegisterRequest.addCustomAttribute
void addCustomAttribute(String p_name, String p_value)
Definition: RegisterRequest.java:925
org.xdi.oxauth.model.crypto.OxAuthCryptoProvider
Definition: OxAuthCryptoProvider.java:62
org.xdi.oxauth.client.RegisterResponse.getRegistrationAccessToken
String getRegistrationAccessToken()
Definition: RegisterResponse.java:173

◆ requestParameterMethodES512X509Cert()

void org.xdi.oxauth.ws.rs.OpenIDRequestObjectHttpTest.requestParameterMethodES512X509Cert ( final String  userId,
final String  userSecret,
final String  redirectUri,
final String  redirectUris,
final String  jwksUri,
final String  keyId,
final String  dnName,
final String  keyStoreFile,
final String  keyStoreSecret,
final String  sectorIdentifierUri 
) throws Exception
inline
1424  {
1425  showTitle("requestParameterMethodES512X509Cert");
1426 
1427  List<ResponseType> responseTypes = Arrays.asList(ResponseType.TOKEN, ResponseType.ID_TOKEN);
1428 
1429  // 1. Dynamic Client Registration
1430  RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
1431  StringUtils.spaceSeparatedToList(redirectUris));
1432  registerRequest.setResponseTypes(responseTypes);
1433  registerRequest.setJwksUri(jwksUri);
1434  registerRequest.setRequestObjectSigningAlg(SignatureAlgorithm.ES512);
1435  registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");
1436  registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
1437 
1438  RegisterClient registerClient = new RegisterClient(registrationEndpoint);
1439  registerClient.setRequest(registerRequest);
1440  RegisterResponse response = registerClient.exec();
1441 
1442  showClient(registerClient);
1443  assertEquals(response.getStatus(), 200, "Unexpected response code: " + response.getEntity());
1444  assertNotNull(response.getClientId());
1445  assertNotNull(response.getClientSecret());
1446  assertNotNull(response.getRegistrationAccessToken());
1447  assertNotNull(response.getClientSecretExpiresAt());
1448 
1449  String clientId = response.getClientId();
1450 
1451  // 2. Request authorization
1452  OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
1453 
1454  List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
1455  String nonce = UUID.randomUUID().toString();
1456  String state = UUID.randomUUID().toString();
1457 
1458  AuthorizationRequest request = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce);
1459  request.setState(state);
1460  request.setAuthUsername(userId);
1461  request.setAuthPassword(userSecret);
1462  request.getPrompts().add(Prompt.NONE);
1463 
1464  JwtAuthorizationRequest jwtAuthorizationRequest = new JwtAuthorizationRequest(request, SignatureAlgorithm.ES512, cryptoProvider);
1465  jwtAuthorizationRequest.setKeyId(keyId);
1466  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.NAME, ClaimValue.createNull()));
1467  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.NICKNAME, ClaimValue.createEssential(false)));
1468  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.EMAIL, ClaimValue.createNull()));
1469  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.EMAIL_VERIFIED, ClaimValue.createNull()));
1470  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.PICTURE, ClaimValue.createEssential(false)));
1471  jwtAuthorizationRequest.addIdTokenClaim(new Claim(JwtClaimName.AUTHENTICATION_TIME, ClaimValue.createNull()));
1472  jwtAuthorizationRequest.addIdTokenClaim(new Claim(JwtClaimName.AUTHENTICATION_CONTEXT_CLASS_REFERENCE, ClaimValue.createValueList(new String[]{"2"})));
1473  jwtAuthorizationRequest.getIdTokenMember().setMaxAge(86400);
1474  String authJwt = jwtAuthorizationRequest.getEncodedJwt();
1475  request.setRequest(authJwt);
1476 
1477  AuthorizeClient authorizeClient = new AuthorizeClient(authorizationEndpoint);
1478  authorizeClient.setRequest(request);
1479  AuthorizationResponse response1 = authorizeClient.exec();
1480 
1481  showClient(authorizeClient);
1482  assertEquals(response1.getStatus(), 302, "Unexpected response code: " + response1.getStatus());
1483  assertNotNull(response1.getLocation(), "The location is null");
1484  assertNotNull(response1.getAccessToken(), "The accessToken is null");
1485  assertNotNull(response1.getTokenType(), "The tokenType is null");
1486  assertNotNull(response1.getIdToken(), "The idToken is null");
1487  assertNotNull(response1.getState(), "The state is null");
1488 
1489  String accessToken = response1.getAccessToken();
1490 
1491  // 3. Request user info
1492  UserInfoClient userInfoClient = new UserInfoClient(userInfoEndpoint);
1493  UserInfoResponse response3 = userInfoClient.execUserInfo(accessToken);
1494 
1495  showClient(userInfoClient);
1496  assertEquals(response3.getStatus(), 200, "Unexpected response code: " + response3.getStatus());
1497  assertNotNull(response3.getClaim(JwtClaimName.SUBJECT_IDENTIFIER));
1498  assertNotNull(response3.getClaim(JwtClaimName.NAME));
1499  assertNotNull(response3.getClaim(JwtClaimName.GIVEN_NAME));
1500  assertNotNull(response3.getClaim(JwtClaimName.FAMILY_NAME));
1501  assertNotNull(response3.getClaim(JwtClaimName.EMAIL));
1502  assertNotNull(response3.getClaim(JwtClaimName.ZONEINFO));
1503  assertNotNull(response3.getClaim(JwtClaimName.LOCALE));
1504  }
org.xdi.oxauth.model.common.ResponseType.ID_TOKEN
ID_TOKEN
Definition: ResponseType.java:47
org.xdi.oxauth.BaseTest.registrationEndpoint
String registrationEndpoint
Definition: BaseTest.java:81
org.xdi.oxauth.client.RegisterClient
Definition: RegisterClient.java:34
org.xdi.oxauth.client.AuthorizationResponse.getIdToken
String getIdToken()
Definition: AuthorizationResponse.java:295
org.xdi.oxauth.client.UserInfoClient.execUserInfo
UserInfoResponse execUserInfo(String accessToken)
Definition: UserInfoClient.java:66
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm.ES512
ES512
Definition: SignatureAlgorithm.java:31
org.xdi.oxauth.BaseTest.jwksUri
String jwksUri
Definition: BaseTest.java:80
org.xdi.oxauth.client.BaseRequest.setAuthUsername
void setAuthUsername(String authUsername)
Definition: BaseRequest.java:62
org.xdi.oxauth.client.RegisterResponse
Definition: RegisterResponse.java:34
org.xdi.oxauth.client.AuthorizationRequest.getPrompts
List< Prompt > getPrompts()
Definition: AuthorizationRequest.java:275
org.xdi.oxauth.client.AuthorizationResponse.getState
String getState()
Definition: AuthorizationResponse.java:314
org.xdi.oxauth.client.AuthorizeClient.exec
AuthorizationResponse exec()
Definition: AuthorizeClient.java:167
org.xdi.oxauth.client.RegisterRequest.setSectorIdentifierUri
void setSectorIdentifierUri(String sectorIdentifierUri)
Definition: RegisterRequest.java:504
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm
Definition: SignatureAlgorithm.java:20
org.xdi.oxauth.BaseTest.showClient
static void showClient(BaseClient client)
Definition: BaseTest.java:775
org.xdi.oxauth.client.RegisterRequest.setJwksUri
void setJwksUri(String jwksUri)
Definition: RegisterRequest.java:454
org.xdi.oxauth.client.RegisterResponse.getClientSecretExpiresAt
Date getClientSecretExpiresAt()
Definition: RegisterResponse.java:205
org.xdi.oxauth.client.RegisterClient.exec
RegisterResponse exec()
Definition: RegisterClient.java:76
org.xdi.oxauth.client.BaseRequest.setAuthPassword
void setAuthPassword(String authPassword)
Definition: BaseRequest.java:70
org.xdi.oxauth.client.AuthorizeClient
Definition: AuthorizeClient.java:29
org.xdi.oxauth.client.RegisterResponse.getClientSecret
String getClientSecret()
Definition: RegisterResponse.java:160
org.xdi.oxauth.model.register.ApplicationType.WEB
WEB
Definition: ApplicationType.java:28
org.xdi.oxauth.model.common.Prompt.NONE
NONE
Definition: Prompt.java:27
org.xdi.oxauth.client.RegisterRequest.setRequestObjectSigningAlg
void setRequestObjectSigningAlg(SignatureAlgorithm requestObjectSigningAlg)
Definition: RegisterRequest.java:664
org.xdi.oxauth.client.AuthorizationResponse.getTokenType
TokenType getTokenType()
Definition: AuthorizationResponse.java:237
org.xdi.oxauth.client.UserInfoResponse.getClaim
List< String > getClaim(String claimName)
Definition: UserInfoResponse.java:109
org.xdi.oxauth.client.RegisterResponse.getClientId
String getClientId()
Definition: RegisterResponse.java:142
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.client.RegisterRequest.setResponseTypes
void setResponseTypes(List< ResponseType > responseTypes)
Definition: RegisterRequest.java:272
org.xdi.oxauth.client.RegisterRequest
Definition: RegisterRequest.java:37
org.xdi.oxauth.model.common.Prompt
Definition: Prompt.java:18
org.xdi.oxauth.client.UserInfoClient
Definition: UserInfoClient.java:34
org.xdi.oxauth.BaseTest.userInfoEndpoint
String userInfoEndpoint
Definition: BaseTest.java:76
org.xdi.oxauth.client.AuthorizationRequest.setRequest
void setRequest(String request)
Definition: AuthorizationRequest.java:361
org.xdi.oxauth.model.common.ResponseType.TOKEN
TOKEN
Definition: ResponseType.java:43
org.xdi.oxauth.client.BaseResponse.getLocation
String getLocation()
Definition: BaseResponse.java:58
org.xdi.oxauth.client.BaseResponse.getStatus
int getStatus()
Definition: BaseResponse.java:49
org.xdi.oxauth.client.AuthorizationRequest
Definition: AuthorizationRequest.java:33
org.xdi.oxauth.model.register.ApplicationType
Definition: ApplicationType.java:12
org.xdi.oxauth.model.common.ResponseType
Definition: ResponseType.java:34
org.xdi.oxauth.client.AuthorizationRequest.setState
void setState(String state)
Definition: AuthorizationRequest.java:217
org.xdi.oxauth.BaseTest.authorizationEndpoint
String authorizationEndpoint
Definition: BaseTest.java:72
org.xdi.oxauth.client.UserInfoResponse
Definition: UserInfoResponse.java:20
org.xdi.oxauth.client.AuthorizationResponse.getAccessToken
String getAccessToken()
Definition: AuthorizationResponse.java:185
org.xdi.oxauth.client.RegisterRequest.addCustomAttribute
void addCustomAttribute(String p_name, String p_value)
Definition: RegisterRequest.java:925
org.xdi.oxauth.model.crypto.OxAuthCryptoProvider
Definition: OxAuthCryptoProvider.java:62
org.xdi.oxauth.client.RegisterResponse.getRegistrationAccessToken
String getRegistrationAccessToken()
Definition: RegisterResponse.java:173

◆ requestParameterMethodFail1()

void org.xdi.oxauth.ws.rs.OpenIDRequestObjectHttpTest.requestParameterMethodFail1 ( final String  userId,
final String  userSecret,
final String  redirectUris,
final String  redirectUri,
final String  sectorIdentifierUri 
)
inline
1510  {
1511  try {
1512  showTitle("requestParameterMethodFail1");
1513 
1514  List<ResponseType> responseTypes = Arrays.asList(ResponseType.TOKEN, ResponseType.ID_TOKEN);
1515 
1516  // 1. Dynamic Client Registration
1517  RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
1518  StringUtils.spaceSeparatedToList(redirectUris));
1519  registerRequest.setResponseTypes(responseTypes);
1520  registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");
1521  registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
1522 
1523  RegisterClient registerClient = new RegisterClient(registrationEndpoint);
1524  registerClient.setRequest(registerRequest);
1525  RegisterResponse registerResponse = registerClient.exec();
1526 
1527  showClient(registerClient);
1528  assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
1529  assertNotNull(registerResponse.getClientId());
1530  assertNotNull(registerResponse.getClientSecret());
1531  assertNotNull(registerResponse.getRegistrationAccessToken());
1532  assertNotNull(registerResponse.getClientSecretExpiresAt());
1533 
1534  String clientId = registerResponse.getClientId();
1535 
1536  // 2. Authorization Request
1537  List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
1538  String nonce = UUID.randomUUID().toString();
1539  String state = UUID.randomUUID().toString();
1540 
1541  AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce);
1542  authorizationRequest.setState(state);
1543  authorizationRequest.setRequest("INVALID_OPENID_REQUEST_OBJECT");
1544  authorizationRequest.setAuthUsername(userId);
1545  authorizationRequest.setAuthPassword(userSecret);
1546 
1547  AuthorizeClient authorizeClient = new AuthorizeClient(authorizationEndpoint);
1548  authorizeClient.setRequest(authorizationRequest);
1549  AuthorizationResponse response = authorizeClient.exec();
1550 
1551  showClient(authorizeClient);
1552  assertEquals(response.getStatus(), 302, "Unexpected response code: " + response.getStatus());
1553  assertNotNull(response.getLocation(), "The location is null");
1554  assertNotNull(response.getErrorType(), "The error type is null");
1555  assertNotNull(response.getErrorDescription(), "The error description is null");
1556  assertNotNull(response.getState(), "The state is null");
1557  } catch (Exception e) {
1558  fail(e.getMessage(), e);
1559  }
1560  }
org.xdi.oxauth.model.common.ResponseType.ID_TOKEN
ID_TOKEN
Definition: ResponseType.java:47
org.xdi.oxauth.BaseTest.registrationEndpoint
String registrationEndpoint
Definition: BaseTest.java:81
org.xdi.oxauth.client.RegisterClient
Definition: RegisterClient.java:34
org.xdi.oxauth.client.BaseRequest.setAuthUsername
void setAuthUsername(String authUsername)
Definition: BaseRequest.java:62
org.xdi.oxauth.client.RegisterResponse
Definition: RegisterResponse.java:34
org.xdi.oxauth.client.AuthorizationResponse.getState
String getState()
Definition: AuthorizationResponse.java:314
org.xdi.oxauth.client.AuthorizeClient.exec
AuthorizationResponse exec()
Definition: AuthorizeClient.java:167
org.xdi.oxauth.client.RegisterRequest.setSectorIdentifierUri
void setSectorIdentifierUri(String sectorIdentifierUri)
Definition: RegisterRequest.java:504
org.xdi.oxauth.BaseTest.showClient
static void showClient(BaseClient client)
Definition: BaseTest.java:775
org.xdi.oxauth.client.RegisterResponse.getClientSecretExpiresAt
Date getClientSecretExpiresAt()
Definition: RegisterResponse.java:205
org.xdi.oxauth.client.RegisterClient.exec
RegisterResponse exec()
Definition: RegisterClient.java:76
org.xdi.oxauth.client.BaseRequest.setAuthPassword
void setAuthPassword(String authPassword)
Definition: BaseRequest.java:70
org.xdi.oxauth.client.AuthorizeClient
Definition: AuthorizeClient.java:29
org.xdi.oxauth.client.RegisterResponse.getClientSecret
String getClientSecret()
Definition: RegisterResponse.java:160
org.xdi.oxauth.model.register.ApplicationType.WEB
WEB
Definition: ApplicationType.java:28
org.xdi.oxauth.client.AuthorizationResponse.getErrorType
AuthorizeErrorResponseType getErrorType()
Definition: AuthorizationResponse.java:334
org.xdi.oxauth.client.RegisterResponse.getClientId
String getClientId()
Definition: RegisterResponse.java:142
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.client.RegisterRequest.setResponseTypes
void setResponseTypes(List< ResponseType > responseTypes)
Definition: RegisterRequest.java:272
org.xdi.oxauth.client.RegisterRequest
Definition: RegisterRequest.java:37
org.xdi.oxauth.client.AuthorizationRequest.setRequest
void setRequest(String request)
Definition: AuthorizationRequest.java:361
org.xdi.oxauth.model.common.ResponseType.TOKEN
TOKEN
Definition: ResponseType.java:43
org.xdi.oxauth.client.BaseResponse.getLocation
String getLocation()
Definition: BaseResponse.java:58
org.xdi.oxauth.client.BaseResponse.getStatus
int getStatus()
Definition: BaseResponse.java:49
org.xdi.oxauth.client.AuthorizationRequest
Definition: AuthorizationRequest.java:33
org.xdi.oxauth.model.register.ApplicationType
Definition: ApplicationType.java:12
org.xdi.oxauth.model.common.ResponseType
Definition: ResponseType.java:34
org.xdi.oxauth.client.AuthorizationRequest.setState
void setState(String state)
Definition: AuthorizationRequest.java:217
org.xdi.oxauth.BaseTest.authorizationEndpoint
String authorizationEndpoint
Definition: BaseTest.java:72
org.xdi.oxauth.client.AuthorizationResponse.getErrorDescription
String getErrorDescription()
Definition: AuthorizationResponse.java:355
org.xdi.oxauth.client.RegisterRequest.addCustomAttribute
void addCustomAttribute(String p_name, String p_value)
Definition: RegisterRequest.java:925
org.xdi.oxauth.client.RegisterResponse.getRegistrationAccessToken
String getRegistrationAccessToken()
Definition: RegisterResponse.java:173

