gluu
公開メンバ関数 | 静的公開メンバ関数 | 静的公開変数類 | 限定公開変数類 | 全メンバ一覧
org.xdi.oxauth.ws.rs.TokenSignaturesHttpTest クラス
org.xdi.oxauth.ws.rs.TokenSignaturesHttpTest の継承関係図
Inheritance graph
org.xdi.oxauth.ws.rs.TokenSignaturesHttpTest 連携図
Collaboration graph

公開メンバ関数

void requestAuthorizationIdTokenNone (final String redirectUris, final String userId, final String userSecret, final String redirectUri, final String sectorIdentifierUri) throws Exception
 
void requestAuthorizationIdTokenHS256 (final String redirectUris, final String userId, final String userSecret, final String redirectUri, final String sectorIdentifierUri) throws Exception
 
void requestAuthorizationIdTokenHS384 (final String redirectUris, final String userId, final String userSecret, final String redirectUri, final String sectorIdentifierUri) throws Exception
 
void requestAuthorizationIdTokenHS512 (final String redirectUris, final String userId, final String userSecret, final String redirectUri, final String sectorIdentifierUri) throws Exception
 
void requestAuthorizationIdTokenRS256 (final String redirectUris, final String userId, final String userSecret, final String redirectUri, final String sectorIdentifierUri) throws Exception
 
void requestAuthorizationIdTokenRS384 (final String redirectUris, final String userId, final String userSecret, final String redirectUri, final String sectorIdentifierUri) throws Exception
 
void requestAuthorizationIdTokenRS512 (final String redirectUris, final String userId, final String userSecret, final String redirectUri, final String sectorIdentifierUri) throws Exception
 
void requestAuthorizationIdTokenES256 (final String redirectUris, final String userId, final String userSecret, final String redirectUri, final String sectorIdentifierUri) throws Exception
 
void requestAuthorizationIdTokenES384 (final String redirectUris, final String userId, final String userSecret, final String redirectUri, final String sectorIdentifierUri) throws Exception
 
void requestAuthorizationIdTokenES512 (final String redirectUris, final String userId, final String userSecret, final String redirectUri, final String sectorIdentifierUri) throws Exception
 
void printAlgorithmsAndProviders ()
 
void hs256 () throws InvalidKeyException, NoSuchAlgorithmException
 
void hs384 () throws InvalidKeyException, NoSuchAlgorithmException
 
void hs512 () throws InvalidKeyException, NoSuchAlgorithmException
 
void testRS256 (final String clientJwksUri, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret) throws NoSuchProviderException, NoSuchAlgorithmException, SignatureException, InvalidKeyException, InvalidKeySpecException, IllegalBlockSizeException, IOException, NoSuchPaddingException, BadPaddingException
 
void testRS384 (final String clientJwksUri, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret) throws NoSuchProviderException, NoSuchAlgorithmException, SignatureException, InvalidKeyException, InvalidKeySpecException, IllegalBlockSizeException, IOException, NoSuchPaddingException, BadPaddingException
 
void testRS512 (final String clientJwksUri, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret) throws NoSuchProviderException, NoSuchAlgorithmException, SignatureException, InvalidKeyException, InvalidKeySpecException, IllegalBlockSizeException, IOException, NoSuchPaddingException, BadPaddingException
 
void testES256 (final String clientJwksUri, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret) throws NoSuchProviderException, NoSuchAlgorithmException, InvalidAlgorithmParameterException, SignatureException, InvalidKeyException, InvalidKeySpecException, IllegalBlockSizeException, IOException, NoSuchPaddingException, BadPaddingException
 
void testES384 (final String clientJwksUri, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret) throws NoSuchProviderException, NoSuchAlgorithmException, InvalidAlgorithmParameterException, SignatureException, InvalidKeyException, InvalidKeySpecException, IllegalBlockSizeException, IOException, NoSuchPaddingException, BadPaddingException
 
void testES512 (final String clientJwksUri, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret) throws NoSuchProviderException, NoSuchAlgorithmException, InvalidAlgorithmParameterException, SignatureException, InvalidKeyException, InvalidKeySpecException, IllegalBlockSizeException, IOException, NoSuchPaddingException, BadPaddingException
 
void getMessageDigestSHA256 ()
 
void getMessageDigestSHA384 ()
 
void getMessageDigestSHA512 ()
 
void initTestSuite (ITestContext context) throws FileNotFoundException, IOException
 
WebDriver getDriver ()
 
void setDriver (WebDriver driver)
 
String getAuthorizationEndpoint ()
 
void setAuthorizationEndpoint (String authorizationEndpoint)
 
String getTokenEndpoint ()
 
void setTokenEndpoint (String tokenEndpoint)
 
String getUserInfoEndpoint ()
 
void setUserInfoEndpoint (String userInfoEndpoint)
 
String getClientInfoEndpoint ()
 
void setClientInfoEndpoint (String clientInfoEndpoint)
 
String getCheckSessionIFrame ()
 
void setCheckSessionIFrame (String checkSessionIFrame)
 
String getEndSessionEndpoint ()
 
void setEndSessionEndpoint (String endSessionEndpoint)
 
String getJwksUri ()
 
void setJwksUri (String jwksUri)
 
String getRegistrationEndpoint ()
 
void setRegistrationEndpoint (String registrationEndpoint)
 
String getIntrospectionEndpoint ()
 
void setIntrospectionEndpoint (String p_introspectionEndpoint)
 
Map< String, List< String > > getScopeToClaimsMapping ()
 
void setScopeToClaimsMapping (Map< String, List< String >> p_scopeToClaimsMapping)
 
String getIdGenEndpoint ()
 
void setIdGenEndpoint (String p_idGenEndpoint)
 
String getConfigurationEndpoint ()
 
void setConfigurationEndpoint (String configurationEndpoint)
 
void startSelenium ()
 
void stopSelenium ()
 
AuthorizationResponse authenticateResourceOwnerAndGrantAccess (String authorizeUrl, AuthorizationRequest authorizationRequest, String userId, String userSecret)
 
AuthorizationResponse authenticateResourceOwnerAndGrantAccess (String authorizeUrl, AuthorizationRequest authorizationRequest, String userId, String userSecret, boolean cleanupCookies)
 
AuthorizationResponse authenticateResourceOwnerAndGrantAccess (String authorizeUrl, AuthorizationRequest authorizationRequest, String userId, String userSecret, boolean cleanupCookies, boolean useNewDriver)
 
AuthorizationResponse authenticateResourceOwnerAndGrantAccess (String authorizeUrl, AuthorizationRequest authorizationRequest, String userId, String userSecret, boolean cleanupCookies, boolean useNewDriver, int authzSteps)
 
AuthorizationResponse authenticateResourceOwnerAndDenyAccess (String authorizeUrl, AuthorizationRequest authorizationRequest, String userId, String userSecret)
 
AuthorizationResponse authorizationRequestAndGrantAccess (String authorizeUrl, AuthorizationRequest authorizationRequest)
 
AuthorizationResponse authorizationRequestAndDenyAccess (String authorizeUrl, AuthorizationRequest authorizationRequest)
 
AuthorizationResponse authenticateResourceOwner (String authorizeUrl, AuthorizationRequest authorizationRequest, String userId, String userSecret, boolean cleanupCookies)
 
String waitForResourceOwnerAndGrantLoginForm (String authorizeUrl, AuthorizationRequest authorizationRequest, boolean cleanupCookies)
 
String waitForResourceOwnerAndGrantLoginForm (String authorizeUrl, AuthorizationRequest authorizationRequest)
 
void discovery (ITestContext context) throws Exception
 
void showTitle (String title)
 
void showTitle (String title)
 
void showEntity (String entity)
 
void showResponse (String title, Response response)
 

静的公開メンバ関数

static void showClient (BaseClient client)
 
static void showClient (BaseClient client, CookieStore cookieStore)
 
static void showClientUserAgent (BaseClient client)
 
static void assertErrorResponse (BaseResponseWithErrors p_response, IErrorType p_errorType)
 
static DefaultHttpClient createHttpClient ()
 
static DefaultHttpClient createHttpClient (HostnameVerifierType p_verifierType)
 
static ClientExecutor clientExecutor () throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException
 
static ClientExecutor clientExecutor (boolean trustAll) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException
 
static HttpClient createHttpClientTrustAll () throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException
 
static void showResponse (String title, Response response, Object entity)
 
static void fails (Throwable e)
 
static void output (String p_msg)
 
static Archive<?> createDeployment ()
 

静的公開変数類

static FileConfiguration testData
 

限定公開変数類

WebDriver driver
 
String authorizationEndpoint
 
String authorizationPageEndpoint
 
String gluuConfigurationEndpoint
 
String tokenEndpoint
 
String userInfoEndpoint
 
String clientInfoEndpoint
 
String checkSessionIFrame
 
String endSessionEndpoint
 
String jwksUri
 
String registrationEndpoint
 
String configurationEndpoint
 
String idGenEndpoint
 
String introspectionEndpoint
 
Map< String, List< String > > scopeToClaimsMapping
 

詳解

著者
Javier Rojas Blum
バージョン
August 29, 2017

関数詳解

◆ assertErrorResponse()

static void org.xdi.oxauth.BaseTest.assertErrorResponse ( BaseResponseWithErrors  p_response,
IErrorType  p_errorType 
)
inlinestaticinherited
787  {
788  assertEquals(p_response.getStatus(), 400, "Unexpected response code. Entity: " + p_response.getEntity());
789  assertNotNull(p_response.getEntity(), "The entity is null");
790  assertEquals(p_response.getErrorType(), p_errorType);
791  assertTrue(StringUtils.isNotBlank(p_response.getErrorDescription()));
792  }
org.xdi.oxauth.client.BaseResponseWithErrors.getErrorType
T getErrorType()
Definition: BaseResponseWithErrors.java:48
org.xdi.oxauth.client.BaseResponse.getEntity
String getEntity()
Definition: BaseResponse.java:85
org.xdi.oxauth.client.BaseResponse.getStatus
int getStatus()
Definition: BaseResponse.java:49
org.xdi.oxauth.client.BaseResponseWithErrors.getErrorDescription
String getErrorDescription()
Definition: BaseResponseWithErrors.java:40

◆ authenticateResourceOwner()

AuthorizationResponse org.xdi.oxauth.BaseTest.authenticateResourceOwner ( String  authorizeUrl,
AuthorizationRequest  authorizationRequest,
String  userId,
String  userSecret,
boolean  cleanupCookies 
)
inlineinherited

The authorization server authenticates the resource owner (via the user-agent) No authorization page.

556  {
557  String authorizationRequestUrl = authorizeUrl + "?" + authorizationRequest.getQueryString();
558 
559  AuthorizeClient authorizeClient = new AuthorizeClient(authorizeUrl);
560  authorizeClient.setRequest(authorizationRequest);
561 
562  System.out.println("authenticateResourceOwner: authorizationRequestUrl:" + authorizationRequestUrl);
563  startSelenium();
564  if (cleanupCookies) {
565  System.out.println("authenticateResourceOwner: Cleaning cookies");
566  deleteAllCookies();
567  }
568 // try {
569  driver.navigate().to(authorizationRequestUrl);
570 // } catch (WebDriverException ex) {
571 // if (ex.getCause() instanceof ScriptException) {
572 // System.out.println("authenticateResourceOwner: Script error: " + ex.getMessage());
573 // } else {
574 // throw ex;
575 // }
576 // }
577 
578  if (userSecret != null) {
579  if (userId != null) {
580  WebElement usernameElement = driver.findElement(By.name(loginFormUsername));
581  usernameElement.sendKeys(userId);
582  }
583 
584  WebElement passwordElement = driver.findElement(By.name(loginFormPassword));
585  passwordElement.sendKeys(userSecret);
586 
587  WebElement loginButton = driver.findElement(By.name(loginFormLoginButton));
588 
589  loginButton.click();
590  }
591 
592  String authorizationResponseStr = driver.getCurrentUrl();
593 
594  Cookie sessionStateCookie = driver.manage().getCookieNamed("session_state");
595  String sessionState = null;
596  if (sessionStateCookie != null) {
597  sessionState = sessionStateCookie.getValue();
598  }
599  System.out.println("authenticateResourceOwner: sessionState:" + sessionState);
600 
601  stopSelenium();
602 
603  AuthorizationResponse authorizationResponse = new AuthorizationResponse(authorizationResponseStr);
604  if (authorizationRequest.getRedirectUri() != null && authorizationRequest.getRedirectUri().equals(authorizationResponseStr)) {
605  authorizationResponse.setResponseMode(ResponseMode.FORM_POST);
606  }
607  authorizeClient.setResponse(authorizationResponse);
608  showClientUserAgent(authorizeClient);
609 
610  return authorizationResponse;
611  }
org.xdi.oxauth.model.common.ResponseMode.FORM_POST
FORM_POST
Definition: ResponseMode.java:33
org.xdi.oxauth.BaseTest.loginFormUsername
String loginFormUsername
Definition: BaseTest.java:88
org.xdi.oxauth.BaseTest.loginFormPassword
String loginFormPassword
Definition: BaseTest.java:89
org.xdi.oxauth.BaseTest.deleteAllCookies
void deleteAllCookies()
Definition: BaseTest.java:661
org.xdi.oxauth.BaseTest.stopSelenium
void stopSelenium()
Definition: BaseTest.java:243
org.xdi.oxauth.client.AuthorizeClient
Definition: AuthorizeClient.java:29
org.xdi.oxauth.model.common.ResponseMode
Definition: ResponseMode.java:16
org.xdi.oxauth.BaseTest.startSelenium
void startSelenium()
Definition: BaseTest.java:230
org.xdi.oxauth.BaseTest.loginFormLoginButton
String loginFormLoginButton
Definition: BaseTest.java:90
org.xdi.oxauth.client.AuthorizationRequest.getRedirectUri
String getRedirectUri()
Definition: AuthorizationRequest.java:184
org.xdi.oxauth.client.AuthorizationResponse.setResponseMode
void setResponseMode(ResponseMode responseMode)
Definition: AuthorizationResponse.java:228
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.client.BaseClient.setResponse
void setResponse(V response)
Definition: BaseClient.java:76
org.xdi.oxauth.BaseTest.driver
WebDriver driver
Definition: BaseTest.java:70
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.client.AuthorizationRequest.getQueryString
String getQueryString()
Definition: AuthorizationRequest.java:486
org.xdi.oxauth.BaseTest.showClientUserAgent
static void showClientUserAgent(BaseClient client)
Definition: BaseTest.java:783

◆ authenticateResourceOwnerAndDenyAccess()

AuthorizationResponse org.xdi.oxauth.BaseTest.authenticateResourceOwnerAndDenyAccess ( String  authorizeUrl,
AuthorizationRequest  authorizationRequest,
String  userId,
String  userSecret 
)
inlineinherited
408  {
409  String authorizationRequestUrl = authorizeUrl + "?" + authorizationRequest.getQueryString();
410 
411  AuthorizeClient authorizeClient = new AuthorizeClient(authorizeUrl);
412  authorizeClient.setRequest(authorizationRequest);
413 
414  System.out.println("authenticateResourceOwnerAndDenyAccess: authorizationRequestUrl:" + authorizationRequestUrl);
415  startSelenium();
416  driver.navigate().to(authorizationRequestUrl);
417 
418  WebElement usernameElement = driver.findElement(By.name(loginFormUsername));
419  WebElement passwordElement = driver.findElement(By.name(loginFormPassword));
420  WebElement loginButton = driver.findElement(By.name(loginFormLoginButton));
421 
422  if (userId != null) {
423  usernameElement.sendKeys(userId);
424  }
425  passwordElement.sendKeys(userSecret);
426  loginButton.click();
427 
428  String authorizationResponseStr = driver.getCurrentUrl();
429 
430  WebElement doNotAllowButton = driver.findElement(By.id(authorizeFormDoNotAllowButton));
431 
432  final String previousURL = driver.getCurrentUrl();
433  doNotAllowButton.click();
434  WebDriverWait wait = new WebDriverWait(driver, 10);
435  wait.until(new ExpectedCondition<Boolean>() {
436  public Boolean apply(WebDriver d) {
437  return (d.getCurrentUrl() != previousURL);
438  }
439  });
440 
441  authorizationResponseStr = driver.getCurrentUrl();
442 
443  Cookie sessionIdCookie = driver.manage().getCookieNamed("session_id");
444  String sessionId = null;
445  if (sessionIdCookie != null) {
446  sessionId = sessionIdCookie.getValue();
447  }
448  System.out.println("authenticateResourceOwnerAndDenyAccess: sessionId:" + sessionId);
449 
450  stopSelenium();
451 
452  AuthorizationResponse authorizationResponse = new AuthorizationResponse(authorizationResponseStr);
453  if (authorizationRequest.getRedirectUri() != null && authorizationRequest.getRedirectUri().equals(authorizationResponseStr)) {
454  authorizationResponse.setResponseMode(ResponseMode.FORM_POST);
455  }
456  authorizationResponse.setSessionId(sessionId);
457  authorizeClient.setResponse(authorizationResponse);
458  showClientUserAgent(authorizeClient);
459 
460  return authorizationResponse;
461  }
org.xdi.oxauth.model.common.ResponseMode.FORM_POST
FORM_POST
Definition: ResponseMode.java:33
org.xdi.oxauth.BaseTest.loginFormUsername
String loginFormUsername
Definition: BaseTest.java:88
org.xdi.oxauth.BaseTest.loginFormPassword
String loginFormPassword
Definition: BaseTest.java:89
org.xdi.oxauth.BaseTest.stopSelenium
void stopSelenium()
Definition: BaseTest.java:243
org.xdi.oxauth.BaseTest.authorizeFormDoNotAllowButton
String authorizeFormDoNotAllowButton
Definition: BaseTest.java:92
org.xdi.oxauth.client.AuthorizationResponse.setSessionId
void setSessionId(String p_sessionId)
Definition: AuthorizationResponse.java:212
org.xdi.oxauth.client.AuthorizeClient
Definition: AuthorizeClient.java:29
org.xdi.oxauth.model.common.ResponseMode
Definition: ResponseMode.java:16
org.xdi.oxauth.BaseTest.startSelenium
void startSelenium()
Definition: BaseTest.java:230
org.xdi.oxauth.BaseTest.loginFormLoginButton
String loginFormLoginButton
Definition: BaseTest.java:90
org.xdi.oxauth.client.AuthorizationRequest.getRedirectUri
String getRedirectUri()
Definition: AuthorizationRequest.java:184
org.xdi.oxauth.client.AuthorizationResponse.setResponseMode
void setResponseMode(ResponseMode responseMode)
Definition: AuthorizationResponse.java:228
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.client.BaseClient.setResponse
void setResponse(V response)
Definition: BaseClient.java:76
org.xdi.oxauth.BaseTest.driver
WebDriver driver
Definition: BaseTest.java:70
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.client.AuthorizationRequest.getQueryString
String getQueryString()
Definition: AuthorizationRequest.java:486
org.xdi.oxauth.BaseTest.showClientUserAgent
static void showClientUserAgent(BaseClient client)
Definition: BaseTest.java:783

◆ authenticateResourceOwnerAndGrantAccess() [1/4]

AuthorizationResponse org.xdi.oxauth.BaseTest.authenticateResourceOwnerAndGrantAccess ( String  authorizeUrl,
AuthorizationRequest  authorizationRequest,
String  userId,
String  userSecret 
)
inlineinherited

The authorization server authenticates the resource owner (via the user-agent) and establishes whether the resource owner grants or denies the client's access request.

253  {
254  return authenticateResourceOwnerAndGrantAccess(authorizeUrl, authorizationRequest, userId, userSecret, true);
255  }
org.xdi.oxauth.BaseTest.authenticateResourceOwnerAndGrantAccess
AuthorizationResponse authenticateResourceOwnerAndGrantAccess(String authorizeUrl, AuthorizationRequest authorizationRequest, String userId, String userSecret)
Definition: BaseTest.java:252

◆ authenticateResourceOwnerAndGrantAccess() [2/4]

AuthorizationResponse org.xdi.oxauth.BaseTest.authenticateResourceOwnerAndGrantAccess ( String  authorizeUrl,
AuthorizationRequest  authorizationRequest,
String  userId,
String  userSecret,
boolean  cleanupCookies 
)
inlineinherited

The authorization server authenticates the resource owner (via the user-agent) and establishes whether the resource owner grants or denies the client's access request.

262  {
263  return authenticateResourceOwnerAndGrantAccess(authorizeUrl, authorizationRequest, userId, userSecret, cleanupCookies, false);
264  }
org.xdi.oxauth.BaseTest.authenticateResourceOwnerAndGrantAccess
AuthorizationResponse authenticateResourceOwnerAndGrantAccess(String authorizeUrl, AuthorizationRequest authorizationRequest, String userId, String userSecret)
Definition: BaseTest.java:252

◆ authenticateResourceOwnerAndGrantAccess() [3/4]

AuthorizationResponse org.xdi.oxauth.BaseTest.authenticateResourceOwnerAndGrantAccess ( String  authorizeUrl,
AuthorizationRequest  authorizationRequest,
String  userId,
String  userSecret,
boolean  cleanupCookies,
boolean  useNewDriver 
)
inlineinherited

The authorization server authenticates the resource owner (via the user-agent) and establishes whether the resource owner grants or denies the client's access request.

272  {
273  return authenticateResourceOwnerAndGrantAccess(authorizeUrl, authorizationRequest, userId, userSecret, cleanupCookies, useNewDriver, 1);
274  }
org.xdi.oxauth.BaseTest.authenticateResourceOwnerAndGrantAccess
AuthorizationResponse authenticateResourceOwnerAndGrantAccess(String authorizeUrl, AuthorizationRequest authorizationRequest, String userId, String userSecret)
Definition: BaseTest.java:252

◆ authenticateResourceOwnerAndGrantAccess() [4/4]

AuthorizationResponse org.xdi.oxauth.BaseTest.authenticateResourceOwnerAndGrantAccess ( String  authorizeUrl,
AuthorizationRequest  authorizationRequest,
String  userId,
String  userSecret,
boolean  cleanupCookies,
boolean  useNewDriver,
int  authzSteps 
)
inlineinherited

The authorization server authenticates the resource owner (via the user-agent) and establishes whether the resource owner grants or denies the client's access request.

282  {
283  WebDriver currentDriver = initWebDriver(useNewDriver, cleanupCookies);
284 
285  AuthorizeClient authorizeClient = processAuthentication(currentDriver, authorizeUrl, authorizationRequest,
286  userId, userSecret);
287 
288  int remainAuthzSteps = authzSteps;
289 
290  String authorizationResponseStr = null;
291  do {
292  authorizationResponseStr = acceptAuthorization(currentDriver);
293  remainAuthzSteps--;
294  } while (remainAuthzSteps >= 1);
295 
296  AuthorizationResponse authorizationResponse = buildAuthorizationResponse(authorizationRequest, useNewDriver,
297  currentDriver, authorizeClient, authorizationResponseStr);
298 
299  stopWebDriver(useNewDriver, currentDriver);
300 
301  return authorizationResponse;
302  }
org.xdi.oxauth.BaseTest.buildAuthorizationResponse
AuthorizationResponse buildAuthorizationResponse(AuthorizationRequest authorizationRequest, boolean useNewDriver, WebDriver currentDriver, AuthorizeClient authorizeClient, String authorizationResponseStr)
Definition: BaseTest.java:387
org.xdi.oxauth.BaseTest.acceptAuthorization
String acceptAuthorization(WebDriver currentDriver)
Definition: BaseTest.java:358
org.xdi.oxauth.BaseTest.processAuthentication
AuthorizeClient processAuthentication(WebDriver currentDriver, String authorizeUrl, AuthorizationRequest authorizationRequest, String userId, String userSecret)
Definition: BaseTest.java:330
org.xdi.oxauth.client.AuthorizeClient
Definition: AuthorizeClient.java:29
org.xdi.oxauth.BaseTest.initWebDriver
WebDriver initWebDriver(boolean useNewDriver, boolean cleanupCookies)
Definition: BaseTest.java:304
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.BaseTest.stopWebDriver
void stopWebDriver(boolean useNewDriver, WebDriver currentDriver)
Definition: BaseTest.java:321

◆ authorizationRequestAndDenyAccess()

AuthorizationResponse org.xdi.oxauth.BaseTest.authorizationRequestAndDenyAccess ( String  authorizeUrl,
AuthorizationRequest  authorizationRequest 
)
inlineinherited
509  {
510  String authorizationRequestUrl = authorizeUrl + "?" + authorizationRequest.getQueryString();
511 
512  AuthorizeClient authorizeClient = new AuthorizeClient(authorizeUrl);
513  authorizeClient.setRequest(authorizationRequest);
514 
515  System.out.println("authorizationRequestAndDenyAccess: authorizationRequestUrl:" + authorizationRequestUrl);
516  startSelenium();
517  driver.navigate().to(authorizationRequestUrl);
518 
519  WebElement doNotAllowButton = driver.findElement(By.id(authorizeFormDoNotAllowButton));
520 
521  final String previousURL = driver.getCurrentUrl();
522  doNotAllowButton.click();
523  WebDriverWait wait = new WebDriverWait(driver, 10);
524  wait.until(new ExpectedCondition<Boolean>() {
525  public Boolean apply(WebDriver d) {
526  return (d.getCurrentUrl() != previousURL);
527  }
528  });
529 
530  String authorizationResponseStr = driver.getCurrentUrl();
531 
532  Cookie sessionStateCookie = driver.manage().getCookieNamed("session_state");
533  String sessionState = null;
534  if (sessionStateCookie != null) {
535  sessionState = sessionStateCookie.getValue();
536  }
537  System.out.println("authorizationRequestAndDenyAccess: sessionState:" + sessionState);
538 
539  stopSelenium();
540 
541  AuthorizationResponse authorizationResponse = new AuthorizationResponse(authorizationResponseStr);
542  if (authorizationRequest.getRedirectUri() != null && authorizationRequest.getRedirectUri().equals(authorizationResponseStr)) {
543  authorizationResponse.setResponseMode(ResponseMode.FORM_POST);
544  }
545  authorizeClient.setResponse(authorizationResponse);
546  showClientUserAgent(authorizeClient);
547 
548  return authorizationResponse;
549  }
org.xdi.oxauth.model.common.ResponseMode.FORM_POST
FORM_POST
Definition: ResponseMode.java:33
org.xdi.oxauth.BaseTest.stopSelenium
void stopSelenium()
Definition: BaseTest.java:243
org.xdi.oxauth.BaseTest.authorizeFormDoNotAllowButton
String authorizeFormDoNotAllowButton
Definition: BaseTest.java:92
org.xdi.oxauth.client.AuthorizeClient
Definition: AuthorizeClient.java:29
org.xdi.oxauth.model.common.ResponseMode
Definition: ResponseMode.java:16
org.xdi.oxauth.BaseTest.startSelenium
void startSelenium()
Definition: BaseTest.java:230
org.xdi.oxauth.client.AuthorizationRequest.getRedirectUri
String getRedirectUri()
Definition: AuthorizationRequest.java:184
org.xdi.oxauth.client.AuthorizationResponse.setResponseMode
void setResponseMode(ResponseMode responseMode)
Definition: AuthorizationResponse.java:228
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.client.BaseClient.setResponse
void setResponse(V response)
Definition: BaseClient.java:76
org.xdi.oxauth.BaseTest.driver
WebDriver driver
Definition: BaseTest.java:70
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.client.AuthorizationRequest.getQueryString
String getQueryString()
Definition: AuthorizationRequest.java:486
org.xdi.oxauth.BaseTest.showClientUserAgent
static void showClientUserAgent(BaseClient client)
Definition: BaseTest.java:783

◆ authorizationRequestAndGrantAccess()

AuthorizationResponse org.xdi.oxauth.BaseTest.authorizationRequestAndGrantAccess ( String  authorizeUrl,
AuthorizationRequest  authorizationRequest 
)
inlineinherited
464  {
465  String authorizationRequestUrl = authorizeUrl + "?" + authorizationRequest.getQueryString();
466 
467  AuthorizeClient authorizeClient = new AuthorizeClient(authorizeUrl);
468  authorizeClient.setRequest(authorizationRequest);
469 
470  System.out.println("authorizationRequestAndGrantAccess: authorizationRequestUrl:" + authorizationRequestUrl);
471  startSelenium();
472  driver.navigate().to(authorizationRequestUrl);
473 
474  String authorizationResponseStr = driver.getCurrentUrl();
475 
476  WebElement allowButton = driver.findElement(By.id(authorizeFormAllowButton));
477 
478  final String previousURL = driver.getCurrentUrl();
479  allowButton.click();
480  WebDriverWait wait = new WebDriverWait(driver, 10);
481  wait.until(new ExpectedCondition<Boolean>() {
482  public Boolean apply(WebDriver d) {
483  return (d.getCurrentUrl() != previousURL);
484  }
485  });
486 
487  authorizationResponseStr = driver.getCurrentUrl();
488 
489  Cookie sessionStateCookie = driver.manage().getCookieNamed("session_state");
490  String sessionState = null;
491  if (sessionStateCookie != null) {
492  sessionState = sessionStateCookie.getValue();
493  }
494  System.out.println("authorizationRequestAndGrantAccess: sessionState:" + sessionState);
495 
496  stopSelenium();
497 
498  AuthorizationResponse authorizationResponse = new AuthorizationResponse(authorizationResponseStr);
499  if (authorizationRequest.getRedirectUri() != null && authorizationRequest.getRedirectUri().equals(authorizationResponseStr)) {
500  authorizationResponse.setResponseMode(ResponseMode.FORM_POST);
501  }
502  authorizeClient.setResponse(authorizationResponse);
503  showClientUserAgent(authorizeClient);
504 
505  return authorizationResponse;
506  }
org.xdi.oxauth.model.common.ResponseMode.FORM_POST
FORM_POST
Definition: ResponseMode.java:33
org.xdi.oxauth.BaseTest.stopSelenium
void stopSelenium()
Definition: BaseTest.java:243
org.xdi.oxauth.client.AuthorizeClient
Definition: AuthorizeClient.java:29
org.xdi.oxauth.model.common.ResponseMode
Definition: ResponseMode.java:16
org.xdi.oxauth.BaseTest.startSelenium
void startSelenium()
Definition: BaseTest.java:230
org.xdi.oxauth.client.AuthorizationRequest.getRedirectUri
String getRedirectUri()
Definition: AuthorizationRequest.java:184
org.xdi.oxauth.client.AuthorizationResponse.setResponseMode
void setResponseMode(ResponseMode responseMode)
Definition: AuthorizationResponse.java:228
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.client.BaseClient.setResponse
void setResponse(V response)
Definition: BaseClient.java:76
org.xdi.oxauth.BaseTest.driver
WebDriver driver
Definition: BaseTest.java:70
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.client.AuthorizationRequest.getQueryString
String getQueryString()
Definition: AuthorizationRequest.java:486
org.xdi.oxauth.BaseTest.showClientUserAgent
static void showClientUserAgent(BaseClient client)
Definition: BaseTest.java:783
org.xdi.oxauth.BaseTest.authorizeFormAllowButton
String authorizeFormAllowButton
Definition: BaseTest.java:91

◆ clientExecutor() [1/2]

static ClientExecutor org.xdi.oxauth.BaseTest.clientExecutor ( ) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException
inlinestaticinherited
822  {
823  return clientExecutor(false);
824  }
org.xdi.oxauth.BaseTest.clientExecutor
static ClientExecutor clientExecutor()
Definition: BaseTest.java:822

◆ clientExecutor() [2/2]

static ClientExecutor org.xdi.oxauth.BaseTest.clientExecutor ( boolean  trustAll) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException
inlinestaticinherited
826  {
827  if (trustAll) {
828  return new ApacheHttpClient4Executor(createHttpClientTrustAll());
829  }
830  return ClientRequest.getDefaultExecutor();
831  }
org.xdi.oxauth.BaseTest.createHttpClientTrustAll
static HttpClient createHttpClientTrustAll()
Definition: BaseTest.java:833

◆ createDeployment()

static Archive<?> org.xdi.oxauth.ConfigurableTest.createDeployment ( )
inlinestaticinherited
40  {
41  return Deployments.createDeployment();
42  }

◆ createHttpClient() [1/2]

static DefaultHttpClient org.xdi.oxauth.BaseTest.createHttpClient ( )
inlinestaticinherited
794  {
795  return createHttpClient(HostnameVerifierType.DEFAULT);
796  }
org.xdi.oxauth.BaseTest.createHttpClient
static DefaultHttpClient createHttpClient()
Definition: BaseTest.java:794

◆ createHttpClient() [2/2]

static DefaultHttpClient org.xdi.oxauth.BaseTest.createHttpClient ( HostnameVerifierType  p_verifierType)
inlinestaticinherited
798  {
799  if (p_verifierType != null && p_verifierType != HostnameVerifierType.DEFAULT) {
800  switch (p_verifierType) {
801  case ALLOW_ALL:
802  HostnameVerifier hostnameVerifier = org.apache.http.conn.ssl.SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER;
803 
804  DefaultHttpClient client = new DefaultHttpClient();
805 
806  SchemeRegistry registry = new SchemeRegistry();
807  SSLSocketFactory socketFactory = SSLSocketFactory.getSocketFactory();
808  socketFactory.setHostnameVerifier((X509HostnameVerifier) hostnameVerifier);
809  registry.register(new Scheme("https", socketFactory, 443));
810  SingleClientConnManager mgr = new SingleClientConnManager(client.getParams(), registry);
811 
812  // Set verifier
813  HttpsURLConnection.setDefaultHostnameVerifier(hostnameVerifier);
814  return new DefaultHttpClient(mgr, client.getParams());
815  case DEFAULT:
816  return new DefaultHttpClient();
817  }
818  }
819  return new DefaultHttpClient();
820  }

◆ createHttpClientTrustAll()

static HttpClient org.xdi.oxauth.BaseTest.createHttpClientTrustAll ( ) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException
inlinestaticinherited
833  {
834  SSLSocketFactory sf = new SSLSocketFactory(new TrustStrategy() {
835  @Override
836  public boolean isTrusted(X509Certificate[] chain, String authType) throws CertificateException {
837  return true;
838  }
839  }, new AllowAllHostnameVerifier());
840 
841  SchemeRegistry registry = new SchemeRegistry();
842  registry.register(new Scheme("http", 80, PlainSocketFactory.getSocketFactory()));
843  registry.register(new Scheme("https", 443, sf));
844  ClientConnectionManager ccm = new PoolingClientConnectionManager(registry);
845  return new DefaultHttpClient(ccm);
846  }

◆ discovery()