◆ requestParameterMethodFail2()

void org.xdi.oxauth.ws.rs.OpenIDRequestObjectHttpTest.requestParameterMethodFail2 ( final String  userId,
final String  userSecret,
final String  redirectUris,
final String  redirectUri,
final String  sectorIdentifierUri 
)
inline
1566  {
1567  try {
1568  showTitle("requestParameterMethodFail2");
1569 
1570  List<ResponseType> responseTypes = Arrays.asList(ResponseType.TOKEN, ResponseType.ID_TOKEN);
1571 
1572  // 1. Dynamic Client Registration
1573  RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
1574  StringUtils.spaceSeparatedToList(redirectUris));
1575  registerRequest.setResponseTypes(responseTypes);
1576  registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");
1577  registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
1578 
1579  RegisterClient registerClient = new RegisterClient(registrationEndpoint);
1580  registerClient.setRequest(registerRequest);
1581  RegisterResponse registerResponse = registerClient.exec();
1582 
1583  showClient(registerClient);
1584  assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
1585  assertNotNull(registerResponse.getClientId());
1586  assertNotNull(registerResponse.getClientSecret());
1587  assertNotNull(registerResponse.getRegistrationAccessToken());
1588  assertNotNull(registerResponse.getClientSecretExpiresAt());
1589 
1590  String clientId = registerResponse.getClientId();
1591  String clientSecret = registerResponse.getClientSecret();
1592 
1593  // 2. Authorization Request
1594  OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider();
1595 
1596  List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
1597  String nonce = UUID.randomUUID().toString();
1598  String state = UUID.randomUUID().toString();
1599 
1600  AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce);
1601  authorizationRequest.setState(state);
1602  authorizationRequest.setAuthUsername(userId);
1603  authorizationRequest.setAuthPassword(userSecret);
1604 
1605  JwtAuthorizationRequest jwtAuthorizationRequest = new JwtAuthorizationRequest(authorizationRequest, SignatureAlgorithm.HS256, clientSecret, cryptoProvider);
1606  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.NAME, ClaimValue.createNull()));
1607  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.NICKNAME, ClaimValue.createEssential(false)));
1608  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.EMAIL, ClaimValue.createNull()));
1609  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.EMAIL_VERIFIED, ClaimValue.createNull()));
1610  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.PICTURE, ClaimValue.createEssential(false)));
1611  jwtAuthorizationRequest.addIdTokenClaim(new Claim(JwtClaimName.AUTHENTICATION_TIME, ClaimValue.createNull()));
1612  jwtAuthorizationRequest.addIdTokenClaim(new Claim(JwtClaimName.AUTHENTICATION_CONTEXT_CLASS_REFERENCE, ClaimValue.createValueList(new String[]{"2"})));
1613  jwtAuthorizationRequest.getIdTokenMember().setMaxAge(86400);
1614  String authJwt = jwtAuthorizationRequest.getEncodedJwt();
1615  authorizationRequest.setRequest(authJwt + "INVALID_KEY");
1616 
1617  AuthorizeClient authorizeClient = new AuthorizeClient(authorizationEndpoint);
1618  authorizeClient.setRequest(authorizationRequest);
1619  AuthorizationResponse response = authorizeClient.exec();
1620 
1621  showClient(authorizeClient);
1622  assertEquals(response.getStatus(), 302, "Unexpected response code: " + response.getStatus());
1623  assertNotNull(response.getLocation(), "The location is null");
1624  assertNotNull(response.getErrorType(), "The error type is null");
1625  assertNotNull(response.getErrorDescription(), "The error description is null");
1626  assertNotNull(response.getState(), "The state is null");
1627  } catch (Exception e) {
1628  fail(e.getMessage(), e);
1629  }
1630  }
org.xdi.oxauth.model.common.ResponseType.ID_TOKEN
ID_TOKEN
Definition: ResponseType.java:47
org.xdi.oxauth.BaseTest.registrationEndpoint
String registrationEndpoint
Definition: BaseTest.java:81
org.xdi.oxauth.client.RegisterClient
Definition: RegisterClient.java:34
org.xdi.oxauth.client.BaseRequest.setAuthUsername
void setAuthUsername(String authUsername)
Definition: BaseRequest.java:62
org.xdi.oxauth.client.RegisterResponse
Definition: RegisterResponse.java:34
org.xdi.oxauth.client.AuthorizationResponse.getState
String getState()
Definition: AuthorizationResponse.java:314
org.xdi.oxauth.client.AuthorizeClient.exec
AuthorizationResponse exec()
Definition: AuthorizeClient.java:167
org.xdi.oxauth.client.RegisterRequest.setSectorIdentifierUri
void setSectorIdentifierUri(String sectorIdentifierUri)
Definition: RegisterRequest.java:504
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm
Definition: SignatureAlgorithm.java:20
org.xdi.oxauth.BaseTest.showClient
static void showClient(BaseClient client)
Definition: BaseTest.java:775
org.xdi.oxauth.client.RegisterResponse.getClientSecretExpiresAt
Date getClientSecretExpiresAt()
Definition: RegisterResponse.java:205
org.xdi.oxauth.client.RegisterClient.exec
RegisterResponse exec()
Definition: RegisterClient.java:76
org.xdi.oxauth.client.BaseRequest.setAuthPassword
void setAuthPassword(String authPassword)
Definition: BaseRequest.java:70
org.xdi.oxauth.client.AuthorizeClient
Definition: AuthorizeClient.java:29
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm.HS256
HS256
Definition: SignatureAlgorithm.java:23
org.xdi.oxauth.client.RegisterResponse.getClientSecret
String getClientSecret()
Definition: RegisterResponse.java:160
org.xdi.oxauth.model.register.ApplicationType.WEB
WEB
Definition: ApplicationType.java:28
org.xdi.oxauth.client.AuthorizationResponse.getErrorType
AuthorizeErrorResponseType getErrorType()
Definition: AuthorizationResponse.java:334
org.xdi.oxauth.client.RegisterResponse.getClientId
String getClientId()
Definition: RegisterResponse.java:142
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.client.RegisterRequest.setResponseTypes
void setResponseTypes(List< ResponseType > responseTypes)
Definition: RegisterRequest.java:272
org.xdi.oxauth.client.RegisterRequest
Definition: RegisterRequest.java:37
org.xdi.oxauth.client.AuthorizationRequest.setRequest
void setRequest(String request)
Definition: AuthorizationRequest.java:361
org.xdi.oxauth.model.common.ResponseType.TOKEN
TOKEN
Definition: ResponseType.java:43
org.xdi.oxauth.client.BaseResponse.getLocation
String getLocation()
Definition: BaseResponse.java:58
org.xdi.oxauth.client.BaseResponse.getStatus
int getStatus()
Definition: BaseResponse.java:49
org.xdi.oxauth.client.AuthorizationRequest
Definition: AuthorizationRequest.java:33
org.xdi.oxauth.model.register.ApplicationType
Definition: ApplicationType.java:12
org.xdi.oxauth.model.common.ResponseType
Definition: ResponseType.java:34
org.xdi.oxauth.client.AuthorizationRequest.setState
void setState(String state)
Definition: AuthorizationRequest.java:217
org.xdi.oxauth.BaseTest.authorizationEndpoint
String authorizationEndpoint
Definition: BaseTest.java:72
org.xdi.oxauth.client.AuthorizationResponse.getErrorDescription
String getErrorDescription()
Definition: AuthorizationResponse.java:355
org.xdi.oxauth.client.RegisterRequest.addCustomAttribute
void addCustomAttribute(String p_name, String p_value)
Definition: RegisterRequest.java:925
org.xdi.oxauth.model.crypto.OxAuthCryptoProvider
Definition: OxAuthCryptoProvider.java:62
org.xdi.oxauth.client.RegisterResponse.getRegistrationAccessToken
String getRegistrationAccessToken()
Definition: RegisterResponse.java:173

◆ requestParameterMethodFail3()

void org.xdi.oxauth.ws.rs.OpenIDRequestObjectHttpTest.requestParameterMethodFail3 ( final String  userId,
final String  userSecret,
final String  redirectUris,
final String  redirectUri,
final String  sectorIdentifierUri 
)
inline
1636  {
1637  try {
1638  showTitle("requestParameterMethodFail3");
1639 
1640  List<ResponseType> responseTypes = Arrays.asList(ResponseType.TOKEN, ResponseType.ID_TOKEN);
1641 
1642  // 1. Dynamic Client Registration
1643  RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
1644  StringUtils.spaceSeparatedToList(redirectUris));
1645  registerRequest.setResponseTypes(responseTypes);
1646  registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");
1647  registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
1648 
1649  RegisterClient registerClient = new RegisterClient(registrationEndpoint);
1650  registerClient.setRequest(registerRequest);
1651  RegisterResponse registerResponse = registerClient.exec();
1652 
1653  showClient(registerClient);
1654  assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
1655  assertNotNull(registerResponse.getClientId());
1656  assertNotNull(registerResponse.getClientSecret());
1657  assertNotNull(registerResponse.getRegistrationAccessToken());
1658  assertNotNull(registerResponse.getClientSecretExpiresAt());
1659 
1660  String clientId = registerResponse.getClientId();
1661  String clientSecret = registerResponse.getClientSecret();
1662 
1663  // 2. Authorization Request
1664  OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider();
1665 
1666  List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
1667  String nonce = UUID.randomUUID().toString();
1668  String state = UUID.randomUUID().toString();
1669 
1670  AuthorizationRequest request = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce);
1671  request.setState(state);
1672  request.setAuthUsername(userId);
1673  request.setAuthPassword(userSecret);
1674 
1675  JwtAuthorizationRequest jwtAuthorizationRequest = new JwtAuthorizationRequest(request, SignatureAlgorithm.HS256, clientSecret, cryptoProvider);
1676  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.NAME, ClaimValue.createNull()));
1677  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.NICKNAME, ClaimValue.createEssential(false)));
1678  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.EMAIL, ClaimValue.createNull()));
1679  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.EMAIL_VERIFIED, ClaimValue.createNull()));
1680  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.PICTURE, ClaimValue.createEssential(false)));
1681  jwtAuthorizationRequest.addIdTokenClaim(new Claim(JwtClaimName.AUTHENTICATION_TIME, ClaimValue.createNull()));
1682  jwtAuthorizationRequest.addIdTokenClaim(new Claim(JwtClaimName.AUTHENTICATION_CONTEXT_CLASS_REFERENCE, ClaimValue.createValueList(new String[]{"2"})));
1683  jwtAuthorizationRequest.getIdTokenMember().setMaxAge(86400);
1684  jwtAuthorizationRequest.setClientId("INVALID_CLIENT_ID");
1685  String authJwt = jwtAuthorizationRequest.getEncodedJwt();
1686  request.setRequest(authJwt);
1687 
1688  AuthorizeClient authorizeClient = new AuthorizeClient(authorizationEndpoint);
1689  authorizeClient.setRequest(request);
1690  AuthorizationResponse response = authorizeClient.exec();
1691 
1692  showClient(authorizeClient);
1693  assertEquals(response.getStatus(), 302, "Unexpected response code: " + response.getStatus());
1694  assertNotNull(response.getLocation(), "The location is null");
1695  assertNotNull(response.getErrorType(), "The error type is null");
1696  assertNotNull(response.getErrorDescription(), "The error description is null");
1697  assertNotNull(response.getState(), "The state is null");
1698  } catch (Exception e) {
1699  fail(e.getMessage(), e);
1700  }
1701  }
org.xdi.oxauth.model.common.ResponseType.ID_TOKEN
ID_TOKEN
Definition: ResponseType.java:47
org.xdi.oxauth.BaseTest.registrationEndpoint
String registrationEndpoint
Definition: BaseTest.java:81
org.xdi.oxauth.client.RegisterClient
Definition: RegisterClient.java:34
org.xdi.oxauth.client.BaseRequest.setAuthUsername
void setAuthUsername(String authUsername)
Definition: BaseRequest.java:62
org.xdi.oxauth.client.RegisterResponse
Definition: RegisterResponse.java:34
org.xdi.oxauth.client.AuthorizationResponse.getState
String getState()
Definition: AuthorizationResponse.java:314
org.xdi.oxauth.client.AuthorizeClient.exec
AuthorizationResponse exec()
Definition: AuthorizeClient.java:167
org.xdi.oxauth.client.RegisterRequest.setSectorIdentifierUri
void setSectorIdentifierUri(String sectorIdentifierUri)
Definition: RegisterRequest.java:504
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm
Definition: SignatureAlgorithm.java:20
org.xdi.oxauth.BaseTest.showClient
static void showClient(BaseClient client)
Definition: BaseTest.java:775
org.xdi.oxauth.client.RegisterResponse.getClientSecretExpiresAt
Date getClientSecretExpiresAt()
Definition: RegisterResponse.java:205
org.xdi.oxauth.client.RegisterClient.exec
RegisterResponse exec()
Definition: RegisterClient.java:76
org.xdi.oxauth.client.BaseRequest.setAuthPassword
void setAuthPassword(String authPassword)
Definition: BaseRequest.java:70
org.xdi.oxauth.client.AuthorizeClient
Definition: AuthorizeClient.java:29
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm.HS256
HS256
Definition: SignatureAlgorithm.java:23
org.xdi.oxauth.client.RegisterResponse.getClientSecret
String getClientSecret()
Definition: RegisterResponse.java:160
org.xdi.oxauth.model.register.ApplicationType.WEB
WEB
Definition: ApplicationType.java:28
org.xdi.oxauth.client.AuthorizationResponse.getErrorType
AuthorizeErrorResponseType getErrorType()
Definition: AuthorizationResponse.java:334
org.xdi.oxauth.client.RegisterResponse.getClientId
String getClientId()
Definition: RegisterResponse.java:142
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.client.RegisterRequest.setResponseTypes
void setResponseTypes(List< ResponseType > responseTypes)
Definition: RegisterRequest.java:272
org.xdi.oxauth.client.RegisterRequest
Definition: RegisterRequest.java:37
org.xdi.oxauth.client.AuthorizationRequest.setRequest
void setRequest(String request)
Definition: AuthorizationRequest.java:361
org.xdi.oxauth.model.common.ResponseType.TOKEN
TOKEN
Definition: ResponseType.java:43
org.xdi.oxauth.client.BaseResponse.getLocation
String getLocation()
Definition: BaseResponse.java:58
org.xdi.oxauth.client.BaseResponse.getStatus
int getStatus()
Definition: BaseResponse.java:49
org.xdi.oxauth.client.AuthorizationRequest
Definition: AuthorizationRequest.java:33
org.xdi.oxauth.model.register.ApplicationType
Definition: ApplicationType.java:12
org.xdi.oxauth.model.common.ResponseType
Definition: ResponseType.java:34
org.xdi.oxauth.client.AuthorizationRequest.setState
void setState(String state)
Definition: AuthorizationRequest.java:217
org.xdi.oxauth.BaseTest.authorizationEndpoint
String authorizationEndpoint
Definition: BaseTest.java:72
org.xdi.oxauth.client.AuthorizationResponse.getErrorDescription
String getErrorDescription()
Definition: AuthorizationResponse.java:355
org.xdi.oxauth.client.RegisterRequest.addCustomAttribute
void addCustomAttribute(String p_name, String p_value)
Definition: RegisterRequest.java:925
org.xdi.oxauth.model.crypto.OxAuthCryptoProvider
Definition: OxAuthCryptoProvider.java:62
org.xdi.oxauth.client.RegisterResponse.getRegistrationAccessToken
String getRegistrationAccessToken()
Definition: RegisterResponse.java:173