void org.xdi.oxauth.BaseTest.discovery ( ITestContext  context) throws Exception
inlineinherited
670  {
671  // Load Form Interaction
672  loginFormUsername = context.getCurrentXmlTest().getParameter("loginFormUsername");
673  loginFormPassword = context.getCurrentXmlTest().getParameter("loginFormPassword");
674  loginFormLoginButton = context.getCurrentXmlTest().getParameter("loginFormLoginButton");
675  authorizeFormAllowButton = context.getCurrentXmlTest().getParameter("authorizeFormAllowButton");
676  authorizeFormDoNotAllowButton = context.getCurrentXmlTest().getParameter("authorizeFormDoNotAllowButton");
677 
678  String resource = context.getCurrentXmlTest().getParameter("swdResource");
679 
680  if (StringUtils.isNotBlank(resource)) {
681 
682  showTitle("OpenID Connect Discovery");
683 
684  OpenIdConnectDiscoveryClient openIdConnectDiscoveryClient = new OpenIdConnectDiscoveryClient(resource);
685  OpenIdConnectDiscoveryResponse openIdConnectDiscoveryResponse = openIdConnectDiscoveryClient.exec(clientExecutor(true));
686 
687  showClient(openIdConnectDiscoveryClient);
688  assertEquals(openIdConnectDiscoveryResponse.getStatus(), 200, "Unexpected response code");
689  assertNotNull(openIdConnectDiscoveryResponse.getSubject());
690  assertTrue(openIdConnectDiscoveryResponse.getLinks().size() > 0);
691 
692  configurationEndpoint = openIdConnectDiscoveryResponse.getLinks().get(0).getHref() +
693  "/.well-known/openid-configuration";
694 
695  System.out.println("OpenID Connect Configuration");
696 
697  OpenIdConfigurationClient client = new OpenIdConfigurationClient(configurationEndpoint);
698  client.setExecutor(clientExecutor(true));
699  OpenIdConfigurationResponse response = client.execOpenIdConfiguration();
700 
701  showClient(client);
702  assertEquals(response.getStatus(), 200, "Unexpected response code");
703  assertNotNull(response.getIssuer(), "The issuer is null");
704  assertNotNull(response.getAuthorizationEndpoint(), "The authorizationEndpoint is null");
705  assertNotNull(response.getTokenEndpoint(), "The tokenEndpoint is null");
706  assertNotNull(response.getUserInfoEndpoint(), "The userInfoEndPoint is null");
707  assertNotNull(response.getJwksUri(), "The jwksUri is null");
708  assertNotNull(response.getRegistrationEndpoint(), "The registrationEndpoint is null");
709 
710  assertTrue(response.getScopesSupported().size() > 0, "The scopesSupported is empty");
711  assertTrue(response.getScopeToClaimsMapping().size() > 0, "The scope to claims mapping is empty");
712  assertTrue(response.getResponseTypesSupported().size() > 0, "The responseTypesSupported is empty");
713  assertTrue(response.getGrantTypesSupported().size() > 0, "The grantTypesSupported is empty");
714  assertTrue(response.getAcrValuesSupported().size() >= 0, "The acrValuesSupported is empty");
715  assertTrue(response.getSubjectTypesSupported().size() > 0, "The subjectTypesSupported is empty");
716  assertTrue(response.getIdTokenSigningAlgValuesSupported().size() > 0, "The idTokenSigningAlgValuesSupported is empty");
717  assertTrue(response.getRequestObjectSigningAlgValuesSupported().size() > 0, "The requestObjectSigningAlgValuesSupported is empty");
718  assertTrue(response.getTokenEndpointAuthMethodsSupported().size() > 0, "The tokenEndpointAuthMethodsSupported is empty");
719  assertTrue(response.getClaimsSupported().size() > 0, "The claimsSupported is empty");
720 
721  authorizationEndpoint = response.getAuthorizationEndpoint();
722  tokenEndpoint = response.getTokenEndpoint();
723  userInfoEndpoint = response.getUserInfoEndpoint();
724  clientInfoEndpoint = response.getClientInfoEndpoint();
725  checkSessionIFrame = response.getCheckSessionIFrame();
726  endSessionEndpoint = response.getEndSessionEndpoint();
727  jwksUri = response.getJwksUri();
728  registrationEndpoint = response.getRegistrationEndpoint();
729  idGenEndpoint = response.getIdGenerationEndpoint();
730  introspectionEndpoint = response.getIntrospectionEndpoint();
731  scopeToClaimsMapping = response.getScopeToClaimsMapping();
732  gluuConfigurationEndpoint = determineGluuConfigurationEndpoint(openIdConnectDiscoveryResponse.getLinks().get(0).getHref());
733  } else {
734  showTitle("Loading configuration endpoints from properties file");
735 
736  authorizationEndpoint = context.getCurrentXmlTest().getParameter("authorizationEndpoint");
737  tokenEndpoint = context.getCurrentXmlTest().getParameter("tokenEndpoint");
738  userInfoEndpoint = context.getCurrentXmlTest().getParameter("userInfoEndpoint");
739  clientInfoEndpoint = context.getCurrentXmlTest().getParameter("clientInfoEndpoint");
740  checkSessionIFrame = context.getCurrentXmlTest().getParameter("checkSessionIFrame");
741  endSessionEndpoint = context.getCurrentXmlTest().getParameter("endSessionEndpoint");
742  jwksUri = context.getCurrentXmlTest().getParameter("jwksUri");
743  registrationEndpoint = context.getCurrentXmlTest().getParameter("registrationEndpoint");
744  configurationEndpoint = context.getCurrentXmlTest().getParameter("configurationEndpoint");
745  idGenEndpoint = context.getCurrentXmlTest().getParameter("idGenEndpoint");
746  introspectionEndpoint = context.getCurrentXmlTest().getParameter("introspectionEndpoint");
747  scopeToClaimsMapping = new HashMap<String, List<String>>();
748  }
749 
750  authorizationPageEndpoint = determineAuthorizationPageEndpoint(authorizationEndpoint);
751  }
org.xdi.oxauth.BaseTest.registrationEndpoint
String registrationEndpoint
Definition: BaseTest.java:81
org.xdi.oxauth.client.OpenIdConfigurationResponse.getIntrospectionEndpoint
String getIntrospectionEndpoint()
Definition: OpenIdConfigurationResponse.java:343
org.xdi.oxauth.client.OpenIdConfigurationResponse.getTokenEndpointAuthMethodsSupported
List< String > getTokenEndpointAuthMethodsSupported()
Definition: OpenIdConfigurationResponse.java:642
org.xdi.oxauth.BaseTest.determineAuthorizationPageEndpoint
String determineAuthorizationPageEndpoint(String authorizationEndpoint)
Definition: BaseTest.java:753
org.xdi.oxauth.BaseTest.jwksUri
String jwksUri
Definition: BaseTest.java:80
org.xdi.oxauth.client.OpenIdConfigurationResponse.getRegistrationEndpoint
String getRegistrationEndpoint()
Definition: OpenIdConfigurationResponse.java:310
org.xdi.oxauth.BaseTest.clientInfoEndpoint
String clientInfoEndpoint
Definition: BaseTest.java:77
org.xdi.oxauth.client.OpenIdConfigurationResponse.getCheckSessionIFrame
String getCheckSessionIFrame()
Definition: OpenIdConfigurationResponse.java:248
org.xdi.oxauth.BaseTest.authorizationPageEndpoint
String authorizationPageEndpoint
Definition: BaseTest.java:73
org.xdi.oxauth.BaseTest.idGenEndpoint
String idGenEndpoint
Definition: BaseTest.java:83
org.xdi.oxauth.client.OpenIdConfigurationResponse.getIdGenerationEndpoint
String getIdGenerationEndpoint()
Definition: OpenIdConfigurationResponse.java:327
org.xdi.oxauth.BaseTest.showClient
static void showClient(BaseClient client)
Definition: BaseTest.java:775
org.xdi.oxauth.client.OpenIdConfigurationResponse.getRequestObjectSigningAlgValuesSupported
List< String > getRequestObjectSigningAlgValuesSupported()
Definition: OpenIdConfigurationResponse.java:579
org.xdi.oxauth.BaseTest.loginFormUsername
String loginFormUsername
Definition: BaseTest.java:88
org.xdi.oxauth.BaseTest.loginFormPassword
String loginFormPassword
Definition: BaseTest.java:89
org.xdi.oxauth.BaseTest.configurationEndpoint
String configurationEndpoint
Definition: BaseTest.java:82
org.xdi.oxauth.client.OpenIdConfigurationResponse.getSubjectTypesSupported
List< String > getSubjectTypesSupported()
Definition: OpenIdConfigurationResponse.java:438
org.xdi.oxauth.client.OpenIdConfigurationResponse.getEndSessionEndpoint
String getEndSessionEndpoint()
Definition: OpenIdConfigurationResponse.java:268
org.xdi.oxauth.BaseTest.tokenEndpoint
String tokenEndpoint
Definition: BaseTest.java:75
org.xdi.oxauth.BaseTest.authorizeFormDoNotAllowButton
String authorizeFormDoNotAllowButton
Definition: BaseTest.java:92
org.xdi.oxauth.client.OpenIdConfigurationResponse.getAcrValuesSupported
List< String > getAcrValuesSupported()
Definition: OpenIdConfigurationResponse.java:418
org.xdi.oxauth.client.OpenIdConfigurationResponse.getClientInfoEndpoint
String getClientInfoEndpoint()
Definition: OpenIdConfigurationResponse.java:228
org.xdi.oxauth.client.OpenIdConfigurationResponse.getGrantTypesSupported
List< String > getGrantTypesSupported()
Definition: OpenIdConfigurationResponse.java:398
org.xdi.oxauth.BaseTest.checkSessionIFrame
String checkSessionIFrame
Definition: BaseTest.java:78
org.xdi.oxauth.client.BaseClient.setExecutor
void setExecutor(ClientExecutor executor)
Definition: BaseClient.java:84
org.xdi.oxauth.client.OpenIdConfigurationClient.execOpenIdConfiguration
OpenIdConfigurationResponse execOpenIdConfiguration()
Definition: OpenIdConfigurationClient.java:47
org.xdi.oxauth.BaseTest.loginFormLoginButton
String loginFormLoginButton
Definition: BaseTest.java:90
org.xdi.oxauth.BaseTest.gluuConfigurationEndpoint
String gluuConfigurationEndpoint
Definition: BaseTest.java:74
org.xdi.oxauth.client.OpenIdConfigurationResponse.getScopeToClaimsMapping
Map< String, List< String > > getScopeToClaimsMapping()
Definition: OpenIdConfigurationResponse.java:136
org.xdi.oxauth.client.OpenIdConfigurationResponse.getJwksUri
String getJwksUri()
Definition: OpenIdConfigurationResponse.java:289
org.xdi.oxauth.client.OpenIdConfigurationResponse.getTokenEndpoint
String getTokenEndpoint()
Definition: OpenIdConfigurationResponse.java:192
org.xdi.oxauth.client.OpenIdConfigurationResponse.getIdTokenSigningAlgValuesSupported
List< String > getIdTokenSigningAlgValuesSupported()
Definition: OpenIdConfigurationResponse.java:519
org.xdi.oxauth.client.OpenIdConnectDiscoveryClient
Definition: OpenIdConnectDiscoveryClient.java:29
org.xdi.oxauth.BaseTest.introspectionEndpoint
String introspectionEndpoint
Definition: BaseTest.java:84
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.client.OpenIdConfigurationResponse.getResponseTypesSupported
List< String > getResponseTypesSupported()
Definition: OpenIdConfigurationResponse.java:378
org.xdi.oxauth.BaseTest.endSessionEndpoint
String endSessionEndpoint
Definition: BaseTest.java:79
org.xdi.oxauth.client.OpenIdConnectDiscoveryResponse.getSubject
String getSubject()
Definition: OpenIdConnectDiscoveryResponse.java:32
org.xdi.oxauth.client.OpenIdConfigurationResponse.getScopesSupported
List< String > getScopesSupported()
Definition: OpenIdConfigurationResponse.java:360
org.xdi.oxauth.BaseTest.determineGluuConfigurationEndpoint
String determineGluuConfigurationEndpoint(String host)
Definition: BaseTest.java:757
org.xdi.oxauth.client.OpenIdConnectDiscoveryClient.exec
OpenIdConnectDiscoveryResponse exec()
Definition: OpenIdConnectDiscoveryClient.java:47
org.xdi.oxauth.client.OpenIdConfigurationResponse.getAuthorizationEndpoint
String getAuthorizationEndpoint()
Definition: OpenIdConfigurationResponse.java:174
org.xdi.oxauth.BaseTest.userInfoEndpoint
String userInfoEndpoint
Definition: BaseTest.java:76
org.xdi.oxauth.client.OpenIdConfigurationClient
Definition: OpenIdConfigurationClient.java:27
org.xdi.oxauth.client.BaseResponse.getStatus
int getStatus()
Definition: BaseResponse.java:49
org.xdi.oxauth.client.OpenIdConnectDiscoveryResponse.getLinks
List< WebFingerLink > getLinks()
Definition: OpenIdConnectDiscoveryResponse.java:40
org.xdi.oxauth.client.OpenIdConfigurationResponse.getClaimsSupported
List< String > getClaimsSupported()
Definition: OpenIdConfigurationResponse.java:728
org.xdi.oxauth.client.OpenIdConnectDiscoveryResponse
Definition: OpenIdConnectDiscoveryResponse.java:17
org.xdi.oxauth.BaseTest.authorizationEndpoint
String authorizationEndpoint
Definition: BaseTest.java:72
org.xdi.oxauth.client.OpenIdConfigurationResponse.getUserInfoEndpoint
String getUserInfoEndpoint()
Definition: OpenIdConfigurationResponse.java:210
org.xdi.oxauth.client.OpenIdConfigurationResponse
Definition: OpenIdConfigurationResponse.java:26
org.xdi.oxauth.BaseTest.clientExecutor
static ClientExecutor clientExecutor()
Definition: BaseTest.java:822
org.xdi.oxauth.BaseTest.scopeToClaimsMapping
Map< String, List< String > > scopeToClaimsMapping
Definition: BaseTest.java:85
org.xdi.oxauth.BaseTest.authorizeFormAllowButton
String authorizeFormAllowButton
Definition: BaseTest.java:91
org.xdi.oxauth.client.OpenIdConfigurationResponse.getIssuer
String getIssuer()
Definition: OpenIdConfigurationResponse.java:156

◆ fails()

static void org.xdi.oxauth.BaseTest.fails ( Throwable  e)
inlinestaticinherited
50  {
51  Assert.fail(e.getMessage(), e);
52  }

◆ getAuthorizationEndpoint()

String org.xdi.oxauth.BaseTest.getAuthorizationEndpoint ( )
inlineinherited
134  {
135  return authorizationEndpoint;
136  }
org.xdi.oxauth.BaseTest.authorizationEndpoint
String authorizationEndpoint
Definition: BaseTest.java:72

◆ getCheckSessionIFrame()

String org.xdi.oxauth.BaseTest.getCheckSessionIFrame ( )
inlineinherited
166  {
167  return checkSessionIFrame;
168  }
org.xdi.oxauth.BaseTest.checkSessionIFrame
String checkSessionIFrame
Definition: BaseTest.java:78

◆ getClientInfoEndpoint()

String org.xdi.oxauth.BaseTest.getClientInfoEndpoint ( )
inlineinherited
158  {
159  return clientInfoEndpoint;
160  }
org.xdi.oxauth.BaseTest.clientInfoEndpoint
String clientInfoEndpoint
Definition: BaseTest.java:77

◆ getConfigurationEndpoint()

String org.xdi.oxauth.BaseTest.getConfigurationEndpoint ( )
inlineinherited
222  {
223  return configurationEndpoint;
224  }
org.xdi.oxauth.BaseTest.configurationEndpoint
String configurationEndpoint
Definition: BaseTest.java:82

◆ getDriver()

WebDriver org.xdi.oxauth.BaseTest.getDriver ( )
inlineinherited
126  {
127  return driver;
128  }
org.xdi.oxauth.BaseTest.driver
WebDriver driver
Definition: BaseTest.java:70

◆ getEndSessionEndpoint()

String org.xdi.oxauth.BaseTest.getEndSessionEndpoint ( )
inlineinherited
174  {
175  return endSessionEndpoint;
176  }
org.xdi.oxauth.BaseTest.endSessionEndpoint
String endSessionEndpoint
Definition: BaseTest.java:79

◆ getIdGenEndpoint()

String org.xdi.oxauth.BaseTest.getIdGenEndpoint ( )
inlineinherited
214  {
215  return idGenEndpoint;
216  }
org.xdi.oxauth.BaseTest.idGenEndpoint
String idGenEndpoint
Definition: BaseTest.java:83

◆ getIntrospectionEndpoint()

String org.xdi.oxauth.BaseTest.getIntrospectionEndpoint ( )
inlineinherited
198  {
199  return introspectionEndpoint;
200  }
org.xdi.oxauth.BaseTest.introspectionEndpoint
String introspectionEndpoint
Definition: BaseTest.java:84

◆ getJwksUri()

String org.xdi.oxauth.BaseTest.getJwksUri ( )
inlineinherited
182  {
183  return jwksUri;
184  }
org.xdi.oxauth.BaseTest.jwksUri
String jwksUri
Definition: BaseTest.java:80

◆ getMessageDigestSHA256()

void org.xdi.oxauth.ws.rs.TokenSignaturesHttpTest.getMessageDigestSHA256 ( )
inline
961  {
962  showTitle("sha256");
963 
964  try {
965  String input = "The quick brown fox jumps over the lazy dog";
966  System.out.println("Input: " + input);
967 
968  byte[] digest = JwtUtil.getMessageDigestSHA256(input);
969 
970  BigInteger result = new BigInteger(1, digest);
971  BigInteger expectedResult = new BigInteger("d7a8fbb307d7809469ca9abcb0082e4f8d5651e46d3cdb762d02d0bf37c9e592", 16);
972 
973  System.out.println("Result : " + result);
974  System.out.println("Expected: " + expectedResult);
975 
976  assertEquals(result, expectedResult);
977  } catch (NoSuchProviderException e) {
978  e.printStackTrace();
979  fail(e.getMessage());
980  } catch (NoSuchAlgorithmException e) {
981  e.printStackTrace();
982  fail(e.getMessage());
983  } catch (UnsupportedEncodingException e) {
984  e.printStackTrace();
985  fail(e.getMessage());
986  }
987  }
org.xdi.oxauth.model.util.JwtUtil
Definition: JwtUtil.java:38
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.model.util.JwtUtil.getMessageDigestSHA256
static byte [] getMessageDigestSHA256(String data)
Definition: JwtUtil.java:69

◆ getMessageDigestSHA384()

void org.xdi.oxauth.ws.rs.TokenSignaturesHttpTest.getMessageDigestSHA384 ( )
inline
990  {
991  showTitle("sha384");
992 
993  try {
994  String input = "The quick brown fox jumps over the lazy dog";
995  System.out.println("Input: " + input);
996 
997  byte[] digest = JwtUtil.getMessageDigestSHA384(input);
998 
999  BigInteger result = new BigInteger(1, digest);
1000  BigInteger expectedResult = new BigInteger("ca737f1014a48f4c0b6dd43cb177b0afd9e5169367544c494011e3317dbf9a509cb1e5dc1e85a941bbee3d7f2afbc9b1", 16);
1001 
1002  System.out.println("Result : " + result);
1003  System.out.println("Expected : " + expectedResult);
1004 
1005  assertEquals(result, expectedResult);
1006  } catch (NoSuchProviderException e) {
1007  e.printStackTrace();
1008  fail(e.getMessage());
1009  } catch (NoSuchAlgorithmException e) {
1010  e.printStackTrace();
1011  fail(e.getMessage());
1012  } catch (UnsupportedEncodingException e) {
1013  e.printStackTrace();
1014  fail(e.getMessage());
1015  }
1016  }
org.xdi.oxauth.model.util.JwtUtil
Definition: JwtUtil.java:38
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.model.util.JwtUtil.getMessageDigestSHA384
static byte [] getMessageDigestSHA384(String data)
Definition: JwtUtil.java:75

◆ getMessageDigestSHA512()

void org.xdi.oxauth.ws.rs.TokenSignaturesHttpTest.getMessageDigestSHA512 ( )
inline
1019  {
1020  showTitle("sha512");
1021 
1022  try {
1023  String input = "The quick brown fox jumps over the lazy dog";
1024  System.out.println("Input: " + input);
1025 
1026  byte[] digest = JwtUtil.getMessageDigestSHA512(input);
1027 
1028  BigInteger result = new BigInteger(1, digest);
1029  BigInteger expectedResult = new BigInteger("07e547d9586f6a73f73fbac0435ed76951218fb7d0c8d788a309d785436bbb642e93a252a954f23912547d1e8a3b5ed6e1bfd7097821233fa0538f3db854fee6", 16);
1030 
1031  System.out.println("Result : " + result);
1032  System.out.println("Expected : " + expectedResult);
1033 
1034  assertEquals(result, expectedResult);
1035  } catch (NoSuchProviderException e) {
1036  e.printStackTrace();
1037  fail(e.getMessage());
1038  } catch (NoSuchAlgorithmException e) {
1039  e.printStackTrace();
1040  fail(e.getMessage());
1041  } catch (UnsupportedEncodingException e) {
1042  e.printStackTrace();
1043  fail(e.getMessage());
1044  }
1045  }
org.xdi.oxauth.model.util.JwtUtil
Definition: JwtUtil.java:38
org.xdi.oxauth.model.util.JwtUtil.getMessageDigestSHA512
static byte [] getMessageDigestSHA512(String data)
Definition: JwtUtil.java:81
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761

◆ getRegistrationEndpoint()

String org.xdi.oxauth.BaseTest.getRegistrationEndpoint ( )
inlineinherited
190  {
191  return registrationEndpoint;
192  }
org.xdi.oxauth.BaseTest.registrationEndpoint
String registrationEndpoint
Definition: BaseTest.java:81

◆ getScopeToClaimsMapping()

Map<String, List<String> > org.xdi.oxauth.BaseTest.getScopeToClaimsMapping ( )
inlineinherited
206  {
207  return scopeToClaimsMapping;
208  }
org.xdi.oxauth.BaseTest.scopeToClaimsMapping
Map< String, List< String > > scopeToClaimsMapping
Definition: BaseTest.java:85

◆ getTokenEndpoint()

String org.xdi.oxauth.BaseTest.getTokenEndpoint ( )
inlineinherited
142  {
143  return tokenEndpoint;
144  }
org.xdi.oxauth.BaseTest.tokenEndpoint
String tokenEndpoint
Definition: BaseTest.java:75

◆ getUserInfoEndpoint()

String org.xdi.oxauth.BaseTest.getUserInfoEndpoint ( )
inlineinherited
150  {
151  return userInfoEndpoint;
152  }
org.xdi.oxauth.BaseTest.userInfoEndpoint
String userInfoEndpoint
Definition: BaseTest.java:76