◆ requestParameterMethodFail4()

void org.xdi.oxauth.ws.rs.OpenIDRequestObjectHttpTest.requestParameterMethodFail4 ( final String  userId,
final String  userSecret,
final String  redirectUris,
final String  redirectUri,
final String  sectorIdentifierUri 
)
inline
1707  {
1708  try {
1709  showTitle("requestParameterMethodFail4");
1710 
1711  List<ResponseType> responseTypes = Arrays.asList(ResponseType.TOKEN);
1712 
1713  // 1. Dynamic Client Registration
1714  RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
1715  StringUtils.spaceSeparatedToList(redirectUris));
1716  registerRequest.setResponseTypes(responseTypes);
1717  registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");
1718  registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
1719 
1720  RegisterClient registerClient = new RegisterClient(registrationEndpoint);
1721  registerClient.setRequest(registerRequest);
1722  RegisterResponse registerResponse = registerClient.exec();
1723 
1724  showClient(registerClient);
1725  assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
1726  assertNotNull(registerResponse.getClientId());
1727  assertNotNull(registerResponse.getClientSecret());
1728  assertNotNull(registerResponse.getRegistrationAccessToken());
1729  assertNotNull(registerResponse.getClientSecretExpiresAt());
1730 
1731  String clientId = registerResponse.getClientId();
1732  String clientSecret = registerResponse.getClientSecret();
1733 
1734  // 2. Authorization Request
1735  OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider();
1736 
1737  List<String> scopes = Arrays.asList("openid");
1738  String nonce = UUID.randomUUID().toString();
1739  String state = UUID.randomUUID().toString();
1740 
1741  AuthorizationRequest request = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce);
1742  request.setState(state);
1743  request.setAuthUsername(userId);
1744  request.setAuthPassword(userSecret);
1745 
1746  JwtAuthorizationRequest jwtAuthorizationRequest = new JwtAuthorizationRequest(request, SignatureAlgorithm.HS256, clientSecret, cryptoProvider);
1747  jwtAuthorizationRequest.addIdTokenClaim(new Claim(JwtClaimName.SUBJECT_IDENTIFIER, ClaimValue.createSingleValue("INVALID_USER_ID")));
1748  String authJwt = jwtAuthorizationRequest.getEncodedJwt();
1749  request.setRequest(authJwt);
1750 
1751  AuthorizeClient authorizeClient = new AuthorizeClient(authorizationEndpoint);
1752  authorizeClient.setRequest(request);
1753  AuthorizationResponse response = authorizeClient.exec();
1754 
1755  showClient(authorizeClient);
1756  assertEquals(response.getStatus(), 302, "Unexpected response code: " + response.getStatus());
1757  assertNotNull(response.getLocation(), "The location is null");
1758  assertNotNull(response.getErrorType(), "The error type is null");
1759  assertNotNull(response.getErrorDescription(), "The error description is null");
1760  assertNotNull(response.getState(), "The state is null");
1761  } catch (Exception e) {
1762  fail(e.getMessage(), e);
1763  }
1764  }
org.xdi.oxauth.BaseTest.registrationEndpoint
String registrationEndpoint
Definition: BaseTest.java:81
org.xdi.oxauth.client.RegisterClient
Definition: RegisterClient.java:34
org.xdi.oxauth.client.BaseRequest.setAuthUsername
void setAuthUsername(String authUsername)
Definition: BaseRequest.java:62
org.xdi.oxauth.client.RegisterResponse
Definition: RegisterResponse.java:34
org.xdi.oxauth.client.AuthorizationResponse.getState
String getState()
Definition: AuthorizationResponse.java:314
org.xdi.oxauth.client.AuthorizeClient.exec
AuthorizationResponse exec()
Definition: AuthorizeClient.java:167
org.xdi.oxauth.client.RegisterRequest.setSectorIdentifierUri
void setSectorIdentifierUri(String sectorIdentifierUri)
Definition: RegisterRequest.java:504
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm
Definition: SignatureAlgorithm.java:20
org.xdi.oxauth.BaseTest.showClient
static void showClient(BaseClient client)
Definition: BaseTest.java:775
org.xdi.oxauth.client.RegisterResponse.getClientSecretExpiresAt
Date getClientSecretExpiresAt()
Definition: RegisterResponse.java:205
org.xdi.oxauth.client.RegisterClient.exec
RegisterResponse exec()
Definition: RegisterClient.java:76
org.xdi.oxauth.client.BaseRequest.setAuthPassword
void setAuthPassword(String authPassword)
Definition: BaseRequest.java:70
org.xdi.oxauth.client.AuthorizeClient
Definition: AuthorizeClient.java:29
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm.HS256
HS256
Definition: SignatureAlgorithm.java:23
org.xdi.oxauth.client.RegisterResponse.getClientSecret
String getClientSecret()
Definition: RegisterResponse.java:160
org.xdi.oxauth.model.register.ApplicationType.WEB
WEB
Definition: ApplicationType.java:28
org.xdi.oxauth.client.AuthorizationResponse.getErrorType
AuthorizeErrorResponseType getErrorType()
Definition: AuthorizationResponse.java:334
org.xdi.oxauth.client.RegisterResponse.getClientId
String getClientId()
Definition: RegisterResponse.java:142
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.client.RegisterRequest.setResponseTypes
void setResponseTypes(List< ResponseType > responseTypes)
Definition: RegisterRequest.java:272
org.xdi.oxauth.client.RegisterRequest
Definition: RegisterRequest.java:37
org.xdi.oxauth.client.AuthorizationRequest.setRequest
void setRequest(String request)
Definition: AuthorizationRequest.java:361
org.xdi.oxauth.model.common.ResponseType.TOKEN
TOKEN
Definition: ResponseType.java:43
org.xdi.oxauth.client.BaseResponse.getLocation
String getLocation()
Definition: BaseResponse.java:58
org.xdi.oxauth.client.BaseResponse.getStatus
int getStatus()
Definition: BaseResponse.java:49
org.xdi.oxauth.client.AuthorizationRequest
Definition: AuthorizationRequest.java:33
org.xdi.oxauth.model.register.ApplicationType
Definition: ApplicationType.java:12
org.xdi.oxauth.model.common.ResponseType
Definition: ResponseType.java:34
org.xdi.oxauth.client.AuthorizationRequest.setState
void setState(String state)
Definition: AuthorizationRequest.java:217
org.xdi.oxauth.BaseTest.authorizationEndpoint
String authorizationEndpoint
Definition: BaseTest.java:72
org.xdi.oxauth.client.AuthorizationResponse.getErrorDescription
String getErrorDescription()
Definition: AuthorizationResponse.java:355
org.xdi.oxauth.client.RegisterRequest.addCustomAttribute
void addCustomAttribute(String p_name, String p_value)
Definition: RegisterRequest.java:925
org.xdi.oxauth.model.crypto.OxAuthCryptoProvider
Definition: OxAuthCryptoProvider.java:62
org.xdi.oxauth.client.RegisterResponse.getRegistrationAccessToken
String getRegistrationAccessToken()
Definition: RegisterResponse.java:173

◆ requestParameterMethodRS256()

void org.xdi.oxauth.ws.rs.OpenIDRequestObjectHttpTest.requestParameterMethodRS256 ( final String  userId,
final String  userSecret,
final String  redirectUri,
final String  redirectUris,
final String  jwksUri,
final String  keyId,
final String  dnName,
final String  keyStoreFile,
final String  keyStoreSecret,
final String  sectorIdentifierUri 
) throws Exception
inline
451  {
452  showTitle("requestParameterMethodRS256");
453 
454  List<ResponseType> responseTypes = Arrays.asList(ResponseType.TOKEN, ResponseType.ID_TOKEN);
455 
456  // 1. Dynamic Client Registration
457  RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
458  StringUtils.spaceSeparatedToList(redirectUris));
459  registerRequest.setResponseTypes(responseTypes);
460  registerRequest.setJwksUri(jwksUri);
461  registerRequest.setRequestObjectSigningAlg(SignatureAlgorithm.RS256);
462  registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");
463  registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
464 
465  RegisterClient registerClient = new RegisterClient(registrationEndpoint);
466  registerClient.setRequest(registerRequest);
467  RegisterResponse response = registerClient.exec();
468 
469  showClient(registerClient);
470  assertEquals(response.getStatus(), 200, "Unexpected response code: " + response.getEntity());
471  assertNotNull(response.getClientId());
472  assertNotNull(response.getClientSecret());
473  assertNotNull(response.getRegistrationAccessToken());
474  assertNotNull(response.getClientSecretExpiresAt());
475 
476  String clientId = response.getClientId();
477 
478  // 2. Request authorization
479  OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
480 
481  List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
482  String nonce = UUID.randomUUID().toString();
483  String state = UUID.randomUUID().toString();
484 
485  AuthorizationRequest request = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce);
486  request.setState(state);
487  request.setAuthUsername(userId);
488  request.setAuthPassword(userSecret);
489  request.getPrompts().add(Prompt.NONE);
490 
491  JwtAuthorizationRequest jwtAuthorizationRequest = new JwtAuthorizationRequest(request, SignatureAlgorithm.RS256, cryptoProvider);
492  jwtAuthorizationRequest.setKeyId(keyId);
493  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.NAME, ClaimValue.createNull()));
494  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.NICKNAME, ClaimValue.createEssential(false)));
495  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.EMAIL, ClaimValue.createNull()));
496  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.EMAIL_VERIFIED, ClaimValue.createNull()));
497  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.PICTURE, ClaimValue.createEssential(false)));
498  jwtAuthorizationRequest.addIdTokenClaim(new Claim(JwtClaimName.AUTHENTICATION_TIME, ClaimValue.createNull()));
499  jwtAuthorizationRequest.addIdTokenClaim(new Claim(JwtClaimName.AUTHENTICATION_CONTEXT_CLASS_REFERENCE, ClaimValue.createValueList(new String[]{"2"})));
500  jwtAuthorizationRequest.getIdTokenMember().setMaxAge(86400);
501  String authJwt = jwtAuthorizationRequest.getEncodedJwt();
502  request.setRequest(authJwt);
503 
504  AuthorizeClient authorizeClient = new AuthorizeClient(authorizationEndpoint);
505  authorizeClient.setRequest(request);
506  AuthorizationResponse response1 = authorizeClient.exec();
507 
508  showClient(authorizeClient);
509  assertEquals(response1.getStatus(), 302, "Unexpected response code: " + response1.getStatus());
510  assertNotNull(response1.getLocation(), "The location is null");
511  assertNotNull(response1.getAccessToken(), "The accessToken is null");
512  assertNotNull(response1.getTokenType(), "The tokenType is null");
513  assertNotNull(response1.getIdToken(), "The idToken is null");
514  assertNotNull(response1.getState(), "The state is null");
515 
516  String accessToken = response1.getAccessToken();
517 
518  // 3. Request user info
519  UserInfoClient userInfoClient = new UserInfoClient(userInfoEndpoint);
520  UserInfoResponse response3 = userInfoClient.execUserInfo(accessToken);
521 
522  showClient(userInfoClient);
523  assertEquals(response3.getStatus(), 200, "Unexpected response code: " + response3.getStatus());
524  assertNotNull(response3.getClaim(JwtClaimName.SUBJECT_IDENTIFIER));
525  assertNotNull(response3.getClaim(JwtClaimName.NAME));
526  assertNotNull(response3.getClaim(JwtClaimName.GIVEN_NAME));
527  assertNotNull(response3.getClaim(JwtClaimName.FAMILY_NAME));
528  assertNotNull(response3.getClaim(JwtClaimName.EMAIL));
529  assertNotNull(response3.getClaim(JwtClaimName.ZONEINFO));
530  assertNotNull(response3.getClaim(JwtClaimName.LOCALE));
531  }
org.xdi.oxauth.model.common.ResponseType.ID_TOKEN
ID_TOKEN
Definition: ResponseType.java:47
org.xdi.oxauth.BaseTest.registrationEndpoint
String registrationEndpoint
Definition: BaseTest.java:81
org.xdi.oxauth.client.RegisterClient
Definition: RegisterClient.java:34
org.xdi.oxauth.client.AuthorizationResponse.getIdToken
String getIdToken()
Definition: AuthorizationResponse.java:295
org.xdi.oxauth.client.UserInfoClient.execUserInfo
UserInfoResponse execUserInfo(String accessToken)
Definition: UserInfoClient.java:66
org.xdi.oxauth.BaseTest.jwksUri
String jwksUri
Definition: BaseTest.java:80
org.xdi.oxauth.client.BaseRequest.setAuthUsername
void setAuthUsername(String authUsername)
Definition: BaseRequest.java:62
org.xdi.oxauth.client.RegisterResponse
Definition: RegisterResponse.java:34
org.xdi.oxauth.client.AuthorizationRequest.getPrompts
List< Prompt > getPrompts()
Definition: AuthorizationRequest.java:275
org.xdi.oxauth.client.AuthorizationResponse.getState
String getState()
Definition: AuthorizationResponse.java:314
org.xdi.oxauth.client.AuthorizeClient.exec
AuthorizationResponse exec()
Definition: AuthorizeClient.java:167
org.xdi.oxauth.client.RegisterRequest.setSectorIdentifierUri
void setSectorIdentifierUri(String sectorIdentifierUri)
Definition: RegisterRequest.java:504
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm
Definition: SignatureAlgorithm.java:20
org.xdi.oxauth.BaseTest.showClient
static void showClient(BaseClient client)
Definition: BaseTest.java:775
org.xdi.oxauth.client.RegisterRequest.setJwksUri
void setJwksUri(String jwksUri)
Definition: RegisterRequest.java:454
org.xdi.oxauth.client.RegisterResponse.getClientSecretExpiresAt
Date getClientSecretExpiresAt()
Definition: RegisterResponse.java:205
org.xdi.oxauth.client.RegisterClient.exec
RegisterResponse exec()
Definition: RegisterClient.java:76
org.xdi.oxauth.client.BaseRequest.setAuthPassword
void setAuthPassword(String authPassword)
Definition: BaseRequest.java:70
org.xdi.oxauth.client.AuthorizeClient
Definition: AuthorizeClient.java:29
org.xdi.oxauth.client.RegisterResponse.getClientSecret
String getClientSecret()
Definition: RegisterResponse.java:160
org.xdi.oxauth.model.register.ApplicationType.WEB
WEB
Definition: ApplicationType.java:28
org.xdi.oxauth.model.common.Prompt.NONE
NONE
Definition: Prompt.java:27
org.xdi.oxauth.client.RegisterRequest.setRequestObjectSigningAlg
void setRequestObjectSigningAlg(SignatureAlgorithm requestObjectSigningAlg)
Definition: RegisterRequest.java:664
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm.RS256
RS256
Definition: SignatureAlgorithm.java:26
org.xdi.oxauth.client.AuthorizationResponse.getTokenType
TokenType getTokenType()
Definition: AuthorizationResponse.java:237
org.xdi.oxauth.client.UserInfoResponse.getClaim
List< String > getClaim(String claimName)
Definition: UserInfoResponse.java:109
org.xdi.oxauth.client.RegisterResponse.getClientId
String getClientId()
Definition: RegisterResponse.java:142
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.client.RegisterRequest.setResponseTypes
void setResponseTypes(List< ResponseType > responseTypes)
Definition: RegisterRequest.java:272
org.xdi.oxauth.client.RegisterRequest
Definition: RegisterRequest.java:37
org.xdi.oxauth.model.common.Prompt
Definition: Prompt.java:18
org.xdi.oxauth.client.UserInfoClient
Definition: UserInfoClient.java:34
org.xdi.oxauth.BaseTest.userInfoEndpoint
String userInfoEndpoint
Definition: BaseTest.java:76
org.xdi.oxauth.client.AuthorizationRequest.setRequest
void setRequest(String request)
Definition: AuthorizationRequest.java:361
org.xdi.oxauth.model.common.ResponseType.TOKEN
TOKEN
Definition: ResponseType.java:43
org.xdi.oxauth.client.BaseResponse.getLocation
String getLocation()
Definition: BaseResponse.java:58
org.xdi.oxauth.client.BaseResponse.getStatus
int getStatus()
Definition: BaseResponse.java:49
org.xdi.oxauth.client.AuthorizationRequest
Definition: AuthorizationRequest.java:33
org.xdi.oxauth.model.register.ApplicationType
Definition: ApplicationType.java:12
org.xdi.oxauth.model.common.ResponseType
Definition: ResponseType.java:34
org.xdi.oxauth.client.AuthorizationRequest.setState
void setState(String state)
Definition: AuthorizationRequest.java:217
org.xdi.oxauth.BaseTest.authorizationEndpoint
String authorizationEndpoint
Definition: BaseTest.java:72
org.xdi.oxauth.client.UserInfoResponse
Definition: UserInfoResponse.java:20
org.xdi.oxauth.client.AuthorizationResponse.getAccessToken
String getAccessToken()
Definition: AuthorizationResponse.java:185
org.xdi.oxauth.client.RegisterRequest.addCustomAttribute
void addCustomAttribute(String p_name, String p_value)
Definition: RegisterRequest.java:925
org.xdi.oxauth.model.crypto.OxAuthCryptoProvider
Definition: OxAuthCryptoProvider.java:62
org.xdi.oxauth.client.RegisterResponse.getRegistrationAccessToken
String getRegistrationAccessToken()
Definition: RegisterResponse.java:173

◆ requestParameterMethodRS256X509Cert()

void org.xdi.oxauth.ws.rs.OpenIDRequestObjectHttpTest.requestParameterMethodRS256X509Cert ( final String  userId,
final String  userSecret,
final String  redirectUri,
final String  redirectUris,
final String  jwksUri,
final String  keyId,
final String  dnName,
final String  keyStoreFile,
final String  keyStoreSecret,
final String  sectorIdentifierUri 
) throws Exception
inline
982  {
983  showTitle("requestParameterMethodRS256X509Cert");
984 
985  List<ResponseType> responseTypes = Arrays.asList(ResponseType.TOKEN, ResponseType.ID_TOKEN);
986 
987  // 1. Dynamic Client Registration
988  RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
989  StringUtils.spaceSeparatedToList(redirectUris));
990  registerRequest.setResponseTypes(responseTypes);
991  registerRequest.setJwksUri(jwksUri);
992  registerRequest.setRequestObjectSigningAlg(SignatureAlgorithm.RS256);
993  registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");
994  registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
995 
996  RegisterClient registerClient = new RegisterClient(registrationEndpoint);
997  registerClient.setRequest(registerRequest);
998  RegisterResponse response = registerClient.exec();
999 
1000  showClient(registerClient);
1001  assertEquals(response.getStatus(), 200, "Unexpected response code: " + response.getEntity());
1002  assertNotNull(response.getClientId());
1003  assertNotNull(response.getClientSecret());
1004  assertNotNull(response.getRegistrationAccessToken());
1005  assertNotNull(response.getClientSecretExpiresAt());
1006 
1007  String clientId = response.getClientId();
1008 
1009  // 2. Request authorization
1010  OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
1011 
1012  List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
1013  String nonce = UUID.randomUUID().toString();
1014  String state = UUID.randomUUID().toString();
1015 
1016  AuthorizationRequest request = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce);
1017  request.setState(state);
1018  request.setAuthUsername(userId);
1019  request.setAuthPassword(userSecret);
1020  request.getPrompts().add(Prompt.NONE);
1021 
1022  JwtAuthorizationRequest jwtAuthorizationRequest = new JwtAuthorizationRequest(request, SignatureAlgorithm.RS256, cryptoProvider);
1023  jwtAuthorizationRequest.setKeyId(keyId);
1024  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.NAME, ClaimValue.createNull()));
1025  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.NICKNAME, ClaimValue.createEssential(false)));
1026  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.EMAIL, ClaimValue.createNull()));
1027  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.EMAIL_VERIFIED, ClaimValue.createNull()));
1028  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.PICTURE, ClaimValue.createEssential(false)));
1029  jwtAuthorizationRequest.addIdTokenClaim(new Claim(JwtClaimName.AUTHENTICATION_TIME, ClaimValue.createNull()));
1030  jwtAuthorizationRequest.addIdTokenClaim(new Claim(JwtClaimName.AUTHENTICATION_CONTEXT_CLASS_REFERENCE, ClaimValue.createValueList(new String[]{"2"})));
1031  jwtAuthorizationRequest.getIdTokenMember().setMaxAge(86400);
1032  String authJwt = jwtAuthorizationRequest.getEncodedJwt();
1033  request.setRequest(authJwt);
1034 
1035  AuthorizeClient authorizeClient = new AuthorizeClient(authorizationEndpoint);
1036  authorizeClient.setRequest(request);
1037  AuthorizationResponse response1 = authorizeClient.exec();
1038 
1039  showClient(authorizeClient);
1040  assertEquals(response1.getStatus(), 302, "Unexpected response code: " + response1.getStatus());
1041  assertNotNull(response1.getLocation(), "The location is null");
1042  assertNotNull(response1.getAccessToken(), "The accessToken is null");
1043  assertNotNull(response1.getTokenType(), "The tokenType is null");
1044  assertNotNull(response1.getIdToken(), "The idToken is null");
1045  assertNotNull(response1.getState(), "The state is null");
1046 
1047  String accessToken = response1.getAccessToken();
1048 
1049  // 3. Request user info
1050  UserInfoClient userInfoClient = new UserInfoClient(userInfoEndpoint);
1051  UserInfoResponse response3 = userInfoClient.execUserInfo(accessToken);
1052 
1053  showClient(userInfoClient);
1054  assertEquals(response3.getStatus(), 200, "Unexpected response code: " + response3.getStatus());
1055  assertNotNull(response3.getClaim(JwtClaimName.SUBJECT_IDENTIFIER));
1056  assertNotNull(response3.getClaim(JwtClaimName.NAME));
1057  assertNotNull(response3.getClaim(JwtClaimName.GIVEN_NAME));
1058  assertNotNull(response3.getClaim(JwtClaimName.FAMILY_NAME));
1059  assertNotNull(response3.getClaim(JwtClaimName.EMAIL));
1060  assertNotNull(response3.getClaim(JwtClaimName.ZONEINFO));
1061  assertNotNull(response3.getClaim(JwtClaimName.LOCALE));
1062  }
org.xdi.oxauth.model.common.ResponseType.ID_TOKEN
ID_TOKEN
Definition: ResponseType.java:47
org.xdi.oxauth.BaseTest.registrationEndpoint
String registrationEndpoint
Definition: BaseTest.java:81
org.xdi.oxauth.client.RegisterClient
Definition: RegisterClient.java:34
org.xdi.oxauth.client.AuthorizationResponse.getIdToken
String getIdToken()
Definition: AuthorizationResponse.java:295
org.xdi.oxauth.client.UserInfoClient.execUserInfo
UserInfoResponse execUserInfo(String accessToken)
Definition: UserInfoClient.java:66
org.xdi.oxauth.BaseTest.jwksUri
String jwksUri
Definition: BaseTest.java:80
org.xdi.oxauth.client.BaseRequest.setAuthUsername
void setAuthUsername(String authUsername)
Definition: BaseRequest.java:62
org.xdi.oxauth.client.RegisterResponse
Definition: RegisterResponse.java:34
org.xdi.oxauth.client.AuthorizationRequest.getPrompts
List< Prompt > getPrompts()
Definition: AuthorizationRequest.java:275
org.xdi.oxauth.client.AuthorizationResponse.getState
String getState()
Definition: AuthorizationResponse.java:314
org.xdi.oxauth.client.AuthorizeClient.exec
AuthorizationResponse exec()
Definition: AuthorizeClient.java:167
org.xdi.oxauth.client.RegisterRequest.setSectorIdentifierUri
void setSectorIdentifierUri(String sectorIdentifierUri)
Definition: RegisterRequest.java:504
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm
Definition: SignatureAlgorithm.java:20
org.xdi.oxauth.BaseTest.showClient
static void showClient(BaseClient client)
Definition: BaseTest.java:775
org.xdi.oxauth.client.RegisterRequest.setJwksUri
void setJwksUri(String jwksUri)
Definition: RegisterRequest.java:454
org.xdi.oxauth.client.RegisterResponse.getClientSecretExpiresAt
Date getClientSecretExpiresAt()
Definition: RegisterResponse.java:205
org.xdi.oxauth.client.RegisterClient.exec
RegisterResponse exec()
Definition: RegisterClient.java:76
org.xdi.oxauth.client.BaseRequest.setAuthPassword
void setAuthPassword(String authPassword)
Definition: BaseRequest.java:70
org.xdi.oxauth.client.AuthorizeClient
Definition: AuthorizeClient.java:29
org.xdi.oxauth.client.RegisterResponse.getClientSecret
String getClientSecret()
Definition: RegisterResponse.java:160
org.xdi.oxauth.model.register.ApplicationType.WEB
WEB
Definition: ApplicationType.java:28
org.xdi.oxauth.model.common.Prompt.NONE
NONE
Definition: Prompt.java:27
org.xdi.oxauth.client.RegisterRequest.setRequestObjectSigningAlg
void setRequestObjectSigningAlg(SignatureAlgorithm requestObjectSigningAlg)
Definition: RegisterRequest.java:664
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm.RS256
RS256
Definition: SignatureAlgorithm.java:26
org.xdi.oxauth.client.AuthorizationResponse.getTokenType
TokenType getTokenType()
Definition: AuthorizationResponse.java:237
org.xdi.oxauth.client.UserInfoResponse.getClaim
List< String > getClaim(String claimName)
Definition: UserInfoResponse.java:109
org.xdi.oxauth.client.RegisterResponse.getClientId
String getClientId()
Definition: RegisterResponse.java:142
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.client.RegisterRequest.setResponseTypes
void setResponseTypes(List< ResponseType > responseTypes)
Definition: RegisterRequest.java:272
org.xdi.oxauth.client.RegisterRequest
Definition: RegisterRequest.java:37
org.xdi.oxauth.model.common.Prompt
Definition: Prompt.java:18
org.xdi.oxauth.client.UserInfoClient
Definition: UserInfoClient.java:34
org.xdi.oxauth.BaseTest.userInfoEndpoint
String userInfoEndpoint
Definition: BaseTest.java:76
org.xdi.oxauth.client.AuthorizationRequest.setRequest
void setRequest(String request)
Definition: AuthorizationRequest.java:361
org.xdi.oxauth.model.common.ResponseType.TOKEN
TOKEN
Definition: ResponseType.java:43
org.xdi.oxauth.client.BaseResponse.getLocation
String getLocation()
Definition: BaseResponse.java:58
org.xdi.oxauth.client.BaseResponse.getStatus
int getStatus()
Definition: BaseResponse.java:49
org.xdi.oxauth.client.AuthorizationRequest
Definition: AuthorizationRequest.java:33
org.xdi.oxauth.model.register.ApplicationType
Definition: ApplicationType.java:12
org.xdi.oxauth.model.common.ResponseType
Definition: ResponseType.java:34
org.xdi.oxauth.client.AuthorizationRequest.setState
void setState(String state)
Definition: AuthorizationRequest.java:217
org.xdi.oxauth.BaseTest.authorizationEndpoint
String authorizationEndpoint
Definition: BaseTest.java:72
org.xdi.oxauth.client.UserInfoResponse
Definition: UserInfoResponse.java:20
org.xdi.oxauth.client.AuthorizationResponse.getAccessToken
String getAccessToken()
Definition: AuthorizationResponse.java:185
org.xdi.oxauth.client.RegisterRequest.addCustomAttribute
void addCustomAttribute(String p_name, String p_value)
Definition: RegisterRequest.java:925
org.xdi.oxauth.model.crypto.OxAuthCryptoProvider
Definition: OxAuthCryptoProvider.java:62
org.xdi.oxauth.client.RegisterResponse.getRegistrationAccessToken
String getRegistrationAccessToken()
Definition: RegisterResponse.java:173