◆ hs256()

void org.xdi.oxauth.ws.rs.TokenSignaturesHttpTest.hs256 ( ) throws InvalidKeyException, NoSuchAlgorithmException
inline
742  {
743  try {
744  showTitle("hs256");
745 
746  String signingInput = "eyJhbGciOiJIUzI1NiJ9.eyJub25jZSI6ICI2Qm9HN1QwR0RUZ2wiLCAiaWRfdG9rZW4iOiB7Im1heF9hZ2UiOiA4NjQwMH0sICJzdGF0ZSI6ICJTVEFURTAiLCAicmVkaXJlY3RfdXJpIjogImh0dHBzOi8vbG9jYWxob3N0L2NhbGxiYWNrMSIsICJ1c2VyaW5mbyI6IHsiY2xhaW1zIjogeyJuYW1lIjogbnVsbH19LCAiY2xpZW50X2lkIjogIkAhMTExMSEwMDA4IUU2NTQuQjQ2MCIsICJzY29wZSI6IFsib3BlbmlkIl0sICJyZXNwb25zZV90eXBlIjogWyJjb2RlIl19";
747  String secret = "071d68a5-9eb0-47fb-8608-f54a0d9c8ede";
748 
749  OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider();
750  String encodedSignature = cryptoProvider.sign(signingInput, null, secret, SignatureAlgorithm.HS256);
751 
752  System.out.println("Encoded Signature: " + encodedSignature);
753  assertEquals(encodedSignature, "BQwm1HCz0cjHYbulWMumkhZgyb2dD93uScXmC6Fv8Ik");
754  } catch (Exception e) {
755  fail(e.getMessage(), e);
756  }
757  }
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm
Definition: SignatureAlgorithm.java:20
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm.HS256
HS256
Definition: SignatureAlgorithm.java:23
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign
String sign(String signingInput, String alias, String sharedSecret, SignatureAlgorithm signatureAlgorithm)
Definition: OxAuthCryptoProvider.java:157
org.xdi.oxauth.model.crypto.OxAuthCryptoProvider
Definition: OxAuthCryptoProvider.java:62

◆ hs384()

void org.xdi.oxauth.ws.rs.TokenSignaturesHttpTest.hs384 ( ) throws InvalidKeyException, NoSuchAlgorithmException
inline
760  {
761  try {
762  showTitle("hs384");
763 
764  String signingInput = "eyJhbGciOiJIUzI1NiJ9.eyJub25jZSI6ICI2Qm9HN1QwR0RUZ2wiLCAiaWRfdG9rZW4iOiB7Im1heF9hZ2UiOiA4NjQwMH0sICJzdGF0ZSI6ICJTVEFURTAiLCAicmVkaXJlY3RfdXJpIjogImh0dHBzOi8vbG9jYWxob3N0L2NhbGxiYWNrMSIsICJ1c2VyaW5mbyI6IHsiY2xhaW1zIjogeyJuYW1lIjogbnVsbH19LCAiY2xpZW50X2lkIjogIkAhMTExMSEwMDA4IUU2NTQuQjQ2MCIsICJzY29wZSI6IFsib3BlbmlkIl0sICJyZXNwb25zZV90eXBlIjogWyJjb2RlIl19";
765  String secret = "071d68a5-9eb0-47fb-8608-f54a0d9c8ede";
766 
767  OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider();
768  String encodedSignature = cryptoProvider.sign(signingInput, null, secret, SignatureAlgorithm.HS384);
769 
770  System.out.println("Encoded Signature: " + encodedSignature);
771  assertEquals(encodedSignature, "pe7gU1XxroqizSzucuHOor36L-M9_XPZ7KZcR6JW6xQAa2fmTLSDCc02fNER9atB");
772  } catch (Exception e) {
773  fail(e.getMessage(), e);
774  }
775  }
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm
Definition: SignatureAlgorithm.java:20
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm.HS384
HS384
Definition: SignatureAlgorithm.java:24
org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign
String sign(String signingInput, String alias, String sharedSecret, SignatureAlgorithm signatureAlgorithm)
Definition: OxAuthCryptoProvider.java:157
org.xdi.oxauth.model.crypto.OxAuthCryptoProvider
Definition: OxAuthCryptoProvider.java:62

◆ hs512()

void org.xdi.oxauth.ws.rs.TokenSignaturesHttpTest.hs512 ( ) throws InvalidKeyException, NoSuchAlgorithmException
inline
778  {
779  try {
780  showTitle("hs512");
781 
782  String signingInput = "eyJhbGciOiJIUzI1NiJ9.eyJub25jZSI6ICI2Qm9HN1QwR0RUZ2wiLCAiaWRfdG9rZW4iOiB7Im1heF9hZ2UiOiA4NjQwMH0sICJzdGF0ZSI6ICJTVEFURTAiLCAicmVkaXJlY3RfdXJpIjogImh0dHBzOi8vbG9jYWxob3N0L2NhbGxiYWNrMSIsICJ1c2VyaW5mbyI6IHsiY2xhaW1zIjogeyJuYW1lIjogbnVsbH19LCAiY2xpZW50X2lkIjogIkAhMTExMSEwMDA4IUU2NTQuQjQ2MCIsICJzY29wZSI6IFsib3BlbmlkIl0sICJyZXNwb25zZV90eXBlIjogWyJjb2RlIl19";
783  String secret = "071d68a5-9eb0-47fb-8608-f54a0d9c8ede";
784 
785  OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider();
786  String encodedSignature = cryptoProvider.sign(signingInput, null, secret, SignatureAlgorithm.HS512);
787 
788  System.out.println("Encoded Signature: " + encodedSignature);
789  assertEquals(encodedSignature, "IZsXiRrRfP9eNFj6snm_MGEnrtfvX8vOF43Z-FuFkRj29y0WUaPR50IXRDI5uGatJvVdr_i7eJCJ4N_EwwrIhQ");
790  } catch (Exception e) {
791  fail(e.getMessage(), e);
792  }
793  }
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm
Definition: SignatureAlgorithm.java:20
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm.HS512
HS512
Definition: SignatureAlgorithm.java:25
org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign
String sign(String signingInput, String alias, String sharedSecret, SignatureAlgorithm signatureAlgorithm)
Definition: OxAuthCryptoProvider.java:157
org.xdi.oxauth.model.crypto.OxAuthCryptoProvider
Definition: OxAuthCryptoProvider.java:62

◆ initTestSuite()

void org.xdi.oxauth.BaseTest.initTestSuite ( ITestContext  context) throws FileNotFoundException, IOException
inlineinherited
95  {
96  SecurityProviderUtility.installBCProvider();
97 
98  Reporter.log("Invoked init test suite method \n", true);
99 
100  String propertiesFile = context.getCurrentXmlTest().getParameter("propertiesFile");
101  if (StringHelper.isEmpty(propertiesFile)) {
102  propertiesFile = "target/test-classes/testng.properties";
103  //propertiesFile = "U:\\own\\project\\git\\oxAuth\\Client\\src\\test\\resources\\testng_yuriy.properties";
104  //propertiesFile = "/Users/JAVIER/IdeaProjects/oxAuth/Client/target/test-classes/testng.properties";
105  }
106 
107  FileInputStream conf = new FileInputStream(propertiesFile);
108  Properties prop = new Properties();
109  prop.load(conf);
110 
111  Map<String, String> parameters = new HashMap<String, String>();
112  for (Entry<Object, Object> entry : prop.entrySet()) {
113  Object key = entry.getKey();
114  Object value = entry.getValue();
115 
116  if (StringHelper.isEmptyString(key) || StringHelper.isEmptyString(value)) {
117  continue;
118  }
119  parameters.put(key.toString(), value.toString());
120  }
121 
122  // Overrided test paramters
123  context.getSuite().getXmlSuite().setParameters(parameters);
124  }

◆ output()

static void org.xdi.oxauth.BaseTest.output ( String  p_msg)
inlinestaticinherited
54  {
55  System.out.println(p_msg);
56  }

◆ printAlgorithmsAndProviders()

void org.xdi.oxauth.ws.rs.TokenSignaturesHttpTest.printAlgorithmsAndProviders ( )
inline
735  {
736  showTitle("printAlgorithmsAndProviders");
737 
738  JwtUtil.printAlgorithmsAndProviders();
739  }
org.xdi.oxauth.model.util.JwtUtil
Definition: JwtUtil.java:38
org.xdi.oxauth.model.util.JwtUtil.printAlgorithmsAndProviders
static void printAlgorithmsAndProviders()
Definition: JwtUtil.java:42
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761

◆ requestAuthorizationIdTokenES256()

void org.xdi.oxauth.ws.rs.TokenSignaturesHttpTest.requestAuthorizationIdTokenES256 ( final String  redirectUris,
final String  userId,
final String  userSecret,
final String  redirectUri,
final String  sectorIdentifierUri 
) throws Exception
inline
549  {
550  showTitle("requestAuthorizationIdTokenES256");
551 
552  List<ResponseType> responseTypes = Arrays.asList(ResponseType.ID_TOKEN);
553 
554  // 1. Registration
555  RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
556  StringUtils.spaceSeparatedToList(redirectUris));
557  registerRequest.setContacts(Arrays.asList("javier@gluu.org", "javier.rojas.blum@gmail.com"));
558  registerRequest.setResponseTypes(responseTypes);
559  registerRequest.setIdTokenSignedResponseAlg(SignatureAlgorithm.ES256);
560  registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
561 
562  RegisterClient registerClient = new RegisterClient(registrationEndpoint);
563  registerClient.setRequest(registerRequest);
564  RegisterResponse registerResponse = registerClient.exec();
565 
566  showClient(registerClient);
567  assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
568  assertNotNull(registerResponse.getClientId());
569  assertNotNull(registerResponse.getClientSecret());
570  assertNotNull(registerResponse.getRegistrationAccessToken());
571  assertNotNull(registerResponse.getClientSecretExpiresAt());
572 
573  String clientId = registerResponse.getClientId();
574 
575  // 2. Request Authorization
576  List<String> scopes = Arrays.asList(
577  "openid",
578  "profile",
579  "address",
580  "email");
581  String nonce = UUID.randomUUID().toString();
582  String state = UUID.randomUUID().toString();
583 
584  AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce);
585  authorizationRequest.setState(state);
586 
587  AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
588  authorizationEndpoint, authorizationRequest, userId, userSecret);
589 
590  assertNotNull(authorizationResponse.getLocation(), "The location is null");
591  assertNotNull(authorizationResponse.getIdToken(), "The idToken is null");
592  assertNotNull(authorizationResponse.getState(), "The state is null");
593 
594  String idToken = authorizationResponse.getIdToken();
595 
596  // 3. Validate id_token
597  Jwt jwt = Jwt.parse(idToken);
598  String keyId = jwt.getHeader().getClaimAsString(JwtHeaderName.KEY_ID);
599  JwkClient jwkClient = new JwkClient(jwksUri);
600  JwkResponse jwkResponse = jwkClient.exec();
601 
602  OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider();
603  boolean validJwt = cryptoProvider.verifySignature(jwt.getSigningInput(), jwt.getEncodedSignature(), keyId,
604  jwkResponse.getJwks().toJSONObject(), null, SignatureAlgorithm.ES256);
605  assertTrue(validJwt);
606  }
org.xdi.oxauth.model.common.ResponseType.ID_TOKEN
ID_TOKEN
Definition: ResponseType.java:47
org.xdi.oxauth.client.RegisterRequest.setIdTokenSignedResponseAlg
void setIdTokenSignedResponseAlg(SignatureAlgorithm idTokenSignedResponseAlg)
Definition: RegisterRequest.java:556
org.xdi.oxauth.BaseTest.registrationEndpoint
String registrationEndpoint
Definition: BaseTest.java:81
org.xdi.oxauth.client.RegisterClient
Definition: RegisterClient.java:34
org.xdi.oxauth.client.AuthorizationResponse.getIdToken
String getIdToken()
Definition: AuthorizationResponse.java:295
org.xdi.oxauth.model.jwt.JwtClaimSet.getClaimAsString
String getClaimAsString(String key)
Definition: JwtClaimSet.java:55
org.xdi.oxauth.model.jwt.Jwt.getSigningInput
String getSigningInput()
Definition: Jwt.java:46
org.xdi.oxauth.BaseTest.jwksUri
String jwksUri
Definition: BaseTest.java:80
org.xdi.oxauth.client.RegisterResponse
Definition: RegisterResponse.java:34
org.xdi.oxauth.client.AuthorizationResponse.getState
String getState()
Definition: AuthorizationResponse.java:314
org.xdi.oxauth.client.JwkClient.exec
JwkResponse exec()
Definition: JwkClient.java:54
org.xdi.oxauth.client.RegisterRequest.setSectorIdentifierUri
void setSectorIdentifierUri(String sectorIdentifierUri)
Definition: RegisterRequest.java:504
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm
Definition: SignatureAlgorithm.java:20
org.xdi.oxauth.BaseTest.showClient
static void showClient(BaseClient client)
Definition: BaseTest.java:775
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm.ES256
ES256
Definition: SignatureAlgorithm.java:29
org.xdi.oxauth.model.jwt.Jwt.getEncodedSignature
String getEncodedSignature()
Definition: Jwt.java:38
org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.verifySignature
boolean verifySignature(String signingInput, String encodedSignature, String alias, JSONObject jwks, String sharedSecret, SignatureAlgorithm signatureAlgorithm)
Definition: OxAuthCryptoProvider.java:179
org.xdi.oxauth.client.RegisterResponse.getClientSecretExpiresAt
Date getClientSecretExpiresAt()
Definition: RegisterResponse.java:205
org.xdi.oxauth.client.RegisterClient.exec
RegisterResponse exec()
Definition: RegisterClient.java:76
org.xdi.oxauth.model.jwk.JSONWebKeySet.toJSONObject
JSONObject toJSONObject()
Definition: JSONWebKeySet.java:76
org.xdi.oxauth.client.JwkResponse.getJwks
JSONWebKeySet getJwks()
Definition: JwkResponse.java:40
org.xdi.oxauth.client.RegisterResponse.getClientSecret
String getClientSecret()
Definition: RegisterResponse.java:160
org.xdi.oxauth.model.register.ApplicationType.WEB
WEB
Definition: ApplicationType.java:28
org.xdi.oxauth.client.RegisterRequest.setContacts
void setContacts(List< String > contacts)
Definition: RegisterRequest.java:336
org.xdi.oxauth.client.JwkClient
Definition: JwkClient.java:29
org.xdi.oxauth.client.RegisterResponse.getClientId
String getClientId()
Definition: RegisterResponse.java:142
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.model.jwt.Jwt
Definition: Jwt.java:24
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.client.RegisterRequest.setResponseTypes
void setResponseTypes(List< ResponseType > responseTypes)
Definition: RegisterRequest.java:272
org.xdi.oxauth.client.RegisterRequest
Definition: RegisterRequest.java:37
org.xdi.oxauth.client.JwkResponse
Definition: JwkResponse.java:27
org.xdi.oxauth.model.token.JsonWebResponse.getHeader
JwtHeader getHeader()
Definition: JsonWebResponse.java:33
org.xdi.oxauth.client.BaseResponse.getLocation
String getLocation()
Definition: BaseResponse.java:58
org.xdi.oxauth.client.AuthorizationRequest
Definition: AuthorizationRequest.java:33
org.xdi.oxauth.model.register.ApplicationType
Definition: ApplicationType.java:12
org.xdi.oxauth.model.common.ResponseType
Definition: ResponseType.java:34
org.xdi.oxauth.client.AuthorizationRequest.setState
void setState(String state)
Definition: AuthorizationRequest.java:217
org.xdi.oxauth.BaseTest.authorizationEndpoint
String authorizationEndpoint
Definition: BaseTest.java:72
org.xdi.oxauth.model.jwt.Jwt.parse
static Jwt parse(String encodedJwt)
Definition: Jwt.java:54
org.xdi.oxauth.BaseTest.authenticateResourceOwnerAndGrantAccess
AuthorizationResponse authenticateResourceOwnerAndGrantAccess(String authorizeUrl, AuthorizationRequest authorizationRequest, String userId, String userSecret)
Definition: BaseTest.java:252
org.xdi.oxauth.model.crypto.OxAuthCryptoProvider
Definition: OxAuthCryptoProvider.java:62
org.xdi.oxauth.client.RegisterResponse.getRegistrationAccessToken
String getRegistrationAccessToken()
Definition: RegisterResponse.java:173

◆ requestAuthorizationIdTokenES384()

void org.xdi.oxauth.ws.rs.TokenSignaturesHttpTest.requestAuthorizationIdTokenES384 ( final String  redirectUris,
final String  userId,
final String  userSecret,
final String  redirectUri,
final String  sectorIdentifierUri 
) throws Exception
inline
612  {
613  showTitle("requestAuthorizationIdTokenES384");
614 
615  List<ResponseType> responseTypes = Arrays.asList(ResponseType.ID_TOKEN);
616 
617  // 1. Registration
618  RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
619  StringUtils.spaceSeparatedToList(redirectUris));
620  registerRequest.setContacts(Arrays.asList("javier@gluu.org", "javier.rojas.blum@gmail.com"));
621  registerRequest.setResponseTypes(responseTypes);
622  registerRequest.setIdTokenSignedResponseAlg(SignatureAlgorithm.ES384);
623  registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
624 
625  RegisterClient registerClient = new RegisterClient(registrationEndpoint);
626  registerClient.setRequest(registerRequest);
627  RegisterResponse registerResponse = registerClient.exec();
628 
629  showClient(registerClient);
630  assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
631  assertNotNull(registerResponse.getClientId());
632  assertNotNull(registerResponse.getClientSecret());
633  assertNotNull(registerResponse.getRegistrationAccessToken());
634  assertNotNull(registerResponse.getClientSecretExpiresAt());
635 
636  String clientId = registerResponse.getClientId();
637 
638  // 2. Request Authorization
639  List<String> scopes = Arrays.asList(
640  "openid",
641  "profile",
642  "address",
643  "email");
644  String nonce = UUID.randomUUID().toString();
645  String state = UUID.randomUUID().toString();
646 
647  AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce);
648  authorizationRequest.setState(state);
649 
650  AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
651  authorizationEndpoint, authorizationRequest, userId, userSecret);
652 
653  assertNotNull(authorizationResponse.getLocation(), "The location is null");
654  assertNotNull(authorizationResponse.getIdToken(), "The idToken is null");
655  assertNotNull(authorizationResponse.getState(), "The state is null");
656 
657  String idToken = authorizationResponse.getIdToken();
658 
659  // 3. Validate id_token
660  Jwt jwt = Jwt.parse(idToken);
661  String keyId = jwt.getHeader().getClaimAsString(JwtHeaderName.KEY_ID);
662  JwkClient jwkClient = new JwkClient(jwksUri);
663  JwkResponse jwkResponse = jwkClient.exec();
664 
665  OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider();
666  boolean validJwt = cryptoProvider.verifySignature(jwt.getSigningInput(), jwt.getEncodedSignature(), keyId,
667  jwkResponse.getJwks().toJSONObject(), null, SignatureAlgorithm.ES384);
668  assertTrue(validJwt);
669  }
org.xdi.oxauth.model.common.ResponseType.ID_TOKEN
ID_TOKEN
Definition: ResponseType.java:47
org.xdi.oxauth.client.RegisterRequest.setIdTokenSignedResponseAlg
void setIdTokenSignedResponseAlg(SignatureAlgorithm idTokenSignedResponseAlg)
Definition: RegisterRequest.java:556
org.xdi.oxauth.BaseTest.registrationEndpoint
String registrationEndpoint
Definition: BaseTest.java:81
org.xdi.oxauth.client.RegisterClient
Definition: RegisterClient.java:34
org.xdi.oxauth.client.AuthorizationResponse.getIdToken
String getIdToken()
Definition: AuthorizationResponse.java:295
org.xdi.oxauth.model.jwt.JwtClaimSet.getClaimAsString
String getClaimAsString(String key)
Definition: JwtClaimSet.java:55
org.xdi.oxauth.model.jwt.Jwt.getSigningInput
String getSigningInput()
Definition: Jwt.java:46
org.xdi.oxauth.BaseTest.jwksUri
String jwksUri
Definition: BaseTest.java:80
org.xdi.oxauth.client.RegisterResponse
Definition: RegisterResponse.java:34
org.xdi.oxauth.client.AuthorizationResponse.getState
String getState()
Definition: AuthorizationResponse.java:314
org.xdi.oxauth.client.JwkClient.exec
JwkResponse exec()
Definition: JwkClient.java:54
org.xdi.oxauth.client.RegisterRequest.setSectorIdentifierUri
void setSectorIdentifierUri(String sectorIdentifierUri)
Definition: RegisterRequest.java:504
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm
Definition: SignatureAlgorithm.java:20
org.xdi.oxauth.BaseTest.showClient
static void showClient(BaseClient client)
Definition: BaseTest.java:775
org.xdi.oxauth.model.jwt.Jwt.getEncodedSignature
String getEncodedSignature()
Definition: Jwt.java:38
org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.verifySignature
boolean verifySignature(String signingInput, String encodedSignature, String alias, JSONObject jwks, String sharedSecret, SignatureAlgorithm signatureAlgorithm)
Definition: OxAuthCryptoProvider.java:179
org.xdi.oxauth.client.RegisterResponse.getClientSecretExpiresAt
Date getClientSecretExpiresAt()
Definition: RegisterResponse.java:205
org.xdi.oxauth.client.RegisterClient.exec
RegisterResponse exec()
Definition: RegisterClient.java:76
org.xdi.oxauth.model.jwk.JSONWebKeySet.toJSONObject
JSONObject toJSONObject()
Definition: JSONWebKeySet.java:76
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm.ES384
ES384
Definition: SignatureAlgorithm.java:30
org.xdi.oxauth.client.JwkResponse.getJwks
JSONWebKeySet getJwks()
Definition: JwkResponse.java:40
org.xdi.oxauth.client.RegisterResponse.getClientSecret
String getClientSecret()
Definition: RegisterResponse.java:160
org.xdi.oxauth.model.register.ApplicationType.WEB
WEB
Definition: ApplicationType.java:28
org.xdi.oxauth.client.RegisterRequest.setContacts
void setContacts(List< String > contacts)
Definition: RegisterRequest.java:336
org.xdi.oxauth.client.JwkClient
Definition: JwkClient.java:29
org.xdi.oxauth.client.RegisterResponse.getClientId
String getClientId()
Definition: RegisterResponse.java:142
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.model.jwt.Jwt
Definition: Jwt.java:24
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.client.RegisterRequest.setResponseTypes
void setResponseTypes(List< ResponseType > responseTypes)
Definition: RegisterRequest.java:272
org.xdi.oxauth.client.RegisterRequest
Definition: RegisterRequest.java:37
org.xdi.oxauth.client.JwkResponse
Definition: JwkResponse.java:27
org.xdi.oxauth.model.token.JsonWebResponse.getHeader
JwtHeader getHeader()
Definition: JsonWebResponse.java:33
org.xdi.oxauth.client.BaseResponse.getLocation
String getLocation()
Definition: BaseResponse.java:58
org.xdi.oxauth.client.AuthorizationRequest
Definition: AuthorizationRequest.java:33
org.xdi.oxauth.model.register.ApplicationType
Definition: ApplicationType.java:12
org.xdi.oxauth.model.common.ResponseType
Definition: ResponseType.java:34
org.xdi.oxauth.client.AuthorizationRequest.setState
void setState(String state)
Definition: AuthorizationRequest.java:217
org.xdi.oxauth.BaseTest.authorizationEndpoint
String authorizationEndpoint
Definition: BaseTest.java:72
org.xdi.oxauth.model.jwt.Jwt.parse
static Jwt parse(String encodedJwt)
Definition: Jwt.java:54
org.xdi.oxauth.BaseTest.authenticateResourceOwnerAndGrantAccess
AuthorizationResponse authenticateResourceOwnerAndGrantAccess(String authorizeUrl, AuthorizationRequest authorizationRequest, String userId, String userSecret)
Definition: BaseTest.java:252
org.xdi.oxauth.model.crypto.OxAuthCryptoProvider
Definition: OxAuthCryptoProvider.java:62
org.xdi.oxauth.client.RegisterResponse.getRegistrationAccessToken
String getRegistrationAccessToken()
Definition: RegisterResponse.java:173

◆ requestAuthorizationIdTokenES512()

void org.xdi.oxauth.ws.rs.TokenSignaturesHttpTest.requestAuthorizationIdTokenES512 ( final String  redirectUris,
final String  userId,
final String  userSecret,
final String  redirectUri,
final String  sectorIdentifierUri 
) throws Exception
inline
675  {
676  showTitle("requestAuthorizationIdTokenES512");
677 
678  List<ResponseType> responseTypes = Arrays.asList(ResponseType.ID_TOKEN);
679 
680  // 1. Registration
681  RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
682  StringUtils.spaceSeparatedToList(redirectUris));
683  registerRequest.setContacts(Arrays.asList("javier@gluu.org", "javier.rojas.blum@gmail.com"));
684  registerRequest.setResponseTypes(responseTypes);
685  registerRequest.setIdTokenSignedResponseAlg(SignatureAlgorithm.ES512);
686  registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
687 
688  RegisterClient registerClient = new RegisterClient(registrationEndpoint);
689  registerClient.setRequest(registerRequest);
690  RegisterResponse registerResponse = registerClient.exec();
691 
692  showClient(registerClient);
693  assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
694  assertNotNull(registerResponse.getClientId());
695  assertNotNull(registerResponse.getClientSecret());
696  assertNotNull(registerResponse.getRegistrationAccessToken());
697  assertNotNull(registerResponse.getClientSecretExpiresAt());
698 
699  String clientId = registerResponse.getClientId();
700 
701  // 2. Request Authorization
702  List<String> scopes = Arrays.asList(
703  "openid",
704  "profile",
705  "address",
706  "email");
707  String nonce = UUID.randomUUID().toString();
708  String state = UUID.randomUUID().toString();
709 
710  AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce);
711  authorizationRequest.setState(state);
712 
713  AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
714  authorizationEndpoint, authorizationRequest, userId, userSecret);
715 
716  assertNotNull(authorizationResponse.getLocation(), "The location is null");
717  assertNotNull(authorizationResponse.getIdToken(), "The idToken is null");
718  assertNotNull(authorizationResponse.getState(), "The state is null");
719 
720  String idToken = authorizationResponse.getIdToken();
721 
722  // 3. Validate id_token
723  Jwt jwt = Jwt.parse(idToken);
724  String keyId = jwt.getHeader().getClaimAsString(JwtHeaderName.KEY_ID);
725  JwkClient jwkClient = new JwkClient(jwksUri);
726  JwkResponse jwkResponse = jwkClient.exec();
727 
728  OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider();
729  boolean validJwt = cryptoProvider.verifySignature(jwt.getSigningInput(), jwt.getEncodedSignature(), keyId,
730  jwkResponse.getJwks().toJSONObject(), null, SignatureAlgorithm.ES512);
731  assertTrue(validJwt);
732  }
org.xdi.oxauth.model.common.ResponseType.ID_TOKEN
ID_TOKEN
Definition: ResponseType.java:47
org.xdi.oxauth.client.RegisterRequest.setIdTokenSignedResponseAlg
void setIdTokenSignedResponseAlg(SignatureAlgorithm idTokenSignedResponseAlg)
Definition: RegisterRequest.java:556
org.xdi.oxauth.BaseTest.registrationEndpoint
String registrationEndpoint
Definition: BaseTest.java:81
org.xdi.oxauth.client.RegisterClient
Definition: RegisterClient.java:34
org.xdi.oxauth.client.AuthorizationResponse.getIdToken
String getIdToken()
Definition: AuthorizationResponse.java:295
org.xdi.oxauth.model.jwt.JwtClaimSet.getClaimAsString
String getClaimAsString(String key)
Definition: JwtClaimSet.java:55
org.xdi.oxauth.model.jwt.Jwt.getSigningInput
String getSigningInput()
Definition: Jwt.java:46
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm.ES512
ES512
Definition: SignatureAlgorithm.java:31
org.xdi.oxauth.BaseTest.jwksUri
String jwksUri
Definition: BaseTest.java:80
org.xdi.oxauth.client.RegisterResponse
Definition: RegisterResponse.java:34
org.xdi.oxauth.client.AuthorizationResponse.getState
String getState()
Definition: AuthorizationResponse.java:314
org.xdi.oxauth.client.JwkClient.exec
JwkResponse exec()
Definition: JwkClient.java:54
org.xdi.oxauth.client.RegisterRequest.setSectorIdentifierUri
void setSectorIdentifierUri(String sectorIdentifierUri)
Definition: RegisterRequest.java:504
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm
Definition: SignatureAlgorithm.java:20
org.xdi.oxauth.BaseTest.showClient
static void showClient(BaseClient client)
Definition: BaseTest.java:775
org.xdi.oxauth.model.jwt.Jwt.getEncodedSignature
String getEncodedSignature()
Definition: Jwt.java:38
org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.verifySignature
boolean verifySignature(String signingInput, String encodedSignature, String alias, JSONObject jwks, String sharedSecret, SignatureAlgorithm signatureAlgorithm)
Definition: OxAuthCryptoProvider.java:179
org.xdi.oxauth.client.RegisterResponse.getClientSecretExpiresAt
Date getClientSecretExpiresAt()
Definition: RegisterResponse.java:205
org.xdi.oxauth.client.RegisterClient.exec
RegisterResponse exec()
Definition: RegisterClient.java:76
org.xdi.oxauth.model.jwk.JSONWebKeySet.toJSONObject
JSONObject toJSONObject()
Definition: JSONWebKeySet.java:76
org.xdi.oxauth.client.JwkResponse.getJwks
JSONWebKeySet getJwks()
Definition: JwkResponse.java:40
org.xdi.oxauth.client.RegisterResponse.getClientSecret
String getClientSecret()
Definition: RegisterResponse.java:160
org.xdi.oxauth.model.register.ApplicationType.WEB
WEB
Definition: ApplicationType.java:28
org.xdi.oxauth.client.RegisterRequest.setContacts
void setContacts(List< String > contacts)
Definition: RegisterRequest.java:336
org.xdi.oxauth.client.JwkClient
Definition: JwkClient.java:29
org.xdi.oxauth.client.RegisterResponse.getClientId
String getClientId()
Definition: RegisterResponse.java:142
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.model.jwt.Jwt
Definition: Jwt.java:24
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.client.RegisterRequest.setResponseTypes
void setResponseTypes(List< ResponseType > responseTypes)
Definition: RegisterRequest.java:272
org.xdi.oxauth.client.RegisterRequest
Definition: RegisterRequest.java:37
org.xdi.oxauth.client.JwkResponse
Definition: JwkResponse.java:27
org.xdi.oxauth.model.token.JsonWebResponse.getHeader
JwtHeader getHeader()
Definition: JsonWebResponse.java:33
org.xdi.oxauth.client.BaseResponse.getLocation
String getLocation()
Definition: BaseResponse.java:58
org.xdi.oxauth.client.AuthorizationRequest
Definition: AuthorizationRequest.java:33
org.xdi.oxauth.model.register.ApplicationType
Definition: ApplicationType.java:12
org.xdi.oxauth.model.common.ResponseType
Definition: ResponseType.java:34
org.xdi.oxauth.client.AuthorizationRequest.setState
void setState(String state)
Definition: AuthorizationRequest.java:217
org.xdi.oxauth.BaseTest.authorizationEndpoint
String authorizationEndpoint
Definition: BaseTest.java:72
org.xdi.oxauth.model.jwt.Jwt.parse
static Jwt parse(String encodedJwt)
Definition: Jwt.java:54
org.xdi.oxauth.BaseTest.authenticateResourceOwnerAndGrantAccess
AuthorizationResponse authenticateResourceOwnerAndGrantAccess(String authorizeUrl, AuthorizationRequest authorizationRequest, String userId, String userSecret)
Definition: BaseTest.java:252
org.xdi.oxauth.model.crypto.OxAuthCryptoProvider
Definition: OxAuthCryptoProvider.java:62
org.xdi.oxauth.client.RegisterResponse.getRegistrationAccessToken
String getRegistrationAccessToken()
Definition: RegisterResponse.java:173

◆ requestAuthorizationIdTokenHS256()

void org.xdi.oxauth.ws.rs.TokenSignaturesHttpTest.requestAuthorizationIdTokenHS256 ( final String  redirectUris,
final String  userId,
final String  userSecret,
final String  redirectUri,
final String  sectorIdentifierUri 
) throws Exception
inline
135  {
136  showTitle("requestAuthorizationIdTokenHS256");
137 
138  List<ResponseType> responseTypes = Arrays.asList(ResponseType.ID_TOKEN);
139 
140  // 1. Registration
141  RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
142  StringUtils.spaceSeparatedToList(redirectUris));
143  registerRequest.setContacts(Arrays.asList("javier@gluu.org", "javier.rojas.blum@gmail.com"));
144  registerRequest.setResponseTypes(responseTypes);
145  registerRequest.setIdTokenSignedResponseAlg(SignatureAlgorithm.HS256);
146  registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");
147  registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
148 
149  RegisterClient registerClient = new RegisterClient(registrationEndpoint);
150  registerClient.setRequest(registerRequest);
151  RegisterResponse registerResponse = registerClient.exec();
152 
153  showClient(registerClient);
154  assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
155  assertNotNull(registerResponse.getClientId());
156  assertNotNull(registerResponse.getClientSecret());
157  assertNotNull(registerResponse.getRegistrationAccessToken());
158  assertNotNull(registerResponse.getClientSecretExpiresAt());
159 
160  String clientId = registerResponse.getClientId();
161  String clientSecret = registerResponse.getClientSecret();
162 
163  // 2. Request Authorization
164  List<String> scopes = Arrays.asList(
165  "openid",
166  "profile",
167  "address",
168  "email");
169  String nonce = UUID.randomUUID().toString();
170  String state = UUID.randomUUID().toString();
171 
172  AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce);
173  authorizationRequest.setState(state);
174  authorizationRequest.setAuthUsername(userId);
175  authorizationRequest.setAuthPassword(userSecret);
176  authorizationRequest.getPrompts().add(Prompt.NONE);
177 
178  AuthorizeClient authorizeClient = new AuthorizeClient(authorizationEndpoint);
179  authorizeClient.setRequest(authorizationRequest);
180  AuthorizationResponse authorizationResponse = authorizeClient.exec();
181 
182  showClient(authorizeClient);
183  assertEquals(authorizationResponse.getStatus(), 302, "Unexpected response code: " + authorizationResponse.getStatus());
184  assertNotNull(authorizationResponse.getLocation(), "The location is null");
185  assertNotNull(authorizationResponse.getIdToken(), "The idToken is null");
186  assertNotNull(authorizationResponse.getState(), "The state is null");
187 
188  String idToken = authorizationResponse.getIdToken();
189 
190  // 3. Validate id_token
191  Jwt jwt = Jwt.parse(idToken);
192 
193  OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider();
194  boolean validJwt = cryptoProvider.verifySignature(jwt.getSigningInput(), jwt.getEncodedSignature(), null,
195  null, clientSecret, SignatureAlgorithm.HS256);
196  assertTrue(validJwt);
197  }
org.xdi.oxauth.model.common.ResponseType.ID_TOKEN
ID_TOKEN
Definition: ResponseType.java:47
org.xdi.oxauth.client.RegisterRequest.setIdTokenSignedResponseAlg
void setIdTokenSignedResponseAlg(SignatureAlgorithm idTokenSignedResponseAlg)
Definition: RegisterRequest.java:556
org.xdi.oxauth.BaseTest.registrationEndpoint
String registrationEndpoint
Definition: BaseTest.java:81
org.xdi.oxauth.client.RegisterClient
Definition: RegisterClient.java:34
org.xdi.oxauth.client.AuthorizationResponse.getIdToken
String getIdToken()
Definition: AuthorizationResponse.java:295
org.xdi.oxauth.model.jwt.Jwt.getSigningInput
String getSigningInput()
Definition: Jwt.java:46
org.xdi.oxauth.client.BaseRequest.setAuthUsername
void setAuthUsername(String authUsername)
Definition: BaseRequest.java:62
org.xdi.oxauth.client.RegisterResponse
Definition: RegisterResponse.java:34
org.xdi.oxauth.client.AuthorizationRequest.getPrompts
List< Prompt > getPrompts()
Definition: AuthorizationRequest.java:275
org.xdi.oxauth.client.AuthorizationResponse.getState
String getState()
Definition: AuthorizationResponse.java:314
org.xdi.oxauth.client.AuthorizeClient.exec
AuthorizationResponse exec()
Definition: AuthorizeClient.java:167
org.xdi.oxauth.client.RegisterRequest.setSectorIdentifierUri
void setSectorIdentifierUri(String sectorIdentifierUri)
Definition: RegisterRequest.java:504
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm
Definition: SignatureAlgorithm.java:20
org.xdi.oxauth.BaseTest.showClient
static void showClient(BaseClient client)
Definition: BaseTest.java:775
org.xdi.oxauth.model.jwt.Jwt.getEncodedSignature
String getEncodedSignature()
Definition: Jwt.java:38
org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.verifySignature
boolean verifySignature(String signingInput, String encodedSignature, String alias, JSONObject jwks, String sharedSecret, SignatureAlgorithm signatureAlgorithm)
Definition: OxAuthCryptoProvider.java:179
org.xdi.oxauth.client.RegisterResponse.getClientSecretExpiresAt
Date getClientSecretExpiresAt()
Definition: RegisterResponse.java:205
org.xdi.oxauth.client.RegisterClient.exec
RegisterResponse exec()
Definition: RegisterClient.java:76
org.xdi.oxauth.client.BaseRequest.setAuthPassword
void setAuthPassword(String authPassword)
Definition: BaseRequest.java:70
org.xdi.oxauth.client.AuthorizeClient
Definition: AuthorizeClient.java:29
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm.HS256
HS256
Definition: SignatureAlgorithm.java:23
org.xdi.oxauth.client.RegisterResponse.getClientSecret
String getClientSecret()
Definition: RegisterResponse.java:160
org.xdi.oxauth.model.register.ApplicationType.WEB
WEB
Definition: ApplicationType.java:28
org.xdi.oxauth.model.common.Prompt.NONE
NONE
Definition: Prompt.java:27
org.xdi.oxauth.client.RegisterRequest.setContacts
void setContacts(List< String > contacts)
Definition: RegisterRequest.java:336
org.xdi.oxauth.client.RegisterResponse.getClientId
String getClientId()
Definition: RegisterResponse.java:142
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.model.jwt.Jwt
Definition: Jwt.java:24
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.client.RegisterRequest.setResponseTypes
void setResponseTypes(List< ResponseType > responseTypes)
Definition: RegisterRequest.java:272
org.xdi.oxauth.client.RegisterRequest
Definition: RegisterRequest.java:37
org.xdi.oxauth.model.common.Prompt
Definition: Prompt.java:18
org.xdi.oxauth.client.BaseResponse.getLocation
String getLocation()
Definition: BaseResponse.java:58
org.xdi.oxauth.client.BaseResponse.getStatus
int getStatus()
Definition: BaseResponse.java:49
org.xdi.oxauth.client.AuthorizationRequest
Definition: AuthorizationRequest.java:33
org.xdi.oxauth.model.register.ApplicationType
Definition: ApplicationType.java:12
org.xdi.oxauth.model.common.ResponseType
Definition: ResponseType.java:34
org.xdi.oxauth.client.AuthorizationRequest.setState
void setState(String state)
Definition: AuthorizationRequest.java:217
org.xdi.oxauth.BaseTest.authorizationEndpoint
String authorizationEndpoint
Definition: BaseTest.java:72
org.xdi.oxauth.model.jwt.Jwt.parse
static Jwt parse(String encodedJwt)
Definition: Jwt.java:54
org.xdi.oxauth.client.RegisterRequest.addCustomAttribute
void addCustomAttribute(String p_name, String p_value)
Definition: RegisterRequest.java:925
org.xdi.oxauth.model.crypto.OxAuthCryptoProvider
Definition: OxAuthCryptoProvider.java:62
org.xdi.oxauth.client.RegisterResponse.getRegistrationAccessToken
String getRegistrationAccessToken()
Definition: RegisterResponse.java:173