◆ requestParameterMethodRS384()

void org.xdi.oxauth.ws.rs.OpenIDRequestObjectHttpTest.requestParameterMethodRS384 ( final String  userId,
final String  userSecret,
final String  redirectUri,
final String  redirectUris,
final String  jwksUri,
final String  keyId,
final String  dnName,
final String  keyStoreFile,
final String  keyStoreSecret,
final String  sectorIdentifierUri 
) throws Exception
inline
539  {
540  showTitle("requestParameterMethodRS384");
541 
542  List<ResponseType> responseTypes = Arrays.asList(ResponseType.TOKEN, ResponseType.ID_TOKEN);
543 
544  // 1. Dynamic Client Registration
545  RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
546  StringUtils.spaceSeparatedToList(redirectUris));
547  registerRequest.setResponseTypes(responseTypes);
548  registerRequest.setJwksUri(jwksUri);
549  registerRequest.setRequestObjectSigningAlg(SignatureAlgorithm.RS384);
550  registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");
551  registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
552 
553  RegisterClient registerClient = new RegisterClient(registrationEndpoint);
554  registerClient.setRequest(registerRequest);
555  RegisterResponse response = registerClient.exec();
556 
557  showClient(registerClient);
558  assertEquals(response.getStatus(), 200, "Unexpected response code: " + response.getEntity());
559  assertNotNull(response.getClientId());
560  assertNotNull(response.getClientSecret());
561  assertNotNull(response.getRegistrationAccessToken());
562  assertNotNull(response.getClientSecretExpiresAt());
563 
564  String clientId = response.getClientId();
565 
566  // 2. Request authorization
567  OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
568 
569  List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
570  String nonce = UUID.randomUUID().toString();
571  String state = UUID.randomUUID().toString();
572 
573  AuthorizationRequest request = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce);
574  request.setState(state);
575  request.setAuthUsername(userId);
576  request.setAuthPassword(userSecret);
577  request.getPrompts().add(Prompt.NONE);
578 
579  JwtAuthorizationRequest jwtAuthorizationRequest = new JwtAuthorizationRequest(
580  request, SignatureAlgorithm.RS384, cryptoProvider);
581  jwtAuthorizationRequest.setKeyId(keyId);
582  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.NAME, ClaimValue.createNull()));
583  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.NICKNAME, ClaimValue.createEssential(false)));
584  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.EMAIL, ClaimValue.createNull()));
585  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.EMAIL_VERIFIED, ClaimValue.createNull()));
586  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.PICTURE, ClaimValue.createEssential(false)));
587  jwtAuthorizationRequest.addIdTokenClaim(new Claim(JwtClaimName.AUTHENTICATION_TIME, ClaimValue.createNull()));
588  jwtAuthorizationRequest.addIdTokenClaim(new Claim(JwtClaimName.AUTHENTICATION_CONTEXT_CLASS_REFERENCE, ClaimValue.createValueList(new String[]{"2"})));
589  jwtAuthorizationRequest.getIdTokenMember().setMaxAge(86400);
590  String authJwt = jwtAuthorizationRequest.getEncodedJwt();
591  request.setRequest(authJwt);
592 
593  AuthorizeClient authorizeClient = new AuthorizeClient(authorizationEndpoint);
594  authorizeClient.setRequest(request);
595  AuthorizationResponse response1 = authorizeClient.exec();
596 
597  showClient(authorizeClient);
598  assertEquals(response1.getStatus(), 302, "Unexpected response code: " + response1.getStatus());
599  assertNotNull(response1.getLocation(), "The location is null");
600  assertNotNull(response1.getAccessToken(), "The accessToken is null");
601  assertNotNull(response1.getTokenType(), "The tokenType is null");
602  assertNotNull(response1.getIdToken(), "The idToken is null");
603  assertNotNull(response1.getState(), "The state is null");
604 
605  String accessToken = response1.getAccessToken();
606 
607  // 3. Request user info
608  UserInfoClient userInfoClient = new UserInfoClient(userInfoEndpoint);
609  UserInfoResponse response3 = userInfoClient.execUserInfo(accessToken);
610 
611  showClient(userInfoClient);
612  assertEquals(response3.getStatus(), 200, "Unexpected response code: " + response3.getStatus());
613  assertNotNull(response3.getClaim(JwtClaimName.SUBJECT_IDENTIFIER));
614  assertNotNull(response3.getClaim(JwtClaimName.NAME));
615  assertNotNull(response3.getClaim(JwtClaimName.GIVEN_NAME));
616  assertNotNull(response3.getClaim(JwtClaimName.FAMILY_NAME));
617  assertNotNull(response3.getClaim(JwtClaimName.EMAIL));
618  assertNotNull(response3.getClaim(JwtClaimName.ZONEINFO));
619  assertNotNull(response3.getClaim(JwtClaimName.LOCALE));
620  }
org.xdi.oxauth.model.common.ResponseType.ID_TOKEN
ID_TOKEN
Definition: ResponseType.java:47
org.xdi.oxauth.BaseTest.registrationEndpoint
String registrationEndpoint
Definition: BaseTest.java:81
org.xdi.oxauth.client.RegisterClient
Definition: RegisterClient.java:34
org.xdi.oxauth.client.AuthorizationResponse.getIdToken
String getIdToken()
Definition: AuthorizationResponse.java:295
org.xdi.oxauth.client.UserInfoClient.execUserInfo
UserInfoResponse execUserInfo(String accessToken)
Definition: UserInfoClient.java:66
org.xdi.oxauth.BaseTest.jwksUri
String jwksUri
Definition: BaseTest.java:80
org.xdi.oxauth.client.BaseRequest.setAuthUsername
void setAuthUsername(String authUsername)
Definition: BaseRequest.java:62
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm.RS384
RS384
Definition: SignatureAlgorithm.java:27
org.xdi.oxauth.client.RegisterResponse
Definition: RegisterResponse.java:34
org.xdi.oxauth.client.AuthorizationRequest.getPrompts
List< Prompt > getPrompts()
Definition: AuthorizationRequest.java:275
org.xdi.oxauth.client.AuthorizationResponse.getState
String getState()
Definition: AuthorizationResponse.java:314
org.xdi.oxauth.client.AuthorizeClient.exec
AuthorizationResponse exec()
Definition: AuthorizeClient.java:167
org.xdi.oxauth.client.RegisterRequest.setSectorIdentifierUri
void setSectorIdentifierUri(String sectorIdentifierUri)
Definition: RegisterRequest.java:504
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm
Definition: SignatureAlgorithm.java:20
org.xdi.oxauth.BaseTest.showClient
static void showClient(BaseClient client)
Definition: BaseTest.java:775
org.xdi.oxauth.client.RegisterRequest.setJwksUri
void setJwksUri(String jwksUri)
Definition: RegisterRequest.java:454
org.xdi.oxauth.client.RegisterResponse.getClientSecretExpiresAt
Date getClientSecretExpiresAt()
Definition: RegisterResponse.java:205
org.xdi.oxauth.client.RegisterClient.exec
RegisterResponse exec()
Definition: RegisterClient.java:76
org.xdi.oxauth.client.BaseRequest.setAuthPassword
void setAuthPassword(String authPassword)
Definition: BaseRequest.java:70
org.xdi.oxauth.client.AuthorizeClient
Definition: AuthorizeClient.java:29
org.xdi.oxauth.client.RegisterResponse.getClientSecret
String getClientSecret()
Definition: RegisterResponse.java:160
org.xdi.oxauth.model.register.ApplicationType.WEB
WEB
Definition: ApplicationType.java:28
org.xdi.oxauth.model.common.Prompt.NONE
NONE
Definition: Prompt.java:27
org.xdi.oxauth.client.RegisterRequest.setRequestObjectSigningAlg
void setRequestObjectSigningAlg(SignatureAlgorithm requestObjectSigningAlg)
Definition: RegisterRequest.java:664
org.xdi.oxauth.client.AuthorizationResponse.getTokenType
TokenType getTokenType()
Definition: AuthorizationResponse.java:237
org.xdi.oxauth.client.UserInfoResponse.getClaim
List< String > getClaim(String claimName)
Definition: UserInfoResponse.java:109
org.xdi.oxauth.client.RegisterResponse.getClientId
String getClientId()
Definition: RegisterResponse.java:142
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.client.RegisterRequest.setResponseTypes
void setResponseTypes(List< ResponseType > responseTypes)
Definition: RegisterRequest.java:272
org.xdi.oxauth.client.RegisterRequest
Definition: RegisterRequest.java:37
org.xdi.oxauth.model.common.Prompt
Definition: Prompt.java:18
org.xdi.oxauth.client.UserInfoClient
Definition: UserInfoClient.java:34
org.xdi.oxauth.BaseTest.userInfoEndpoint
String userInfoEndpoint
Definition: BaseTest.java:76
org.xdi.oxauth.client.AuthorizationRequest.setRequest
void setRequest(String request)
Definition: AuthorizationRequest.java:361
org.xdi.oxauth.model.common.ResponseType.TOKEN
TOKEN
Definition: ResponseType.java:43
org.xdi.oxauth.client.BaseResponse.getLocation
String getLocation()
Definition: BaseResponse.java:58
org.xdi.oxauth.client.BaseResponse.getStatus
int getStatus()
Definition: BaseResponse.java:49
org.xdi.oxauth.client.AuthorizationRequest
Definition: AuthorizationRequest.java:33
org.xdi.oxauth.model.register.ApplicationType
Definition: ApplicationType.java:12
org.xdi.oxauth.model.common.ResponseType
Definition: ResponseType.java:34
org.xdi.oxauth.client.AuthorizationRequest.setState
void setState(String state)
Definition: AuthorizationRequest.java:217
org.xdi.oxauth.BaseTest.authorizationEndpoint
String authorizationEndpoint
Definition: BaseTest.java:72
org.xdi.oxauth.client.UserInfoResponse
Definition: UserInfoResponse.java:20
org.xdi.oxauth.client.AuthorizationResponse.getAccessToken
String getAccessToken()
Definition: AuthorizationResponse.java:185
org.xdi.oxauth.client.RegisterRequest.addCustomAttribute
void addCustomAttribute(String p_name, String p_value)
Definition: RegisterRequest.java:925
org.xdi.oxauth.model.crypto.OxAuthCryptoProvider
Definition: OxAuthCryptoProvider.java:62
org.xdi.oxauth.client.RegisterResponse.getRegistrationAccessToken
String getRegistrationAccessToken()
Definition: RegisterResponse.java:173