◆ requestAuthorizationIdTokenHS384()

void org.xdi.oxauth.ws.rs.TokenSignaturesHttpTest.requestAuthorizationIdTokenHS384 ( final String  redirectUris,
final String  userId,
final String  userSecret,
final String  redirectUri,
final String  sectorIdentifierUri 
) throws Exception
inline
203  {
204  showTitle("requestAuthorizationIdTokenHS384");
205 
206  List<ResponseType> responseTypes = Arrays.asList(ResponseType.ID_TOKEN);
207 
208  // 1. Registration
209  RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
210  StringUtils.spaceSeparatedToList(redirectUris));
211  registerRequest.setContacts(Arrays.asList("javier@gluu.org", "javier.rojas.blum@gmail.com"));
212  registerRequest.setResponseTypes(responseTypes);
213  registerRequest.setIdTokenSignedResponseAlg(SignatureAlgorithm.HS384);
214  registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");
215  registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
216 
217  RegisterClient registerClient = new RegisterClient(registrationEndpoint);
218  registerClient.setRequest(registerRequest);
219  RegisterResponse registerResponse = registerClient.exec();
220 
221  showClient(registerClient);
222  assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
223  assertNotNull(registerResponse.getClientId());
224  assertNotNull(registerResponse.getClientSecret());
225  assertNotNull(registerResponse.getRegistrationAccessToken());
226  assertNotNull(registerResponse.getClientSecretExpiresAt());
227 
228  String clientId = registerResponse.getClientId();
229  String clientSecret = registerResponse.getClientSecret();
230 
231  // 2. Request Authorization
232  List<String> scopes = Arrays.asList(
233  "openid",
234  "profile",
235  "address",
236  "email");
237  String nonce = UUID.randomUUID().toString();
238  String state = UUID.randomUUID().toString();
239 
240  AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce);
241  authorizationRequest.setState(state);
242  authorizationRequest.setAuthUsername(userId);
243  authorizationRequest.setAuthPassword(userSecret);
244  authorizationRequest.getPrompts().add(Prompt.NONE);
245 
246  AuthorizeClient authorizeClient = new AuthorizeClient(authorizationEndpoint);
247  authorizeClient.setRequest(authorizationRequest);
248  AuthorizationResponse authorizationResponse = authorizeClient.exec();
249 
250  showClient(authorizeClient);
251  assertEquals(authorizationResponse.getStatus(), 302, "Unexpected response code: " + authorizationResponse.getStatus());
252  assertNotNull(authorizationResponse.getLocation(), "The location is null");
253  assertNotNull(authorizationResponse.getIdToken(), "The idToken is null");
254  assertNotNull(authorizationResponse.getState(), "The state is null");
255 
256  String idToken = authorizationResponse.getIdToken();
257 
258  // 3. Validate id_token
259  Jwt jwt = Jwt.parse(idToken);
260 
261  OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider();
262  boolean validJwt = cryptoProvider.verifySignature(jwt.getSigningInput(), jwt.getEncodedSignature(), null,
263  null, clientSecret, SignatureAlgorithm.HS384);
264  assertTrue(validJwt);
265  }
org.xdi.oxauth.model.common.ResponseType.ID_TOKEN
ID_TOKEN
Definition: ResponseType.java:47
org.xdi.oxauth.client.RegisterRequest.setIdTokenSignedResponseAlg
void setIdTokenSignedResponseAlg(SignatureAlgorithm idTokenSignedResponseAlg)
Definition: RegisterRequest.java:556
org.xdi.oxauth.BaseTest.registrationEndpoint
String registrationEndpoint
Definition: BaseTest.java:81
org.xdi.oxauth.client.RegisterClient
Definition: RegisterClient.java:34
org.xdi.oxauth.client.AuthorizationResponse.getIdToken
String getIdToken()
Definition: AuthorizationResponse.java:295
org.xdi.oxauth.model.jwt.Jwt.getSigningInput
String getSigningInput()
Definition: Jwt.java:46
org.xdi.oxauth.client.BaseRequest.setAuthUsername
void setAuthUsername(String authUsername)
Definition: BaseRequest.java:62
org.xdi.oxauth.client.RegisterResponse
Definition: RegisterResponse.java:34
org.xdi.oxauth.client.AuthorizationRequest.getPrompts
List< Prompt > getPrompts()
Definition: AuthorizationRequest.java:275
org.xdi.oxauth.client.AuthorizationResponse.getState
String getState()
Definition: AuthorizationResponse.java:314
org.xdi.oxauth.client.AuthorizeClient.exec
AuthorizationResponse exec()
Definition: AuthorizeClient.java:167
org.xdi.oxauth.client.RegisterRequest.setSectorIdentifierUri
void setSectorIdentifierUri(String sectorIdentifierUri)
Definition: RegisterRequest.java:504
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm
Definition: SignatureAlgorithm.java:20
org.xdi.oxauth.BaseTest.showClient
static void showClient(BaseClient client)
Definition: BaseTest.java:775
org.xdi.oxauth.model.jwt.Jwt.getEncodedSignature
String getEncodedSignature()
Definition: Jwt.java:38
org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.verifySignature
boolean verifySignature(String signingInput, String encodedSignature, String alias, JSONObject jwks, String sharedSecret, SignatureAlgorithm signatureAlgorithm)
Definition: OxAuthCryptoProvider.java:179
org.xdi.oxauth.client.RegisterResponse.getClientSecretExpiresAt
Date getClientSecretExpiresAt()
Definition: RegisterResponse.java:205
org.xdi.oxauth.client.RegisterClient.exec
RegisterResponse exec()
Definition: RegisterClient.java:76
org.xdi.oxauth.client.BaseRequest.setAuthPassword
void setAuthPassword(String authPassword)
Definition: BaseRequest.java:70
org.xdi.oxauth.client.AuthorizeClient
Definition: AuthorizeClient.java:29
org.xdi.oxauth.client.RegisterResponse.getClientSecret
String getClientSecret()
Definition: RegisterResponse.java:160
org.xdi.oxauth.model.register.ApplicationType.WEB
WEB
Definition: ApplicationType.java:28
org.xdi.oxauth.model.common.Prompt.NONE
NONE
Definition: Prompt.java:27
org.xdi.oxauth.client.RegisterRequest.setContacts
void setContacts(List< String > contacts)
Definition: RegisterRequest.java:336
org.xdi.oxauth.client.RegisterResponse.getClientId
String getClientId()
Definition: RegisterResponse.java:142
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.model.jwt.Jwt
Definition: Jwt.java:24
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.client.RegisterRequest.setResponseTypes
void setResponseTypes(List< ResponseType > responseTypes)
Definition: RegisterRequest.java:272
org.xdi.oxauth.client.RegisterRequest
Definition: RegisterRequest.java:37
org.xdi.oxauth.model.common.Prompt
Definition: Prompt.java:18
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm.HS384
HS384
Definition: SignatureAlgorithm.java:24
org.xdi.oxauth.client.BaseResponse.getLocation
String getLocation()
Definition: BaseResponse.java:58
org.xdi.oxauth.client.BaseResponse.getStatus
int getStatus()
Definition: BaseResponse.java:49
org.xdi.oxauth.client.AuthorizationRequest
Definition: AuthorizationRequest.java:33
org.xdi.oxauth.model.register.ApplicationType
Definition: ApplicationType.java:12
org.xdi.oxauth.model.common.ResponseType
Definition: ResponseType.java:34
org.xdi.oxauth.client.AuthorizationRequest.setState
void setState(String state)
Definition: AuthorizationRequest.java:217
org.xdi.oxauth.BaseTest.authorizationEndpoint
String authorizationEndpoint
Definition: BaseTest.java:72
org.xdi.oxauth.model.jwt.Jwt.parse
static Jwt parse(String encodedJwt)
Definition: Jwt.java:54
org.xdi.oxauth.client.RegisterRequest.addCustomAttribute
void addCustomAttribute(String p_name, String p_value)
Definition: RegisterRequest.java:925
org.xdi.oxauth.model.crypto.OxAuthCryptoProvider
Definition: OxAuthCryptoProvider.java:62
org.xdi.oxauth.client.RegisterResponse.getRegistrationAccessToken
String getRegistrationAccessToken()
Definition: RegisterResponse.java:173

◆ requestAuthorizationIdTokenHS512()

void org.xdi.oxauth.ws.rs.TokenSignaturesHttpTest.requestAuthorizationIdTokenHS512 ( final String  redirectUris,
final String  userId,
final String  userSecret,
final String  redirectUri,
final String  sectorIdentifierUri 
) throws Exception
inline
271  {
272  showTitle("requestAuthorizationIdTokenHS512");
273 
274  List<ResponseType> responseTypes = Arrays.asList(ResponseType.ID_TOKEN);
275 
276  // 1. Registration
277  RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
278  StringUtils.spaceSeparatedToList(redirectUris));
279  registerRequest.setContacts(Arrays.asList("javier@gluu.org", "javier.rojas.blum@gmail.com"));
280  registerRequest.setResponseTypes(responseTypes);
281  registerRequest.setIdTokenSignedResponseAlg(SignatureAlgorithm.HS512);
282  registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");
283  registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
284 
285  RegisterClient registerClient = new RegisterClient(registrationEndpoint);
286  registerClient.setRequest(registerRequest);
287  RegisterResponse registerResponse = registerClient.exec();
288 
289  showClient(registerClient);
290  assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
291  assertNotNull(registerResponse.getClientId());
292  assertNotNull(registerResponse.getClientSecret());
293  assertNotNull(registerResponse.getRegistrationAccessToken());
294  assertNotNull(registerResponse.getClientSecretExpiresAt());
295 
296  String clientId = registerResponse.getClientId();
297  String clientSecret = registerResponse.getClientSecret();
298 
299  // 2. Request Authorization
300  List<String> scopes = Arrays.asList(
301  "openid",
302  "profile",
303  "address",
304  "email");
305  String nonce = UUID.randomUUID().toString();
306  String state = UUID.randomUUID().toString();
307 
308  AuthorizationRequest request = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce);
309  request.setState(state);
310  request.setAuthUsername(userId);
311  request.setAuthPassword(userSecret);
312  request.getPrompts().add(Prompt.NONE);
313 
314  AuthorizeClient authorizeClient = new AuthorizeClient(authorizationEndpoint);
315  authorizeClient.setRequest(request);
316  AuthorizationResponse authorizationResponse = authorizeClient.exec();
317 
318  showClient(authorizeClient);
319  assertEquals(authorizationResponse.getStatus(), 302, "Unexpected response code: " + authorizationResponse.getStatus());
320  assertNotNull(authorizationResponse.getLocation(), "The location is null");
321  assertNotNull(authorizationResponse.getIdToken(), "The idToken is null");
322  assertNotNull(authorizationResponse.getState(), "The state is null");
323 
324  String idToken = authorizationResponse.getIdToken();
325 
326  // 3. Validate id_token
327  Jwt jwt = Jwt.parse(idToken);
328 
329  OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider();
330  boolean validJwt = cryptoProvider.verifySignature(jwt.getSigningInput(), jwt.getEncodedSignature(), null,
331  null, clientSecret, SignatureAlgorithm.HS512);
332  assertTrue(validJwt);
333  }
org.xdi.oxauth.model.common.ResponseType.ID_TOKEN
ID_TOKEN
Definition: ResponseType.java:47
org.xdi.oxauth.client.RegisterRequest.setIdTokenSignedResponseAlg
void setIdTokenSignedResponseAlg(SignatureAlgorithm idTokenSignedResponseAlg)
Definition: RegisterRequest.java:556
org.xdi.oxauth.BaseTest.registrationEndpoint
String registrationEndpoint
Definition: BaseTest.java:81
org.xdi.oxauth.client.RegisterClient
Definition: RegisterClient.java:34
org.xdi.oxauth.client.AuthorizationResponse.getIdToken
String getIdToken()
Definition: AuthorizationResponse.java:295
org.xdi.oxauth.model.jwt.Jwt.getSigningInput
String getSigningInput()
Definition: Jwt.java:46
org.xdi.oxauth.client.BaseRequest.setAuthUsername
void setAuthUsername(String authUsername)
Definition: BaseRequest.java:62
org.xdi.oxauth.client.RegisterResponse
Definition: RegisterResponse.java:34
org.xdi.oxauth.client.AuthorizationRequest.getPrompts
List< Prompt > getPrompts()
Definition: AuthorizationRequest.java:275
org.xdi.oxauth.client.AuthorizationResponse.getState
String getState()
Definition: AuthorizationResponse.java:314
org.xdi.oxauth.client.AuthorizeClient.exec
AuthorizationResponse exec()
Definition: AuthorizeClient.java:167
org.xdi.oxauth.client.RegisterRequest.setSectorIdentifierUri
void setSectorIdentifierUri(String sectorIdentifierUri)
Definition: RegisterRequest.java:504
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm
Definition: SignatureAlgorithm.java:20
org.xdi.oxauth.BaseTest.showClient
static void showClient(BaseClient client)
Definition: BaseTest.java:775
org.xdi.oxauth.model.jwt.Jwt.getEncodedSignature
String getEncodedSignature()
Definition: Jwt.java:38
org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.verifySignature
boolean verifySignature(String signingInput, String encodedSignature, String alias, JSONObject jwks, String sharedSecret, SignatureAlgorithm signatureAlgorithm)
Definition: OxAuthCryptoProvider.java:179
org.xdi.oxauth.client.RegisterResponse.getClientSecretExpiresAt
Date getClientSecretExpiresAt()
Definition: RegisterResponse.java:205
org.xdi.oxauth.client.RegisterClient.exec
RegisterResponse exec()
Definition: RegisterClient.java:76
org.xdi.oxauth.client.BaseRequest.setAuthPassword
void setAuthPassword(String authPassword)
Definition: BaseRequest.java:70
org.xdi.oxauth.client.AuthorizeClient
Definition: AuthorizeClient.java:29
org.xdi.oxauth.client.RegisterResponse.getClientSecret
String getClientSecret()
Definition: RegisterResponse.java:160
org.xdi.oxauth.model.register.ApplicationType.WEB
WEB
Definition: ApplicationType.java:28
org.xdi.oxauth.model.common.Prompt.NONE
NONE
Definition: Prompt.java:27
org.xdi.oxauth.client.RegisterRequest.setContacts
void setContacts(List< String > contacts)
Definition: RegisterRequest.java:336
org.xdi.oxauth.client.RegisterResponse.getClientId
String getClientId()
Definition: RegisterResponse.java:142
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.model.jwt.Jwt
Definition: Jwt.java:24
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.client.RegisterRequest.setResponseTypes
void setResponseTypes(List< ResponseType > responseTypes)
Definition: RegisterRequest.java:272
org.xdi.oxauth.client.RegisterRequest
Definition: RegisterRequest.java:37
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm.HS512
HS512
Definition: SignatureAlgorithm.java:25
org.xdi.oxauth.model.common.Prompt
Definition: Prompt.java:18
org.xdi.oxauth.client.BaseResponse.getLocation
String getLocation()
Definition: BaseResponse.java:58
org.xdi.oxauth.client.BaseResponse.getStatus
int getStatus()
Definition: BaseResponse.java:49
org.xdi.oxauth.client.AuthorizationRequest
Definition: AuthorizationRequest.java:33
org.xdi.oxauth.model.register.ApplicationType
Definition: ApplicationType.java:12
org.xdi.oxauth.model.common.ResponseType
Definition: ResponseType.java:34
org.xdi.oxauth.client.AuthorizationRequest.setState
void setState(String state)
Definition: AuthorizationRequest.java:217
org.xdi.oxauth.BaseTest.authorizationEndpoint
String authorizationEndpoint
Definition: BaseTest.java:72
org.xdi.oxauth.model.jwt.Jwt.parse
static Jwt parse(String encodedJwt)
Definition: Jwt.java:54
org.xdi.oxauth.client.RegisterRequest.addCustomAttribute
void addCustomAttribute(String p_name, String p_value)
Definition: RegisterRequest.java:925
org.xdi.oxauth.model.crypto.OxAuthCryptoProvider
Definition: OxAuthCryptoProvider.java:62
org.xdi.oxauth.client.RegisterResponse.getRegistrationAccessToken
String getRegistrationAccessToken()
Definition: RegisterResponse.java:173

◆ requestAuthorizationIdTokenNone()

void org.xdi.oxauth.ws.rs.TokenSignaturesHttpTest.requestAuthorizationIdTokenNone ( final String  redirectUris,
final String  userId,
final String  userSecret,
final String  redirectUri,
final String  sectorIdentifierUri 
) throws Exception
inline
49  {
50  showTitle("requestAuthorizationIdTokenNone");
51 
52  List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
53 
54  // 1. Registration
55  RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
56  StringUtils.spaceSeparatedToList(redirectUris));
57  registerRequest.setContacts(Arrays.asList("javier@gluu.org", "javier.rojas.blum@gmail.com"));
58  registerRequest.setResponseTypes(responseTypes);
59  registerRequest.setIdTokenSignedResponseAlg(SignatureAlgorithm.NONE);
60  registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
61 
62  RegisterClient registerClient = new RegisterClient(registrationEndpoint);
63  registerClient.setRequest(registerRequest);
64  RegisterResponse registerResponse = registerClient.exec();
65 
66  showClient(registerClient);
67  assertEquals(registerResponse.getStatus(), 200);
68  assertNotNull(registerResponse.getClientId());
69  assertNotNull(registerResponse.getClientSecret());
70  assertNotNull(registerResponse.getRegistrationAccessToken());
71  assertNotNull(registerResponse.getClientSecretExpiresAt());
72 
73  String clientId = registerResponse.getClientId();
74  String clientSecret = registerResponse.getClientSecret();
75 
76  // 2. Request authorization and receive the authorization code.
77  List<String> scopes = Arrays.asList(
78  "openid",
79  "profile",
80  "address",
81  "email");
82  String nonce = UUID.randomUUID().toString();
83  String state = UUID.randomUUID().toString();
84 
85  AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce);
86  authorizationRequest.setState(state);
87 
88  AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
89  authorizationEndpoint, authorizationRequest, userId, userSecret);
90 
91  assertNotNull(authorizationResponse.getLocation());
92  assertNotNull(authorizationResponse.getCode());
93  assertNotNull(authorizationResponse.getState());
94  assertNotNull(authorizationResponse.getScope());
95  assertNull(authorizationResponse.getIdToken());
96 
97  String scope = authorizationResponse.getScope();
98  String authorizationCode = authorizationResponse.getCode();
99 
100  // 3. Request access token using the authorization code.
101  TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
102  tokenRequest.setCode(authorizationCode);
103  tokenRequest.setRedirectUri(redirectUri);
104  tokenRequest.setAuthUsername(clientId);
105  tokenRequest.setAuthPassword(clientSecret);
106  tokenRequest.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_BASIC);
107 
108  TokenClient tokenClient = new TokenClient(tokenEndpoint);
109  tokenClient.setRequest(tokenRequest);
110  TokenResponse tokenResponse = tokenClient.exec();
111 
112  showClient(tokenClient);
113  assertEquals(tokenResponse.getStatus(), 200);
114  assertNotNull(tokenResponse.getEntity());
115  assertNotNull(tokenResponse.getAccessToken());
116  assertNotNull(tokenResponse.getExpiresIn());
117  assertNotNull(tokenResponse.getTokenType());
118  assertNotNull(tokenResponse.getRefreshToken());
119 
120  String idToken = tokenResponse.getIdToken();
121 
122  // 3. Validate id_token
123  Jwt jwt = Jwt.parse(idToken);
124 
125  OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider();
126  boolean validJwt = cryptoProvider.verifySignature(jwt.getSigningInput(), jwt.getEncodedSignature(), null,
127  null, null, SignatureAlgorithm.NONE);
128  assertTrue(validJwt);
129  }
org.xdi.oxauth.client.RegisterRequest.setIdTokenSignedResponseAlg
void setIdTokenSignedResponseAlg(SignatureAlgorithm idTokenSignedResponseAlg)
Definition: RegisterRequest.java:556
org.xdi.oxauth.BaseTest.registrationEndpoint
String registrationEndpoint
Definition: BaseTest.java:81
org.xdi.oxauth.client.RegisterClient
Definition: RegisterClient.java:34
org.xdi.oxauth.client.AuthorizationResponse.getIdToken
String getIdToken()
Definition: AuthorizationResponse.java:295
org.xdi.oxauth.model.common.ResponseType.CODE
CODE
Definition: ResponseType.java:39
org.xdi.oxauth.model.jwt.Jwt.getSigningInput
String getSigningInput()
Definition: Jwt.java:46
org.xdi.oxauth.model.common.AuthenticationMethod.CLIENT_SECRET_BASIC
CLIENT_SECRET_BASIC
Definition: AuthenticationMethod.java:18
org.xdi.oxauth.client.AuthorizationResponse.getCode
String getCode()
Definition: AuthorizationResponse.java:167
org.xdi.oxauth.client.TokenClient
Definition: TokenClient.java:24
org.xdi.oxauth.client.BaseRequest.setAuthUsername
void setAuthUsername(String authUsername)
Definition: BaseRequest.java:62
org.xdi.oxauth.client.RegisterResponse
Definition: RegisterResponse.java:34
org.xdi.oxauth.client.AuthorizationResponse.getState
String getState()
Definition: AuthorizationResponse.java:314
org.xdi.oxauth.client.TokenResponse.getTokenType
TokenType getTokenType()
Definition: TokenResponse.java:107
org.xdi.oxauth.client.RegisterRequest.setSectorIdentifierUri
void setSectorIdentifierUri(String sectorIdentifierUri)
Definition: RegisterRequest.java:504
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm
Definition: SignatureAlgorithm.java:20
org.xdi.oxauth.BaseTest.showClient
static void showClient(BaseClient client)
Definition: BaseTest.java:775
org.xdi.oxauth.model.common.GrantType
Definition: GrantType.java:23
org.xdi.oxauth.BaseTest.tokenEndpoint
String tokenEndpoint
Definition: BaseTest.java:75
org.xdi.oxauth.client.TokenRequest
Definition: TokenRequest.java:34
org.xdi.oxauth.model.jwt.Jwt.getEncodedSignature
String getEncodedSignature()
Definition: Jwt.java:38
org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.verifySignature
boolean verifySignature(String signingInput, String encodedSignature, String alias, JSONObject jwks, String sharedSecret, SignatureAlgorithm signatureAlgorithm)
Definition: OxAuthCryptoProvider.java:179
org.xdi.oxauth.client.TokenRequest.setRedirectUri
void setRedirectUri(String redirectUri)
Definition: TokenRequest.java:179
org.xdi.oxauth.client.RegisterResponse.getClientSecretExpiresAt
Date getClientSecretExpiresAt()
Definition: RegisterResponse.java:205
org.xdi.oxauth.client.RegisterClient.exec
RegisterResponse exec()
Definition: RegisterClient.java:76
org.xdi.oxauth.client.BaseRequest.setAuthPassword
void setAuthPassword(String authPassword)
Definition: BaseRequest.java:70
org.xdi.oxauth.client.TokenResponse.getExpiresIn
Integer getExpiresIn()
Definition: TokenResponse.java:125
org.xdi.oxauth.model.common.GrantType.AUTHORIZATION_CODE
AUTHORIZATION_CODE
Definition: GrantType.java:33
org.xdi.oxauth.client.TokenResponse.getAccessToken
String getAccessToken()
Definition: TokenResponse.java:89
org.xdi.oxauth.client.RegisterResponse.getClientSecret
String getClientSecret()
Definition: RegisterResponse.java:160
org.xdi.oxauth.model.register.ApplicationType.WEB
WEB
Definition: ApplicationType.java:28
org.xdi.oxauth.client.TokenResponse.getIdToken
String getIdToken()
Definition: TokenResponse.java:181
org.xdi.oxauth.client.RegisterRequest.setContacts
void setContacts(List< String > contacts)
Definition: RegisterRequest.java:336
org.xdi.oxauth.client.TokenResponse
Definition: TokenResponse.java:22
org.xdi.oxauth.client.RegisterResponse.getClientId
String getClientId()
Definition: RegisterResponse.java:142
org.xdi.oxauth.client.TokenClient.exec
TokenResponse exec()
Definition: TokenClient.java:218
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm.NONE
NONE
Definition: SignatureAlgorithm.java:22
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.model.jwt.Jwt
Definition: Jwt.java:24
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.client.BaseRequest.setAuthenticationMethod
void setAuthenticationMethod(AuthenticationMethod authenticationMethod)
Definition: BaseRequest.java:78
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.client.RegisterRequest.setResponseTypes
void setResponseTypes(List< ResponseType > responseTypes)
Definition: RegisterRequest.java:272
org.xdi.oxauth.client.RegisterRequest
Definition: RegisterRequest.java:37
org.xdi.oxauth.client.AuthorizationResponse.getScope
String getScope()
Definition: AuthorizationResponse.java:277
org.xdi.oxauth.client.TokenRequest.setCode
void setCode(String code)
Definition: TokenRequest.java:143
org.xdi.oxauth.client.BaseResponse.getLocation
String getLocation()
Definition: BaseResponse.java:58
org.xdi.oxauth.client.AuthorizationRequest
Definition: AuthorizationRequest.java:33
org.xdi.oxauth.model.register.ApplicationType
Definition: ApplicationType.java:12
org.xdi.oxauth.model.common.ResponseType
Definition: ResponseType.java:34
org.xdi.oxauth.client.AuthorizationRequest.setState
void setState(String state)
Definition: AuthorizationRequest.java:217
org.xdi.oxauth.BaseTest.authorizationEndpoint
String authorizationEndpoint
Definition: BaseTest.java:72
org.xdi.oxauth.model.common.AuthenticationMethod
Definition: AuthenticationMethod.java:12
org.xdi.oxauth.model.jwt.Jwt.parse
static Jwt parse(String encodedJwt)
Definition: Jwt.java:54
org.xdi.oxauth.BaseTest.authenticateResourceOwnerAndGrantAccess
AuthorizationResponse authenticateResourceOwnerAndGrantAccess(String authorizeUrl, AuthorizationRequest authorizationRequest, String userId, String userSecret)
Definition: BaseTest.java:252
org.xdi.oxauth.client.TokenResponse.getRefreshToken
String getRefreshToken()
Definition: TokenResponse.java:144
org.xdi.oxauth.model.crypto.OxAuthCryptoProvider
Definition: OxAuthCryptoProvider.java:62
org.xdi.oxauth.client.RegisterResponse.getRegistrationAccessToken
String getRegistrationAccessToken()
Definition: RegisterResponse.java:173

◆ requestAuthorizationIdTokenRS256()

void org.xdi.oxauth.ws.rs.TokenSignaturesHttpTest.requestAuthorizationIdTokenRS256 ( final String  redirectUris,
final String  userId,
final String  userSecret,
final String  redirectUri,
final String  sectorIdentifierUri 
) throws Exception
inline
339  {
340  showTitle("requestAuthorizationIdTokenRS256");
341 
342  List<ResponseType> responseTypes = Arrays.asList(ResponseType.ID_TOKEN);
343 
344  // 1. Registration
345  RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
346  StringUtils.spaceSeparatedToList(redirectUris));
347  registerRequest.setContacts(Arrays.asList("javier@gluu.org", "javier.rojas.blum@gmail.com"));
348  registerRequest.setResponseTypes(responseTypes);
349  registerRequest.setIdTokenSignedResponseAlg(SignatureAlgorithm.RS256);
350  registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");
351  registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
352 
353  RegisterClient registerClient = new RegisterClient(registrationEndpoint);
354  registerClient.setRequest(registerRequest);
355  RegisterResponse registerResponse = registerClient.exec();
356 
357  showClient(registerClient);
358  assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
359  assertNotNull(registerResponse.getClientId());
360  assertNotNull(registerResponse.getClientSecret());
361  assertNotNull(registerResponse.getRegistrationAccessToken());
362  assertNotNull(registerResponse.getClientSecretExpiresAt());
363 
364  String clientId = registerResponse.getClientId();
365 
366  // 2. Request Authorization
367  List<String> scopes = Arrays.asList(
368  "openid",
369  "profile",
370  "address",
371  "email");
372  String nonce = UUID.randomUUID().toString();
373  String state = UUID.randomUUID().toString();
374 
375  AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce);
376  authorizationRequest.setState(state);
377  authorizationRequest.setAuthUsername(userId);
378  authorizationRequest.setAuthPassword(userSecret);
379  authorizationRequest.getPrompts().add(Prompt.NONE);
380 
381  AuthorizeClient authorizeClient = new AuthorizeClient(authorizationEndpoint);
382  authorizeClient.setRequest(authorizationRequest);
383  AuthorizationResponse authorizationResponse = authorizeClient.exec();
384 
385  showClient(authorizeClient);
386  assertEquals(authorizationResponse.getStatus(), 302, "Unexpected response code: " + authorizationResponse.getStatus());
387  assertNotNull(authorizationResponse.getLocation(), "The location is null");
388  assertNotNull(authorizationResponse.getIdToken(), "The idToken is null");
389  assertNotNull(authorizationResponse.getState(), "The state is null");
390 
391  String idToken = authorizationResponse.getIdToken();
392 
393  // 3. Validate id_token
394  Jwt jwt = Jwt.parse(idToken);
395  String keyId = jwt.getHeader().getClaimAsString(JwtHeaderName.KEY_ID);
396  JwkClient jwkClient = new JwkClient(jwksUri);
397  JwkResponse jwkResponse = jwkClient.exec();
398 
399  OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider();
400  boolean validJwt = cryptoProvider.verifySignature(jwt.getSigningInput(), jwt.getEncodedSignature(), keyId,
401  jwkResponse.getJwks().toJSONObject(), null, SignatureAlgorithm.RS256);
402  assertTrue(validJwt);
403  }
org.xdi.oxauth.model.common.ResponseType.ID_TOKEN
ID_TOKEN
Definition: ResponseType.java:47
org.xdi.oxauth.client.RegisterRequest.setIdTokenSignedResponseAlg
void setIdTokenSignedResponseAlg(SignatureAlgorithm idTokenSignedResponseAlg)
Definition: RegisterRequest.java:556
org.xdi.oxauth.BaseTest.registrationEndpoint
String registrationEndpoint
Definition: BaseTest.java:81
org.xdi.oxauth.client.RegisterClient
Definition: RegisterClient.java:34
org.xdi.oxauth.client.AuthorizationResponse.getIdToken
String getIdToken()
Definition: AuthorizationResponse.java:295
org.xdi.oxauth.model.jwt.JwtClaimSet.getClaimAsString
String getClaimAsString(String key)
Definition: JwtClaimSet.java:55
org.xdi.oxauth.model.jwt.Jwt.getSigningInput
String getSigningInput()
Definition: Jwt.java:46
org.xdi.oxauth.BaseTest.jwksUri
String jwksUri
Definition: BaseTest.java:80
org.xdi.oxauth.client.BaseRequest.setAuthUsername
void setAuthUsername(String authUsername)
Definition: BaseRequest.java:62
org.xdi.oxauth.client.RegisterResponse
Definition: RegisterResponse.java:34
org.xdi.oxauth.client.AuthorizationRequest.getPrompts
List< Prompt > getPrompts()
Definition: AuthorizationRequest.java:275
org.xdi.oxauth.client.AuthorizationResponse.getState
String getState()
Definition: AuthorizationResponse.java:314
org.xdi.oxauth.client.AuthorizeClient.exec
AuthorizationResponse exec()
Definition: AuthorizeClient.java:167
org.xdi.oxauth.client.JwkClient.exec
JwkResponse exec()
Definition: JwkClient.java:54
org.xdi.oxauth.client.RegisterRequest.setSectorIdentifierUri
void setSectorIdentifierUri(String sectorIdentifierUri)
Definition: RegisterRequest.java:504
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm
Definition: SignatureAlgorithm.java:20
org.xdi.oxauth.BaseTest.showClient
static void showClient(BaseClient client)
Definition: BaseTest.java:775
org.xdi.oxauth.model.jwt.Jwt.getEncodedSignature
String getEncodedSignature()
Definition: Jwt.java:38
org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.verifySignature
boolean verifySignature(String signingInput, String encodedSignature, String alias, JSONObject jwks, String sharedSecret, SignatureAlgorithm signatureAlgorithm)
Definition: OxAuthCryptoProvider.java:179
org.xdi.oxauth.client.RegisterResponse.getClientSecretExpiresAt
Date getClientSecretExpiresAt()
Definition: RegisterResponse.java:205
org.xdi.oxauth.client.RegisterClient.exec
RegisterResponse exec()
Definition: RegisterClient.java:76
org.xdi.oxauth.model.jwk.JSONWebKeySet.toJSONObject
JSONObject toJSONObject()
Definition: JSONWebKeySet.java:76
org.xdi.oxauth.client.BaseRequest.setAuthPassword
void setAuthPassword(String authPassword)
Definition: BaseRequest.java:70
org.xdi.oxauth.client.AuthorizeClient
Definition: AuthorizeClient.java:29
org.xdi.oxauth.client.JwkResponse.getJwks
JSONWebKeySet getJwks()
Definition: JwkResponse.java:40
org.xdi.oxauth.client.RegisterResponse.getClientSecret
String getClientSecret()
Definition: RegisterResponse.java:160
org.xdi.oxauth.model.register.ApplicationType.WEB
WEB
Definition: ApplicationType.java:28
org.xdi.oxauth.model.common.Prompt.NONE
NONE
Definition: Prompt.java:27
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm.RS256
RS256
Definition: SignatureAlgorithm.java:26
org.xdi.oxauth.client.RegisterRequest.setContacts
void setContacts(List< String > contacts)
Definition: RegisterRequest.java:336
org.xdi.oxauth.client.JwkClient
Definition: JwkClient.java:29
org.xdi.oxauth.client.RegisterResponse.getClientId
String getClientId()
Definition: RegisterResponse.java:142
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.model.jwt.Jwt
Definition: Jwt.java:24
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.client.RegisterRequest.setResponseTypes
void setResponseTypes(List< ResponseType > responseTypes)
Definition: RegisterRequest.java:272
org.xdi.oxauth.client.RegisterRequest
Definition: RegisterRequest.java:37
org.xdi.oxauth.client.JwkResponse
Definition: JwkResponse.java:27
org.xdi.oxauth.model.common.Prompt
Definition: Prompt.java:18
org.xdi.oxauth.model.token.JsonWebResponse.getHeader
JwtHeader getHeader()
Definition: JsonWebResponse.java:33
org.xdi.oxauth.client.BaseResponse.getLocation
String getLocation()
Definition: BaseResponse.java:58
org.xdi.oxauth.client.BaseResponse.getStatus
int getStatus()
Definition: BaseResponse.java:49
org.xdi.oxauth.client.AuthorizationRequest
Definition: AuthorizationRequest.java:33
org.xdi.oxauth.model.register.ApplicationType
Definition: ApplicationType.java:12
org.xdi.oxauth.model.common.ResponseType
Definition: ResponseType.java:34
org.xdi.oxauth.client.AuthorizationRequest.setState
void setState(String state)
Definition: AuthorizationRequest.java:217
org.xdi.oxauth.BaseTest.authorizationEndpoint
String authorizationEndpoint
Definition: BaseTest.java:72
org.xdi.oxauth.model.jwt.Jwt.parse
static Jwt parse(String encodedJwt)
Definition: Jwt.java:54
org.xdi.oxauth.client.RegisterRequest.addCustomAttribute
void addCustomAttribute(String p_name, String p_value)
Definition: RegisterRequest.java:925
org.xdi.oxauth.model.crypto.OxAuthCryptoProvider
Definition: OxAuthCryptoProvider.java:62
org.xdi.oxauth.client.RegisterResponse.getRegistrationAccessToken
String getRegistrationAccessToken()
Definition: RegisterResponse.java:173