◆ requestParameterMethodRS384X509Cert()

void org.xdi.oxauth.ws.rs.OpenIDRequestObjectHttpTest.requestParameterMethodRS384X509Cert ( final String  userId,
final String  userSecret,
final String  redirectUri,
final String  redirectUris,
final String  jwksUri,
final String  keyId,
final String  dnName,
final String  keyStoreFile,
final String  keyStoreSecret,
final String  sectorIdentifierUri 
) throws Exception
inline
1070  {
1071  showTitle("requestParameterMethodRS384X509Cert");
1072 
1073  List<ResponseType> responseTypes = Arrays.asList(ResponseType.TOKEN, ResponseType.ID_TOKEN);
1074 
1075  // 1. Dynamic Client Registration
1076  RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
1077  StringUtils.spaceSeparatedToList(redirectUris));
1078  registerRequest.setResponseTypes(responseTypes);
1079  registerRequest.setJwksUri(jwksUri);
1080  registerRequest.setRequestObjectSigningAlg(SignatureAlgorithm.RS384);
1081  registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");
1082  registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
1083 
1084  RegisterClient registerClient = new RegisterClient(registrationEndpoint);
1085  registerClient.setRequest(registerRequest);
1086  RegisterResponse response = registerClient.exec();
1087 
1088  showClient(registerClient);
1089  assertEquals(response.getStatus(), 200, "Unexpected response code: " + response.getEntity());
1090  assertNotNull(response.getClientId());
1091  assertNotNull(response.getClientSecret());
1092  assertNotNull(response.getRegistrationAccessToken());
1093  assertNotNull(response.getClientSecretExpiresAt());
1094 
1095  String clientId = response.getClientId();
1096 
1097  // 2. Request authorization
1098  OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
1099 
1100  List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
1101  String nonce = UUID.randomUUID().toString();
1102  String state = UUID.randomUUID().toString();
1103 
1104  AuthorizationRequest request = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce);
1105  request.setState(state);
1106  request.setAuthUsername(userId);
1107  request.setAuthPassword(userSecret);
1108  request.getPrompts().add(Prompt.NONE);
1109 
1110  JwtAuthorizationRequest jwtAuthorizationRequest = new JwtAuthorizationRequest(request, SignatureAlgorithm.RS384, cryptoProvider);
1111  jwtAuthorizationRequest.setKeyId(keyId);
1112  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.NAME, ClaimValue.createNull()));
1113  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.NICKNAME, ClaimValue.createEssential(false)));
1114  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.EMAIL, ClaimValue.createNull()));
1115  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.EMAIL_VERIFIED, ClaimValue.createNull()));
1116  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.PICTURE, ClaimValue.createEssential(false)));
1117  jwtAuthorizationRequest.addIdTokenClaim(new Claim(JwtClaimName.AUTHENTICATION_TIME, ClaimValue.createNull()));
1118  jwtAuthorizationRequest.addIdTokenClaim(new Claim(JwtClaimName.AUTHENTICATION_CONTEXT_CLASS_REFERENCE, ClaimValue.createValueList(new String[]{"2"})));
1119  jwtAuthorizationRequest.getIdTokenMember().setMaxAge(86400);
1120  String authJwt = jwtAuthorizationRequest.getEncodedJwt();
1121  request.setRequest(authJwt);
1122 
1123  AuthorizeClient authorizeClient = new AuthorizeClient(authorizationEndpoint);
1124  authorizeClient.setRequest(request);
1125  AuthorizationResponse response1 = authorizeClient.exec();
1126 
1127  showClient(authorizeClient);
1128  assertEquals(response1.getStatus(), 302, "Unexpected response code: " + response1.getStatus());
1129  assertNotNull(response1.getLocation(), "The location is null");
1130  assertNotNull(response1.getAccessToken(), "The accessToken is null");
1131  assertNotNull(response1.getTokenType(), "The tokenType is null");
1132  assertNotNull(response1.getIdToken(), "The idToken is null");
1133  assertNotNull(response1.getState(), "The state is null");
1134 
1135  String accessToken = response1.getAccessToken();
1136 
1137  // 3. Request user info
1138  UserInfoClient userInfoClient = new UserInfoClient(userInfoEndpoint);
1139  UserInfoResponse response3 = userInfoClient.execUserInfo(accessToken);
1140 
1141  showClient(userInfoClient);
1142  assertEquals(response3.getStatus(), 200, "Unexpected response code: " + response3.getStatus());
1143  assertNotNull(response3.getClaim(JwtClaimName.SUBJECT_IDENTIFIER));
1144  assertNotNull(response3.getClaim(JwtClaimName.NAME));
1145  assertNotNull(response3.getClaim(JwtClaimName.GIVEN_NAME));
1146  assertNotNull(response3.getClaim(JwtClaimName.FAMILY_NAME));
1147  assertNotNull(response3.getClaim(JwtClaimName.EMAIL));
1148  assertNotNull(response3.getClaim(JwtClaimName.ZONEINFO));
1149  assertNotNull(response3.getClaim(JwtClaimName.LOCALE));
1150  }
org.xdi.oxauth.model.common.ResponseType.ID_TOKEN
ID_TOKEN
Definition: ResponseType.java:47
org.xdi.oxauth.BaseTest.registrationEndpoint
String registrationEndpoint
Definition: BaseTest.java:81
org.xdi.oxauth.client.RegisterClient
Definition: RegisterClient.java:34
org.xdi.oxauth.client.AuthorizationResponse.getIdToken
String getIdToken()
Definition: AuthorizationResponse.java:295
org.xdi.oxauth.client.UserInfoClient.execUserInfo
UserInfoResponse execUserInfo(String accessToken)
Definition: UserInfoClient.java:66
org.xdi.oxauth.BaseTest.jwksUri
String jwksUri
Definition: BaseTest.java:80
org.xdi.oxauth.client.BaseRequest.setAuthUsername
void setAuthUsername(String authUsername)
Definition: BaseRequest.java:62
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm.RS384
RS384
Definition: SignatureAlgorithm.java:27
org.xdi.oxauth.client.RegisterResponse
Definition: RegisterResponse.java:34
org.xdi.oxauth.client.AuthorizationRequest.getPrompts
List< Prompt > getPrompts()
Definition: AuthorizationRequest.java:275
org.xdi.oxauth.client.AuthorizationResponse.getState
String getState()
Definition: AuthorizationResponse.java:314
org.xdi.oxauth.client.AuthorizeClient.exec
AuthorizationResponse exec()
Definition: AuthorizeClient.java:167
org.xdi.oxauth.client.RegisterRequest.setSectorIdentifierUri
void setSectorIdentifierUri(String sectorIdentifierUri)
Definition: RegisterRequest.java:504
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm
Definition: SignatureAlgorithm.java:20
org.xdi.oxauth.BaseTest.showClient
static void showClient(BaseClient client)
Definition: BaseTest.java:775
org.xdi.oxauth.client.RegisterRequest.setJwksUri
void setJwksUri(String jwksUri)
Definition: RegisterRequest.java:454
org.xdi.oxauth.client.RegisterResponse.getClientSecretExpiresAt
Date getClientSecretExpiresAt()
Definition: RegisterResponse.java:205
org.xdi.oxauth.client.RegisterClient.exec
RegisterResponse exec()
Definition: RegisterClient.java:76
org.xdi.oxauth.client.BaseRequest.setAuthPassword
void setAuthPassword(String authPassword)
Definition: BaseRequest.java:70
org.xdi.oxauth.client.AuthorizeClient
Definition: AuthorizeClient.java:29
org.xdi.oxauth.client.RegisterResponse.getClientSecret
String getClientSecret()
Definition: RegisterResponse.java:160
org.xdi.oxauth.model.register.ApplicationType.WEB
WEB
Definition: ApplicationType.java:28
org.xdi.oxauth.model.common.Prompt.NONE
NONE
Definition: Prompt.java:27
org.xdi.oxauth.client.RegisterRequest.setRequestObjectSigningAlg
void setRequestObjectSigningAlg(SignatureAlgorithm requestObjectSigningAlg)
Definition: RegisterRequest.java:664
org.xdi.oxauth.client.AuthorizationResponse.getTokenType
TokenType getTokenType()
Definition: AuthorizationResponse.java:237
org.xdi.oxauth.client.UserInfoResponse.getClaim
List< String > getClaim(String claimName)
Definition: UserInfoResponse.java:109
org.xdi.oxauth.client.RegisterResponse.getClientId
String getClientId()
Definition: RegisterResponse.java:142
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.client.RegisterRequest.setResponseTypes
void setResponseTypes(List< ResponseType > responseTypes)
Definition: RegisterRequest.java:272
org.xdi.oxauth.client.RegisterRequest
Definition: RegisterRequest.java:37
org.xdi.oxauth.model.common.Prompt
Definition: Prompt.java:18
org.xdi.oxauth.client.UserInfoClient
Definition: UserInfoClient.java:34
org.xdi.oxauth.BaseTest.userInfoEndpoint
String userInfoEndpoint
Definition: BaseTest.java:76
org.xdi.oxauth.client.AuthorizationRequest.setRequest
void setRequest(String request)
Definition: AuthorizationRequest.java:361
org.xdi.oxauth.model.common.ResponseType.TOKEN
TOKEN
Definition: ResponseType.java:43
org.xdi.oxauth.client.BaseResponse.getLocation
String getLocation()
Definition: BaseResponse.java:58
org.xdi.oxauth.client.BaseResponse.getStatus
int getStatus()
Definition: BaseResponse.java:49
org.xdi.oxauth.client.AuthorizationRequest
Definition: AuthorizationRequest.java:33
org.xdi.oxauth.model.register.ApplicationType
Definition: ApplicationType.java:12
org.xdi.oxauth.model.common.ResponseType
Definition: ResponseType.java:34
org.xdi.oxauth.client.AuthorizationRequest.setState
void setState(String state)
Definition: AuthorizationRequest.java:217
org.xdi.oxauth.BaseTest.authorizationEndpoint
String authorizationEndpoint
Definition: BaseTest.java:72
org.xdi.oxauth.client.UserInfoResponse
Definition: UserInfoResponse.java:20
org.xdi.oxauth.client.AuthorizationResponse.getAccessToken
String getAccessToken()
Definition: AuthorizationResponse.java:185
org.xdi.oxauth.client.RegisterRequest.addCustomAttribute
void addCustomAttribute(String p_name, String p_value)
Definition: RegisterRequest.java:925
org.xdi.oxauth.model.crypto.OxAuthCryptoProvider
Definition: OxAuthCryptoProvider.java:62
org.xdi.oxauth.client.RegisterResponse.getRegistrationAccessToken
String getRegistrationAccessToken()
Definition: RegisterResponse.java:173

◆ requestParameterMethodRS512()

void org.xdi.oxauth.ws.rs.OpenIDRequestObjectHttpTest.requestParameterMethodRS512 ( final String  userId,
final String  userSecret,
final String  redirectUri,
final String  redirectUris,
final String  jwksUri,
final String  keyId,
final String  dnName,
final String  keyStoreFile,
final String  keyStoreSecret,
final String  sectorIdentifierUri 
) throws Exception
inline
628  {
629  showTitle("requestParameterMethodRS512");
630 
631  List<ResponseType> responseTypes = Arrays.asList(ResponseType.TOKEN, ResponseType.ID_TOKEN);
632 
633  // Dynamic Client Registration
634  RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
635  StringUtils.spaceSeparatedToList(redirectUris));
636  registerRequest.setResponseTypes(responseTypes);
637  registerRequest.setJwksUri(jwksUri);
638  registerRequest.setRequestObjectSigningAlg(SignatureAlgorithm.RS512);
639  registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");
640  registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
641 
642  RegisterClient registerClient = new RegisterClient(registrationEndpoint);
643  registerClient.setRequest(registerRequest);
644  RegisterResponse response = registerClient.exec();
645 
646  showClient(registerClient);
647  assertEquals(response.getStatus(), 200, "Unexpected response code: " + response.getEntity());
648  assertNotNull(response.getClientId());
649  assertNotNull(response.getClientSecret());
650  assertNotNull(response.getRegistrationAccessToken());
651  assertNotNull(response.getClientSecretExpiresAt());
652 
653  String clientId = response.getClientId();
654 
655  OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
656 
657  List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
658  String nonce = UUID.randomUUID().toString();
659  String state = UUID.randomUUID().toString();
660 
661  AuthorizationRequest request = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce);
662  request.setState(state);
663  request.setAuthUsername(userId);
664  request.setAuthPassword(userSecret);
665  request.getPrompts().add(Prompt.NONE);
666 
667  JwtAuthorizationRequest jwtAuthorizationRequest = new JwtAuthorizationRequest(request, SignatureAlgorithm.RS512, cryptoProvider);
668  jwtAuthorizationRequest.setKeyId(keyId);
669  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.NAME, ClaimValue.createNull()));
670  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.NICKNAME, ClaimValue.createEssential(false)));
671  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.EMAIL, ClaimValue.createNull()));
672  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.EMAIL_VERIFIED, ClaimValue.createNull()));
673  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.PICTURE, ClaimValue.createEssential(false)));
674  jwtAuthorizationRequest.addIdTokenClaim(new Claim(JwtClaimName.AUTHENTICATION_TIME, ClaimValue.createNull()));
675  jwtAuthorizationRequest.addIdTokenClaim(new Claim(JwtClaimName.AUTHENTICATION_CONTEXT_CLASS_REFERENCE, ClaimValue.createValueList(new String[]{"2"})));
676  jwtAuthorizationRequest.getIdTokenMember().setMaxAge(86400);
677  String authJwt = jwtAuthorizationRequest.getEncodedJwt();
678  request.setRequest(authJwt);
679 
680  AuthorizeClient authorizeClient = new AuthorizeClient(authorizationEndpoint);
681  authorizeClient.setRequest(request);
682  AuthorizationResponse response1 = authorizeClient.exec();
683 
684  showClient(authorizeClient);
685  assertEquals(response1.getStatus(), 302, "Unexpected response code: " + response1.getStatus());
686  assertNotNull(response1.getLocation(), "The location is null");
687  assertNotNull(response1.getAccessToken(), "The accessToken is null");
688  assertNotNull(response1.getTokenType(), "The tokenType is null");
689  assertNotNull(response1.getIdToken(), "The idToken is null");
690  assertNotNull(response1.getState(), "The state is null");
691 
692  String accessToken = response1.getAccessToken();
693 
694  // Request user info
695  UserInfoClient userInfoClient = new UserInfoClient(userInfoEndpoint);
696  UserInfoResponse response3 = userInfoClient.execUserInfo(accessToken);
697 
698  showClient(userInfoClient);
699  assertEquals(response3.getStatus(), 200, "Unexpected response code: " + response3.getStatus());
700  assertNotNull(response3.getClaim(JwtClaimName.SUBJECT_IDENTIFIER));
701  assertNotNull(response3.getClaim(JwtClaimName.NAME));
702  assertNotNull(response3.getClaim(JwtClaimName.GIVEN_NAME));
703  assertNotNull(response3.getClaim(JwtClaimName.FAMILY_NAME));
704  assertNotNull(response3.getClaim(JwtClaimName.EMAIL));
705  assertNotNull(response3.getClaim(JwtClaimName.ZONEINFO));
706  assertNotNull(response3.getClaim(JwtClaimName.LOCALE));
707  }
org.xdi.oxauth.model.common.ResponseType.ID_TOKEN
ID_TOKEN
Definition: ResponseType.java:47
org.xdi.oxauth.BaseTest.registrationEndpoint
String registrationEndpoint
Definition: BaseTest.java:81
org.xdi.oxauth.client.RegisterClient
Definition: RegisterClient.java:34
org.xdi.oxauth.client.AuthorizationResponse.getIdToken
String getIdToken()
Definition: AuthorizationResponse.java:295
org.xdi.oxauth.client.UserInfoClient.execUserInfo
UserInfoResponse execUserInfo(String accessToken)
Definition: UserInfoClient.java:66
org.xdi.oxauth.BaseTest.jwksUri
String jwksUri
Definition: BaseTest.java:80
org.xdi.oxauth.client.BaseRequest.setAuthUsername
void setAuthUsername(String authUsername)
Definition: BaseRequest.java:62
org.xdi.oxauth.client.RegisterResponse
Definition: RegisterResponse.java:34
org.xdi.oxauth.client.AuthorizationRequest.getPrompts
List< Prompt > getPrompts()
Definition: AuthorizationRequest.java:275
org.xdi.oxauth.client.AuthorizationResponse.getState
String getState()
Definition: AuthorizationResponse.java:314
org.xdi.oxauth.client.AuthorizeClient.exec
AuthorizationResponse exec()
Definition: AuthorizeClient.java:167
org.xdi.oxauth.client.RegisterRequest.setSectorIdentifierUri
void setSectorIdentifierUri(String sectorIdentifierUri)
Definition: RegisterRequest.java:504
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm
Definition: SignatureAlgorithm.java:20
org.xdi.oxauth.BaseTest.showClient
static void showClient(BaseClient client)
Definition: BaseTest.java:775
org.xdi.oxauth.client.RegisterRequest.setJwksUri
void setJwksUri(String jwksUri)
Definition: RegisterRequest.java:454
org.xdi.oxauth.client.RegisterResponse.getClientSecretExpiresAt
Date getClientSecretExpiresAt()
Definition: RegisterResponse.java:205
org.xdi.oxauth.client.RegisterClient.exec
RegisterResponse exec()
Definition: RegisterClient.java:76
org.xdi.oxauth.client.BaseRequest.setAuthPassword
void setAuthPassword(String authPassword)
Definition: BaseRequest.java:70
org.xdi.oxauth.client.AuthorizeClient
Definition: AuthorizeClient.java:29
org.xdi.oxauth.client.RegisterResponse.getClientSecret
String getClientSecret()
Definition: RegisterResponse.java:160
org.xdi.oxauth.model.register.ApplicationType.WEB
WEB
Definition: ApplicationType.java:28
org.xdi.oxauth.model.common.Prompt.NONE
NONE
Definition: Prompt.java:27
org.xdi.oxauth.client.RegisterRequest.setRequestObjectSigningAlg
void setRequestObjectSigningAlg(SignatureAlgorithm requestObjectSigningAlg)
Definition: RegisterRequest.java:664
org.xdi.oxauth.client.AuthorizationResponse.getTokenType
TokenType getTokenType()
Definition: AuthorizationResponse.java:237
org.xdi.oxauth.client.UserInfoResponse.getClaim
List< String > getClaim(String claimName)
Definition: UserInfoResponse.java:109
org.xdi.oxauth.client.RegisterResponse.getClientId
String getClientId()
Definition: RegisterResponse.java:142
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.client.RegisterRequest.setResponseTypes
void setResponseTypes(List< ResponseType > responseTypes)
Definition: RegisterRequest.java:272
org.xdi.oxauth.client.RegisterRequest
Definition: RegisterRequest.java:37
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm.RS512
RS512
Definition: SignatureAlgorithm.java:28
org.xdi.oxauth.model.common.Prompt
Definition: Prompt.java:18
org.xdi.oxauth.client.UserInfoClient
Definition: UserInfoClient.java:34
org.xdi.oxauth.BaseTest.userInfoEndpoint
String userInfoEndpoint
Definition: BaseTest.java:76
org.xdi.oxauth.client.AuthorizationRequest.setRequest
void setRequest(String request)
Definition: AuthorizationRequest.java:361
org.xdi.oxauth.model.common.ResponseType.TOKEN
TOKEN
Definition: ResponseType.java:43
org.xdi.oxauth.client.BaseResponse.getLocation
String getLocation()
Definition: BaseResponse.java:58
org.xdi.oxauth.client.BaseResponse.getStatus
int getStatus()
Definition: BaseResponse.java:49
org.xdi.oxauth.client.AuthorizationRequest
Definition: AuthorizationRequest.java:33
org.xdi.oxauth.model.register.ApplicationType
Definition: ApplicationType.java:12
org.xdi.oxauth.model.common.ResponseType
Definition: ResponseType.java:34
org.xdi.oxauth.client.AuthorizationRequest.setState
void setState(String state)
Definition: AuthorizationRequest.java:217
org.xdi.oxauth.BaseTest.authorizationEndpoint
String authorizationEndpoint
Definition: BaseTest.java:72
org.xdi.oxauth.client.UserInfoResponse
Definition: UserInfoResponse.java:20
org.xdi.oxauth.client.AuthorizationResponse.getAccessToken
String getAccessToken()
Definition: AuthorizationResponse.java:185
org.xdi.oxauth.client.RegisterRequest.addCustomAttribute
void addCustomAttribute(String p_name, String p_value)
Definition: RegisterRequest.java:925
org.xdi.oxauth.model.crypto.OxAuthCryptoProvider
Definition: OxAuthCryptoProvider.java:62
org.xdi.oxauth.client.RegisterResponse.getRegistrationAccessToken
String getRegistrationAccessToken()
Definition: RegisterResponse.java:173

◆ requestParameterMethodRS512X509Cert()

void org.xdi.oxauth.ws.rs.OpenIDRequestObjectHttpTest.requestParameterMethodRS512X509Cert ( final String  userId,
final String  userSecret,
final String  redirectUri,
final String  redirectUris,
final String  jwksUri,
final String  keyId,
final String  dnName,
final String  keyStoreFile,
final String  keyStoreSecret,
final String  sectorIdentifierUri 
) throws Exception
inline
1158  {
1159  showTitle("requestParameterMethodRS512X509Cert");
1160 
1161  List<ResponseType> responseTypes = Arrays.asList(ResponseType.TOKEN, ResponseType.ID_TOKEN);
1162 
1163  // 1. Dynamic Client Registration
1164  RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
1165  StringUtils.spaceSeparatedToList(redirectUris));
1166  registerRequest.setResponseTypes(responseTypes);
1167  registerRequest.setJwksUri(jwksUri);
1168  registerRequest.setRequestObjectSigningAlg(SignatureAlgorithm.RS512);
1169  registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");
1170  registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
1171 
1172  RegisterClient registerClient = new RegisterClient(registrationEndpoint);
1173  registerClient.setRequest(registerRequest);
1174  RegisterResponse response = registerClient.exec();
1175 
1176  showClient(registerClient);
1177  assertEquals(response.getStatus(), 200, "Unexpected response code: " + response.getEntity());
1178  assertNotNull(response.getClientId());
1179  assertNotNull(response.getClientSecret());
1180  assertNotNull(response.getRegistrationAccessToken());
1181  assertNotNull(response.getClientSecretExpiresAt());
1182 
1183  String clientId = response.getClientId();
1184 
1185  // 2. Request authorization
1186  OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
1187 
1188  List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
1189  String nonce = UUID.randomUUID().toString();
1190  String state = UUID.randomUUID().toString();
1191 
1192  AuthorizationRequest request = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce);
1193  request.setState(state);
1194  request.setAuthUsername(userId);
1195  request.setAuthPassword(userSecret);
1196  request.getPrompts().add(Prompt.NONE);
1197 
1198  JwtAuthorizationRequest jwtAuthorizationRequest = new JwtAuthorizationRequest(request, SignatureAlgorithm.RS512, cryptoProvider);
1199  jwtAuthorizationRequest.setKeyId(keyId);
1200  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.NAME, ClaimValue.createNull()));
1201  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.NICKNAME, ClaimValue.createEssential(false)));
1202  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.EMAIL, ClaimValue.createNull()));
1203  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.EMAIL_VERIFIED, ClaimValue.createNull()));
1204  jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.PICTURE, ClaimValue.createEssential(false)));
1205  jwtAuthorizationRequest.addIdTokenClaim(new Claim(JwtClaimName.AUTHENTICATION_TIME, ClaimValue.createNull()));
1206  jwtAuthorizationRequest.addIdTokenClaim(new Claim(JwtClaimName.AUTHENTICATION_CONTEXT_CLASS_REFERENCE, ClaimValue.createValueList(new String[]{"2"})));
1207  jwtAuthorizationRequest.getIdTokenMember().setMaxAge(86400);
1208  String authJwt = jwtAuthorizationRequest.getEncodedJwt();
1209  request.setRequest(authJwt);
1210 
1211  AuthorizeClient authorizeClient = new AuthorizeClient(authorizationEndpoint);
1212  authorizeClient.setRequest(request);
1213  AuthorizationResponse response1 = authorizeClient.exec();
1214 
1215  showClient(authorizeClient);
1216  assertEquals(response1.getStatus(), 302, "Unexpected response code: " + response1.getStatus());
1217  assertNotNull(response1.getLocation(), "The location is null");
1218  assertNotNull(response1.getAccessToken(), "The accessToken is null");
1219  assertNotNull(response1.getTokenType(), "The tokenType is null");
1220  assertNotNull(response1.getIdToken(), "The idToken is null");
1221  assertNotNull(response1.getState(), "The state is null");
1222 
1223  String accessToken = response1.getAccessToken();
1224 
1225  // 3. Request user info
1226  UserInfoClient userInfoClient = new UserInfoClient(userInfoEndpoint);
1227  UserInfoResponse response3 = userInfoClient.execUserInfo(accessToken);
1228 
1229  showClient(userInfoClient);
1230  assertEquals(response3.getStatus(), 200, "Unexpected response code: " + response3.getStatus());
1231  assertNotNull(response3.getClaim(JwtClaimName.SUBJECT_IDENTIFIER));
1232  assertNotNull(response3.getClaim(JwtClaimName.NAME));
1233  assertNotNull(response3.getClaim(JwtClaimName.GIVEN_NAME));
1234  assertNotNull(response3.getClaim(JwtClaimName.FAMILY_NAME));
1235  assertNotNull(response3.getClaim(JwtClaimName.EMAIL));
1236  assertNotNull(response3.getClaim(JwtClaimName.ZONEINFO));
1237  assertNotNull(response3.getClaim(JwtClaimName.LOCALE));
1238  }
org.xdi.oxauth.model.common.ResponseType.ID_TOKEN
ID_TOKEN
Definition: ResponseType.java:47
org.xdi.oxauth.BaseTest.registrationEndpoint
String registrationEndpoint
Definition: BaseTest.java:81
org.xdi.oxauth.client.RegisterClient
Definition: RegisterClient.java:34
org.xdi.oxauth.client.AuthorizationResponse.getIdToken
String getIdToken()
Definition: AuthorizationResponse.java:295
org.xdi.oxauth.client.UserInfoClient.execUserInfo
UserInfoResponse execUserInfo(String accessToken)
Definition: UserInfoClient.java:66
org.xdi.oxauth.BaseTest.jwksUri
String jwksUri
Definition: BaseTest.java:80
org.xdi.oxauth.client.BaseRequest.setAuthUsername
void setAuthUsername(String authUsername)
Definition: BaseRequest.java:62
org.xdi.oxauth.client.RegisterResponse
Definition: RegisterResponse.java:34
org.xdi.oxauth.client.AuthorizationRequest.getPrompts
List< Prompt > getPrompts()
Definition: AuthorizationRequest.java:275
org.xdi.oxauth.client.AuthorizationResponse.getState
String getState()
Definition: AuthorizationResponse.java:314
org.xdi.oxauth.client.AuthorizeClient.exec
AuthorizationResponse exec()
Definition: AuthorizeClient.java:167
org.xdi.oxauth.client.RegisterRequest.setSectorIdentifierUri
void setSectorIdentifierUri(String sectorIdentifierUri)
Definition: RegisterRequest.java:504
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm
Definition: SignatureAlgorithm.java:20
org.xdi.oxauth.BaseTest.showClient
static void showClient(BaseClient client)
Definition: BaseTest.java:775
org.xdi.oxauth.client.RegisterRequest.setJwksUri
void setJwksUri(String jwksUri)
Definition: RegisterRequest.java:454
org.xdi.oxauth.client.RegisterResponse.getClientSecretExpiresAt
Date getClientSecretExpiresAt()
Definition: RegisterResponse.java:205
org.xdi.oxauth.client.RegisterClient.exec
RegisterResponse exec()
Definition: RegisterClient.java:76
org.xdi.oxauth.client.BaseRequest.setAuthPassword
void setAuthPassword(String authPassword)
Definition: BaseRequest.java:70
org.xdi.oxauth.client.AuthorizeClient
Definition: AuthorizeClient.java:29
org.xdi.oxauth.client.RegisterResponse.getClientSecret
String getClientSecret()
Definition: RegisterResponse.java:160
org.xdi.oxauth.model.register.ApplicationType.WEB
WEB
Definition: ApplicationType.java:28
org.xdi.oxauth.model.common.Prompt.NONE
NONE
Definition: Prompt.java:27
org.xdi.oxauth.client.RegisterRequest.setRequestObjectSigningAlg
void setRequestObjectSigningAlg(SignatureAlgorithm requestObjectSigningAlg)
Definition: RegisterRequest.java:664
org.xdi.oxauth.client.AuthorizationResponse.getTokenType
TokenType getTokenType()
Definition: AuthorizationResponse.java:237
org.xdi.oxauth.client.UserInfoResponse.getClaim
List< String > getClaim(String claimName)
Definition: UserInfoResponse.java:109
org.xdi.oxauth.client.RegisterResponse.getClientId
String getClientId()
Definition: RegisterResponse.java:142
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.client.RegisterRequest.setResponseTypes
void setResponseTypes(List< ResponseType > responseTypes)
Definition: RegisterRequest.java:272
org.xdi.oxauth.client.RegisterRequest
Definition: RegisterRequest.java:37
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm.RS512
RS512
Definition: SignatureAlgorithm.java:28
org.xdi.oxauth.model.common.Prompt
Definition: Prompt.java:18
org.xdi.oxauth.client.UserInfoClient
Definition: UserInfoClient.java:34
org.xdi.oxauth.BaseTest.userInfoEndpoint
String userInfoEndpoint
Definition: BaseTest.java:76
org.xdi.oxauth.client.AuthorizationRequest.setRequest
void setRequest(String request)
Definition: AuthorizationRequest.java:361
org.xdi.oxauth.model.common.ResponseType.TOKEN
TOKEN
Definition: ResponseType.java:43
org.xdi.oxauth.client.BaseResponse.getLocation
String getLocation()
Definition: BaseResponse.java:58
org.xdi.oxauth.client.BaseResponse.getStatus
int getStatus()
Definition: BaseResponse.java:49
org.xdi.oxauth.client.AuthorizationRequest
Definition: AuthorizationRequest.java:33
org.xdi.oxauth.model.register.ApplicationType
Definition: ApplicationType.java:12
org.xdi.oxauth.model.common.ResponseType
Definition: ResponseType.java:34
org.xdi.oxauth.client.AuthorizationRequest.setState
void setState(String state)
Definition: AuthorizationRequest.java:217
org.xdi.oxauth.BaseTest.authorizationEndpoint
String authorizationEndpoint
Definition: BaseTest.java:72
org.xdi.oxauth.client.UserInfoResponse
Definition: UserInfoResponse.java:20
org.xdi.oxauth.client.AuthorizationResponse.getAccessToken
String getAccessToken()
Definition: AuthorizationResponse.java:185
org.xdi.oxauth.client.RegisterRequest.addCustomAttribute
void addCustomAttribute(String p_name, String p_value)
Definition: RegisterRequest.java:925
org.xdi.oxauth.model.crypto.OxAuthCryptoProvider
Definition: OxAuthCryptoProvider.java:62
org.xdi.oxauth.client.RegisterResponse.getRegistrationAccessToken
String getRegistrationAccessToken()
Definition: RegisterResponse.java:173

◆ setAuthorizationEndpoint()

void org.xdi.oxauth.BaseTest.setAuthorizationEndpoint ( String  authorizationEndpoint)
inlineinherited
138  {
139  this.authorizationEndpoint = authorizationEndpoint;
140  }
org.xdi.oxauth.BaseTest.authorizationEndpoint
String authorizationEndpoint
Definition: BaseTest.java:72

◆ setCheckSessionIFrame()

void org.xdi.oxauth.BaseTest.setCheckSessionIFrame ( String  checkSessionIFrame)
inlineinherited
170  {
171  this.checkSessionIFrame = checkSessionIFrame;
172  }
org.xdi.oxauth.BaseTest.checkSessionIFrame
String checkSessionIFrame
Definition: BaseTest.java:78

◆ setClientInfoEndpoint()

void org.xdi.oxauth.BaseTest.setClientInfoEndpoint ( String  clientInfoEndpoint)
inlineinherited
162  {
163  this.clientInfoEndpoint = clientInfoEndpoint;
164  }
org.xdi.oxauth.BaseTest.clientInfoEndpoint
String clientInfoEndpoint
Definition: BaseTest.java:77

◆ setConfigurationEndpoint()

void org.xdi.oxauth.BaseTest.setConfigurationEndpoint ( String  configurationEndpoint)
inlineinherited
226  {
227  this.configurationEndpoint = configurationEndpoint;
228  }
org.xdi.oxauth.BaseTest.configurationEndpoint
String configurationEndpoint
Definition: BaseTest.java:82

◆ setDriver()

void org.xdi.oxauth.BaseTest.setDriver ( WebDriver  driver)
inlineinherited
130  {
131  this.driver = driver;
132  }
org.xdi.oxauth.BaseTest.driver
WebDriver driver
Definition: BaseTest.java:70

◆ setEndSessionEndpoint()

void org.xdi.oxauth.BaseTest.setEndSessionEndpoint ( String  endSessionEndpoint)
inlineinherited
178  {
179  this.endSessionEndpoint = endSessionEndpoint;
180  }
org.xdi.oxauth.BaseTest.endSessionEndpoint
String endSessionEndpoint
Definition: BaseTest.java:79

◆ setIdGenEndpoint()

void org.xdi.oxauth.BaseTest.setIdGenEndpoint ( String  p_idGenEndpoint)
inlineinherited
218  {
219  idGenEndpoint = p_idGenEndpoint;
220  }
org.xdi.oxauth.BaseTest.idGenEndpoint
String idGenEndpoint
Definition: BaseTest.java:83

◆ setIntrospectionEndpoint()

void org.xdi.oxauth.BaseTest.setIntrospectionEndpoint ( String  p_introspectionEndpoint)
inlineinherited
202  {
203  introspectionEndpoint = p_introspectionEndpoint;
204  }
org.xdi.oxauth.BaseTest.introspectionEndpoint
String introspectionEndpoint
Definition: BaseTest.java:84

◆ setJwksUri()

void org.xdi.oxauth.BaseTest.setJwksUri ( String  jwksUri)
inlineinherited
186  {
187  this.jwksUri = jwksUri;
188  }
org.xdi.oxauth.BaseTest.jwksUri
String jwksUri
Definition: BaseTest.java:80

◆ setRegistrationEndpoint()

void org.xdi.oxauth.BaseTest.setRegistrationEndpoint ( String  registrationEndpoint)
inlineinherited
194  {
195  this.registrationEndpoint = registrationEndpoint;
196  }
org.xdi.oxauth.BaseTest.registrationEndpoint
String registrationEndpoint
Definition: BaseTest.java:81

◆ setScopeToClaimsMapping()

void org.xdi.oxauth.BaseTest.setScopeToClaimsMapping ( Map< String, List< String >>  p_scopeToClaimsMapping)
inlineinherited
210  {
211  scopeToClaimsMapping = p_scopeToClaimsMapping;
212  }
org.xdi.oxauth.BaseTest.scopeToClaimsMapping
Map< String, List< String > > scopeToClaimsMapping
Definition: BaseTest.java:85

◆ setTokenEndpoint()

void org.xdi.oxauth.BaseTest.setTokenEndpoint ( String  tokenEndpoint)
inlineinherited
146  {
147  this.tokenEndpoint = tokenEndpoint;
148  }
org.xdi.oxauth.BaseTest.tokenEndpoint
String tokenEndpoint
Definition: BaseTest.java:75

◆ setUserInfoEndpoint()

void org.xdi.oxauth.BaseTest.setUserInfoEndpoint ( String  userInfoEndpoint)
inlineinherited
154  {
155  this.userInfoEndpoint = userInfoEndpoint;
156  }
org.xdi.oxauth.BaseTest.userInfoEndpoint
String userInfoEndpoint
Definition: BaseTest.java:76

◆ showClient() [1/2]

static void org.xdi.oxauth.BaseTest.showClient ( BaseClient  client)
inlinestaticinherited
775  {
776  ClientUtils.showClient(client);
777  }
org.xdi.oxauth.client.ClientUtils
Definition: ClientUtils.java:17
org.xdi.oxauth.client.ClientUtils.showClient
static void showClient(BaseClient client)
Definition: ClientUtils.java:21

◆ showClient() [2/2]

static void org.xdi.oxauth.BaseTest.showClient ( BaseClient  client,
CookieStore  cookieStore 
)
inlinestaticinherited
779  {
780  ClientUtils.showClient(client, cookieStore);
781  }
org.xdi.oxauth.client.ClientUtils
Definition: ClientUtils.java:17
org.xdi.oxauth.client.ClientUtils.showClient
static void showClient(BaseClient client)
Definition: ClientUtils.java:21

◆ showClientUserAgent()

static void org.xdi.oxauth.BaseTest.showClientUserAgent ( BaseClient  client)
inlinestaticinherited
783  {
784  ClientUtils.showClientUserAgent(client);
785  }
org.xdi.oxauth.client.ClientUtils
Definition: ClientUtils.java:17
org.xdi.oxauth.client.ClientUtils.showClientUserAgent
static void showClientUserAgent(BaseClient client)
Definition: ClientUtils.java:35

◆ showEntity()

void org.xdi.oxauth.BaseTest.showEntity ( String  entity)
inlineinherited
769  {
770  if (entity != null) {
771  System.out.println("Entity: " + entity.replace("\\n", "\n"));
772  }
773  }

◆ showResponse() [1/2]

void org.xdi.oxauth.BaseTest.showResponse ( String  title,
Response  response 
)
inlineinherited
30  {
31  showResponse(title, response, null);
32  }
org.xdi.oxauth.BaseTest.showResponse
void showResponse(String title, Response response)
Definition: BaseTest.java:30

◆ showResponse() [2/2]

static void org.xdi.oxauth.BaseTest.showResponse ( String  title,
Response  response,
Object  entity 
)
inlinestaticinherited
34  {
35  System.out.println(" ");
36  System.out.println("RESPONSE FOR: " + title);
37  System.out.println(response.getStatus());
38  for (Entry<String, List<Object>> headers : response.getHeaders().entrySet()) {
39  String headerName = headers.getKey();
40  System.out.println(headerName + ": " + headers.getValue());
41  }
42 
43  if (entity != null) {
44  System.out.println(entity.toString().replace("\\n", "\n"));
45  }
46  System.out.println(" ");
47  System.out.println("Status message: " + response.getStatus());
48  }

◆ showTitle() [1/2]

void org.xdi.oxauth.BaseTest.showTitle ( String  title)
inlineinherited
22  {
23  title = "TEST: " + title;
24 
25  System.out.println("#######################################################");
26  System.out.println(title);
27  System.out.println("#######################################################");
28  }

◆ showTitle() [2/2]

void org.xdi.oxauth.BaseTest.showTitle ( String  title)
inlineinherited
761  {
762  title = "TEST: " + title;
763 
764  System.out.println("#######################################################");
765  System.out.println(title);
766  System.out.println("#######################################################");
767  }

◆ startSelenium()

void org.xdi.oxauth.BaseTest.startSelenium ( )
inlineinherited
230  {
231  //System.setProperty("webdriver.chrome.driver", "/Users/JAVIER/tmp/chromedriver");
232  //driver = new ChromeDriver();
233 
234  //driver = new SafariDriver();
235 
236  //driver = new FirefoxDriver();
237 
238  //driver = new InternetExplorerDriver();
239 
240  driver = new HtmlUnitDriver(true);
241  }
org.xdi.oxauth.BaseTest.driver
WebDriver driver
Definition: BaseTest.java:70

◆ stopSelenium()

void org.xdi.oxauth.BaseTest.stopSelenium ( )
inlineinherited
243  {
244 // driver.close();
245  driver.quit();
246  }
org.xdi.oxauth.BaseTest.driver
WebDriver driver
Definition: BaseTest.java:70

◆ waitForResourceOwnerAndGrantLoginForm() [1/2]

String org.xdi.oxauth.BaseTest.waitForResourceOwnerAndGrantLoginForm ( String  authorizeUrl,
AuthorizationRequest  authorizationRequest,
boolean  cleanupCookies 
)
inlineinherited

Try to open login form (via the user-agent)

617  {
618  String authorizationRequestUrl = authorizeUrl + "?" + authorizationRequest.getQueryString();
619 
620  AuthorizeClient authorizeClient = new AuthorizeClient(authorizeUrl);
621  authorizeClient.setRequest(authorizationRequest);
622 
623  System.out.println("waitForResourceOwnerAndGrantLoginForm: authorizationRequestUrl:" + authorizationRequestUrl);
624  startSelenium();
625  if (cleanupCookies) {
626  System.out.println("waitForResourceOwnerAndGrantLoginForm: Cleaning cookies");
627  deleteAllCookies();
628  }
629  driver.navigate().to(authorizationRequestUrl);
630 
631  WebElement usernameElement = driver.findElement(By.name(loginFormUsername));
632  WebElement passwordElement = driver.findElement(By.name(loginFormPassword));
633  WebElement loginButton = driver.findElement(By.name(loginFormLoginButton));
634 
635  if ((usernameElement == null) || (passwordElement == null) || (loginButton == null)) {
636  return null;
637  }
638 
639  Cookie sessionStateCookie = driver.manage().getCookieNamed("session_state");
640  String sessionState = null;
641  if (sessionStateCookie != null) {
642  sessionState = sessionStateCookie.getValue();
643  }
644  System.out.println("waitForResourceOwnerAndGrantLoginForm: sessionState:" + sessionState);
645 
646  stopSelenium();
647 
648  showClientUserAgent(authorizeClient);
649 
650  return sessionState;
651  }
org.xdi.oxauth.BaseTest.loginFormUsername
String loginFormUsername
Definition: BaseTest.java:88
org.xdi.oxauth.BaseTest.loginFormPassword
String loginFormPassword
Definition: BaseTest.java:89
org.xdi.oxauth.BaseTest.deleteAllCookies
void deleteAllCookies()
Definition: BaseTest.java:661
org.xdi.oxauth.BaseTest.stopSelenium
void stopSelenium()
Definition: BaseTest.java:243
org.xdi.oxauth.client.AuthorizeClient
Definition: AuthorizeClient.java:29
org.xdi.oxauth.BaseTest.startSelenium
void startSelenium()
Definition: BaseTest.java:230
org.xdi.oxauth.BaseTest.loginFormLoginButton
String loginFormLoginButton
Definition: BaseTest.java:90
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.BaseTest.driver
WebDriver driver
Definition: BaseTest.java:70
org.xdi.oxauth.client.AuthorizationRequest.getQueryString
String getQueryString()
Definition: AuthorizationRequest.java:486
org.xdi.oxauth.BaseTest.showClientUserAgent
static void showClientUserAgent(BaseClient client)
Definition: BaseTest.java:783

◆ waitForResourceOwnerAndGrantLoginForm() [2/2]

String org.xdi.oxauth.BaseTest.waitForResourceOwnerAndGrantLoginForm ( String  authorizeUrl,
AuthorizationRequest  authorizationRequest 
)
inlineinherited

Try to open login form (via the user-agent)

657  {
658  return waitForResourceOwnerAndGrantLoginForm(authorizeUrl, authorizationRequest, true);
659  }
org.xdi.oxauth.BaseTest.waitForResourceOwnerAndGrantLoginForm
String waitForResourceOwnerAndGrantLoginForm(String authorizeUrl, AuthorizationRequest authorizationRequest, boolean cleanupCookies)
Definition: BaseTest.java:616

メンバ詳解

◆ authorizationEndpoint

String org.xdi.oxauth.BaseTest.authorizationEndpoint
protectedinherited

◆ authorizationPageEndpoint

String org.xdi.oxauth.BaseTest.authorizationPageEndpoint
protectedinherited

◆ checkSessionIFrame

String org.xdi.oxauth.BaseTest.checkSessionIFrame
protectedinherited

◆ clientInfoEndpoint

String org.xdi.oxauth.BaseTest.clientInfoEndpoint
protectedinherited

◆ configurationEndpoint

String org.xdi.oxauth.BaseTest.configurationEndpoint
protectedinherited

◆ driver

WebDriver org.xdi.oxauth.BaseTest.driver
protectedinherited

◆ endSessionEndpoint

String org.xdi.oxauth.BaseTest.endSessionEndpoint
protectedinherited

◆ gluuConfigurationEndpoint

String org.xdi.oxauth.BaseTest.gluuConfigurationEndpoint
protectedinherited

◆ idGenEndpoint

String org.xdi.oxauth.BaseTest.idGenEndpoint
protectedinherited

◆ introspectionEndpoint

String org.xdi.oxauth.BaseTest.introspectionEndpoint
protectedinherited

◆ jwksUri

String org.xdi.oxauth.BaseTest.jwksUri
protectedinherited

◆ registrationEndpoint

String org.xdi.oxauth.BaseTest.registrationEndpoint
protectedinherited

◆ scopeToClaimsMapping

Map<String, List<String> > org.xdi.oxauth.BaseTest.scopeToClaimsMapping
protectedinherited

◆ testData

FileConfiguration org.xdi.oxauth.ConfigurableTest.testData
staticinherited

◆ tokenEndpoint

String org.xdi.oxauth.BaseTest.tokenEndpoint
protectedinherited

◆ userInfoEndpoint

String org.xdi.oxauth.BaseTest.userInfoEndpoint
protectedinherited
このクラス詳解は次のファイルから抽出されました:
2018年09月30日(日) 14時46分36秒作成 - gluu / 構成:   doxygen 1.8.13