◆ requestAuthorizationIdTokenRS384()

void org.xdi.oxauth.ws.rs.TokenSignaturesHttpTest.requestAuthorizationIdTokenRS384 ( final String  redirectUris,
final String  userId,
final String  userSecret,
final String  redirectUri,
final String  sectorIdentifierUri 
) throws Exception
inline
409  {
410  showTitle("requestAuthorizationIdTokenRS384");
411 
412  List<ResponseType> responseTypes = Arrays.asList(ResponseType.ID_TOKEN);
413 
414  // 1. Registration
415  RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
416  StringUtils.spaceSeparatedToList(redirectUris));
417  registerRequest.setContacts(Arrays.asList("javier@gluu.org", "javier.rojas.blum@gmail.com"));
418  registerRequest.setResponseTypes(responseTypes);
419  registerRequest.setIdTokenSignedResponseAlg(SignatureAlgorithm.RS384);
420  registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");
421  registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
422 
423  RegisterClient registerClient = new RegisterClient(registrationEndpoint);
424  registerClient.setRequest(registerRequest);
425  RegisterResponse registerResponse = registerClient.exec();
426 
427  showClient(registerClient);
428  assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
429  assertNotNull(registerResponse.getClientId());
430  assertNotNull(registerResponse.getClientSecret());
431  assertNotNull(registerResponse.getRegistrationAccessToken());
432  assertNotNull(registerResponse.getClientSecretExpiresAt());
433 
434  String clientId = registerResponse.getClientId();
435 
436  // 2. Request Authorization
437  List<String> scopes = Arrays.asList(
438  "openid",
439  "profile",
440  "address",
441  "email");
442  String nonce = UUID.randomUUID().toString();
443  String state = UUID.randomUUID().toString();
444 
445  AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce);
446  authorizationRequest.setState(state);
447  authorizationRequest.setAuthUsername(userId);
448  authorizationRequest.setAuthPassword(userSecret);
449  authorizationRequest.getPrompts().add(Prompt.NONE);
450 
451  AuthorizeClient authorizeClient = new AuthorizeClient(authorizationEndpoint);
452  authorizeClient.setRequest(authorizationRequest);
453  AuthorizationResponse authorizationResponse = authorizeClient.exec();
454 
455  showClient(authorizeClient);
456  assertEquals(authorizationResponse.getStatus(), 302, "Unexpected response code: " + authorizationResponse.getStatus());
457  assertNotNull(authorizationResponse.getLocation(), "The location is null");
458  assertNotNull(authorizationResponse.getIdToken(), "The idToken is null");
459  assertNotNull(authorizationResponse.getState(), "The state is null");
460 
461  String idToken = authorizationResponse.getIdToken();
462 
463  // 3. Validate id_token
464  Jwt jwt = Jwt.parse(idToken);
465  String keyId = jwt.getHeader().getClaimAsString(JwtHeaderName.KEY_ID);
466  JwkClient jwkClient = new JwkClient(jwksUri);
467  JwkResponse jwkResponse = jwkClient.exec();
468 
469  OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider();
470  boolean validJwt = cryptoProvider.verifySignature(jwt.getSigningInput(), jwt.getEncodedSignature(), keyId,
471  jwkResponse.getJwks().toJSONObject(), null, SignatureAlgorithm.RS384);
472  assertTrue(validJwt);
473  }
org.xdi.oxauth.model.common.ResponseType.ID_TOKEN
ID_TOKEN
Definition: ResponseType.java:47
org.xdi.oxauth.client.RegisterRequest.setIdTokenSignedResponseAlg
void setIdTokenSignedResponseAlg(SignatureAlgorithm idTokenSignedResponseAlg)
Definition: RegisterRequest.java:556
org.xdi.oxauth.BaseTest.registrationEndpoint
String registrationEndpoint
Definition: BaseTest.java:81
org.xdi.oxauth.client.RegisterClient
Definition: RegisterClient.java:34
org.xdi.oxauth.client.AuthorizationResponse.getIdToken
String getIdToken()
Definition: AuthorizationResponse.java:295
org.xdi.oxauth.model.jwt.JwtClaimSet.getClaimAsString
String getClaimAsString(String key)
Definition: JwtClaimSet.java:55
org.xdi.oxauth.model.jwt.Jwt.getSigningInput
String getSigningInput()
Definition: Jwt.java:46
org.xdi.oxauth.BaseTest.jwksUri
String jwksUri
Definition: BaseTest.java:80
org.xdi.oxauth.client.BaseRequest.setAuthUsername
void setAuthUsername(String authUsername)
Definition: BaseRequest.java:62
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm.RS384
RS384
Definition: SignatureAlgorithm.java:27
org.xdi.oxauth.client.RegisterResponse
Definition: RegisterResponse.java:34
org.xdi.oxauth.client.AuthorizationRequest.getPrompts
List< Prompt > getPrompts()
Definition: AuthorizationRequest.java:275
org.xdi.oxauth.client.AuthorizationResponse.getState
String getState()
Definition: AuthorizationResponse.java:314
org.xdi.oxauth.client.AuthorizeClient.exec
AuthorizationResponse exec()
Definition: AuthorizeClient.java:167
org.xdi.oxauth.client.JwkClient.exec
JwkResponse exec()
Definition: JwkClient.java:54
org.xdi.oxauth.client.RegisterRequest.setSectorIdentifierUri
void setSectorIdentifierUri(String sectorIdentifierUri)
Definition: RegisterRequest.java:504
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm
Definition: SignatureAlgorithm.java:20
org.xdi.oxauth.BaseTest.showClient
static void showClient(BaseClient client)
Definition: BaseTest.java:775
org.xdi.oxauth.model.jwt.Jwt.getEncodedSignature
String getEncodedSignature()
Definition: Jwt.java:38
org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.verifySignature
boolean verifySignature(String signingInput, String encodedSignature, String alias, JSONObject jwks, String sharedSecret, SignatureAlgorithm signatureAlgorithm)
Definition: OxAuthCryptoProvider.java:179
org.xdi.oxauth.client.RegisterResponse.getClientSecretExpiresAt
Date getClientSecretExpiresAt()
Definition: RegisterResponse.java:205
org.xdi.oxauth.client.RegisterClient.exec
RegisterResponse exec()
Definition: RegisterClient.java:76
org.xdi.oxauth.model.jwk.JSONWebKeySet.toJSONObject
JSONObject toJSONObject()
Definition: JSONWebKeySet.java:76
org.xdi.oxauth.client.BaseRequest.setAuthPassword
void setAuthPassword(String authPassword)
Definition: BaseRequest.java:70
org.xdi.oxauth.client.AuthorizeClient
Definition: AuthorizeClient.java:29
org.xdi.oxauth.client.JwkResponse.getJwks
JSONWebKeySet getJwks()
Definition: JwkResponse.java:40
org.xdi.oxauth.client.RegisterResponse.getClientSecret
String getClientSecret()
Definition: RegisterResponse.java:160
org.xdi.oxauth.model.register.ApplicationType.WEB
WEB
Definition: ApplicationType.java:28
org.xdi.oxauth.model.common.Prompt.NONE
NONE
Definition: Prompt.java:27
org.xdi.oxauth.client.RegisterRequest.setContacts
void setContacts(List< String > contacts)
Definition: RegisterRequest.java:336
org.xdi.oxauth.client.JwkClient
Definition: JwkClient.java:29
org.xdi.oxauth.client.RegisterResponse.getClientId
String getClientId()
Definition: RegisterResponse.java:142
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.model.jwt.Jwt
Definition: Jwt.java:24
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.client.RegisterRequest.setResponseTypes
void setResponseTypes(List< ResponseType > responseTypes)
Definition: RegisterRequest.java:272
org.xdi.oxauth.client.RegisterRequest
Definition: RegisterRequest.java:37
org.xdi.oxauth.client.JwkResponse
Definition: JwkResponse.java:27
org.xdi.oxauth.model.common.Prompt
Definition: Prompt.java:18
org.xdi.oxauth.model.token.JsonWebResponse.getHeader
JwtHeader getHeader()
Definition: JsonWebResponse.java:33
org.xdi.oxauth.client.BaseResponse.getLocation
String getLocation()
Definition: BaseResponse.java:58
org.xdi.oxauth.client.BaseResponse.getStatus
int getStatus()
Definition: BaseResponse.java:49
org.xdi.oxauth.client.AuthorizationRequest
Definition: AuthorizationRequest.java:33
org.xdi.oxauth.model.register.ApplicationType
Definition: ApplicationType.java:12
org.xdi.oxauth.model.common.ResponseType
Definition: ResponseType.java:34
org.xdi.oxauth.client.AuthorizationRequest.setState
void setState(String state)
Definition: AuthorizationRequest.java:217
org.xdi.oxauth.BaseTest.authorizationEndpoint
String authorizationEndpoint
Definition: BaseTest.java:72
org.xdi.oxauth.model.jwt.Jwt.parse
static Jwt parse(String encodedJwt)
Definition: Jwt.java:54
org.xdi.oxauth.client.RegisterRequest.addCustomAttribute
void addCustomAttribute(String p_name, String p_value)
Definition: RegisterRequest.java:925
org.xdi.oxauth.model.crypto.OxAuthCryptoProvider
Definition: OxAuthCryptoProvider.java:62
org.xdi.oxauth.client.RegisterResponse.getRegistrationAccessToken
String getRegistrationAccessToken()
Definition: RegisterResponse.java:173

◆ requestAuthorizationIdTokenRS512()

void org.xdi.oxauth.ws.rs.TokenSignaturesHttpTest.requestAuthorizationIdTokenRS512 ( final String  redirectUris,
final String  userId,
final String  userSecret,
final String  redirectUri,
final String  sectorIdentifierUri 
) throws Exception
inline
479  {
480  showTitle("requestAuthorizationIdTokenRS512");
481 
482  List<ResponseType> responseTypes = Arrays.asList(ResponseType.ID_TOKEN);
483 
484  // 1. Registration
485  RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
486  StringUtils.spaceSeparatedToList(redirectUris));
487  registerRequest.setContacts(Arrays.asList("javier@gluu.org", "javier.rojas.blum@gmail.com"));
488  registerRequest.setResponseTypes(responseTypes);
489  registerRequest.setIdTokenSignedResponseAlg(SignatureAlgorithm.RS512);
490  registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");
491  registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
492 
493  RegisterClient registerClient = new RegisterClient(registrationEndpoint);
494  registerClient.setRequest(registerRequest);
495  RegisterResponse registerResponse = registerClient.exec();
496 
497  showClient(registerClient);
498  assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
499  assertNotNull(registerResponse.getClientId());
500  assertNotNull(registerResponse.getClientSecret());
501  assertNotNull(registerResponse.getRegistrationAccessToken());
502  assertNotNull(registerResponse.getClientSecretExpiresAt());
503 
504  String clientId = registerResponse.getClientId();
505 
506  // 2. Request Authorization
507  List<String> scopes = Arrays.asList(
508  "openid",
509  "profile",
510  "address",
511  "email");
512  String nonce = UUID.randomUUID().toString();
513  String state = UUID.randomUUID().toString();
514 
515  AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce);
516  authorizationRequest.setState(state);
517  authorizationRequest.setAuthUsername(userId);
518  authorizationRequest.setAuthPassword(userSecret);
519  authorizationRequest.getPrompts().add(Prompt.NONE);
520 
521  AuthorizeClient authorizeClient = new AuthorizeClient(authorizationEndpoint);
522  authorizeClient.setRequest(authorizationRequest);
523  AuthorizationResponse authorizationResponse = authorizeClient.exec();
524 
525  showClient(authorizeClient);
526  assertEquals(authorizationResponse.getStatus(), 302, "Unexpected response code: " + authorizationResponse.getStatus());
527  assertNotNull(authorizationResponse.getLocation(), "The location is null");
528  assertNotNull(authorizationResponse.getIdToken(), "The idToken is null");
529  assertNotNull(authorizationResponse.getState(), "The state is null");
530 
531  String idToken = authorizationResponse.getIdToken();
532 
533  // 3. Validate id_token
534  Jwt jwt = Jwt.parse(idToken);
535  String keyId = jwt.getHeader().getClaimAsString(JwtHeaderName.KEY_ID);
536  JwkClient jwkClient = new JwkClient(jwksUri);
537  JwkResponse jwkResponse = jwkClient.exec();
538 
539  OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider();
540  boolean validJwt = cryptoProvider.verifySignature(jwt.getSigningInput(), jwt.getEncodedSignature(), keyId,
541  jwkResponse.getJwks().toJSONObject(), null, SignatureAlgorithm.RS512);
542  assertTrue(validJwt);
543  }
org.xdi.oxauth.model.common.ResponseType.ID_TOKEN
ID_TOKEN
Definition: ResponseType.java:47
org.xdi.oxauth.client.RegisterRequest.setIdTokenSignedResponseAlg
void setIdTokenSignedResponseAlg(SignatureAlgorithm idTokenSignedResponseAlg)
Definition: RegisterRequest.java:556
org.xdi.oxauth.BaseTest.registrationEndpoint
String registrationEndpoint
Definition: BaseTest.java:81
org.xdi.oxauth.client.RegisterClient
Definition: RegisterClient.java:34
org.xdi.oxauth.client.AuthorizationResponse.getIdToken
String getIdToken()
Definition: AuthorizationResponse.java:295
org.xdi.oxauth.model.jwt.JwtClaimSet.getClaimAsString
String getClaimAsString(String key)
Definition: JwtClaimSet.java:55
org.xdi.oxauth.model.jwt.Jwt.getSigningInput
String getSigningInput()
Definition: Jwt.java:46
org.xdi.oxauth.BaseTest.jwksUri
String jwksUri
Definition: BaseTest.java:80
org.xdi.oxauth.client.BaseRequest.setAuthUsername
void setAuthUsername(String authUsername)
Definition: BaseRequest.java:62
org.xdi.oxauth.client.RegisterResponse
Definition: RegisterResponse.java:34
org.xdi.oxauth.client.AuthorizationRequest.getPrompts
List< Prompt > getPrompts()
Definition: AuthorizationRequest.java:275
org.xdi.oxauth.client.AuthorizationResponse.getState
String getState()
Definition: AuthorizationResponse.java:314
org.xdi.oxauth.client.AuthorizeClient.exec
AuthorizationResponse exec()
Definition: AuthorizeClient.java:167
org.xdi.oxauth.client.JwkClient.exec
JwkResponse exec()
Definition: JwkClient.java:54
org.xdi.oxauth.client.RegisterRequest.setSectorIdentifierUri
void setSectorIdentifierUri(String sectorIdentifierUri)
Definition: RegisterRequest.java:504
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm
Definition: SignatureAlgorithm.java:20
org.xdi.oxauth.BaseTest.showClient
static void showClient(BaseClient client)
Definition: BaseTest.java:775
org.xdi.oxauth.model.jwt.Jwt.getEncodedSignature
String getEncodedSignature()
Definition: Jwt.java:38
org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.verifySignature
boolean verifySignature(String signingInput, String encodedSignature, String alias, JSONObject jwks, String sharedSecret, SignatureAlgorithm signatureAlgorithm)
Definition: OxAuthCryptoProvider.java:179
org.xdi.oxauth.client.RegisterResponse.getClientSecretExpiresAt
Date getClientSecretExpiresAt()
Definition: RegisterResponse.java:205
org.xdi.oxauth.client.RegisterClient.exec
RegisterResponse exec()
Definition: RegisterClient.java:76
org.xdi.oxauth.model.jwk.JSONWebKeySet.toJSONObject
JSONObject toJSONObject()
Definition: JSONWebKeySet.java:76
org.xdi.oxauth.client.BaseRequest.setAuthPassword
void setAuthPassword(String authPassword)
Definition: BaseRequest.java:70
org.xdi.oxauth.client.AuthorizeClient
Definition: AuthorizeClient.java:29
org.xdi.oxauth.client.JwkResponse.getJwks
JSONWebKeySet getJwks()
Definition: JwkResponse.java:40
org.xdi.oxauth.client.RegisterResponse.getClientSecret
String getClientSecret()
Definition: RegisterResponse.java:160
org.xdi.oxauth.model.register.ApplicationType.WEB
WEB
Definition: ApplicationType.java:28
org.xdi.oxauth.model.common.Prompt.NONE
NONE
Definition: Prompt.java:27
org.xdi.oxauth.client.RegisterRequest.setContacts
void setContacts(List< String > contacts)
Definition: RegisterRequest.java:336
org.xdi.oxauth.client.JwkClient
Definition: JwkClient.java:29
org.xdi.oxauth.client.RegisterResponse.getClientId
String getClientId()
Definition: RegisterResponse.java:142
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.model.jwt.Jwt
Definition: Jwt.java:24
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.client.AuthorizationResponse
Definition: AuthorizationResponse.java:32
org.xdi.oxauth.client.RegisterRequest.setResponseTypes
void setResponseTypes(List< ResponseType > responseTypes)
Definition: RegisterRequest.java:272
org.xdi.oxauth.client.RegisterRequest
Definition: RegisterRequest.java:37
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm.RS512
RS512
Definition: SignatureAlgorithm.java:28
org.xdi.oxauth.client.JwkResponse
Definition: JwkResponse.java:27
org.xdi.oxauth.model.common.Prompt
Definition: Prompt.java:18
org.xdi.oxauth.model.token.JsonWebResponse.getHeader
JwtHeader getHeader()
Definition: JsonWebResponse.java:33
org.xdi.oxauth.client.BaseResponse.getLocation
String getLocation()
Definition: BaseResponse.java:58
org.xdi.oxauth.client.BaseResponse.getStatus
int getStatus()
Definition: BaseResponse.java:49
org.xdi.oxauth.client.AuthorizationRequest
Definition: AuthorizationRequest.java:33
org.xdi.oxauth.model.register.ApplicationType
Definition: ApplicationType.java:12
org.xdi.oxauth.model.common.ResponseType
Definition: ResponseType.java:34
org.xdi.oxauth.client.AuthorizationRequest.setState
void setState(String state)
Definition: AuthorizationRequest.java:217
org.xdi.oxauth.BaseTest.authorizationEndpoint
String authorizationEndpoint
Definition: BaseTest.java:72
org.xdi.oxauth.model.jwt.Jwt.parse
static Jwt parse(String encodedJwt)
Definition: Jwt.java:54
org.xdi.oxauth.client.RegisterRequest.addCustomAttribute
void addCustomAttribute(String p_name, String p_value)
Definition: RegisterRequest.java:925
org.xdi.oxauth.model.crypto.OxAuthCryptoProvider
Definition: OxAuthCryptoProvider.java:62
org.xdi.oxauth.client.RegisterResponse.getRegistrationAccessToken
String getRegistrationAccessToken()
Definition: RegisterResponse.java:173

◆ setAuthorizationEndpoint()

void org.xdi.oxauth.BaseTest.setAuthorizationEndpoint ( String  authorizationEndpoint)
inlineinherited
138  {
139  this.authorizationEndpoint = authorizationEndpoint;
140  }
org.xdi.oxauth.BaseTest.authorizationEndpoint
String authorizationEndpoint
Definition: BaseTest.java:72

◆ setCheckSessionIFrame()

void org.xdi.oxauth.BaseTest.setCheckSessionIFrame ( String  checkSessionIFrame)
inlineinherited
170  {
171  this.checkSessionIFrame = checkSessionIFrame;
172  }
org.xdi.oxauth.BaseTest.checkSessionIFrame
String checkSessionIFrame
Definition: BaseTest.java:78

◆ setClientInfoEndpoint()

void org.xdi.oxauth.BaseTest.setClientInfoEndpoint ( String  clientInfoEndpoint)
inlineinherited
162  {
163  this.clientInfoEndpoint = clientInfoEndpoint;
164  }
org.xdi.oxauth.BaseTest.clientInfoEndpoint
String clientInfoEndpoint
Definition: BaseTest.java:77

◆ setConfigurationEndpoint()

void org.xdi.oxauth.BaseTest.setConfigurationEndpoint ( String  configurationEndpoint)
inlineinherited
226  {
227  this.configurationEndpoint = configurationEndpoint;
228  }
org.xdi.oxauth.BaseTest.configurationEndpoint
String configurationEndpoint
Definition: BaseTest.java:82

◆ setDriver()

void org.xdi.oxauth.BaseTest.setDriver ( WebDriver  driver)
inlineinherited
130  {
131  this.driver = driver;
132  }
org.xdi.oxauth.BaseTest.driver
WebDriver driver
Definition: BaseTest.java:70

◆ setEndSessionEndpoint()

void org.xdi.oxauth.BaseTest.setEndSessionEndpoint ( String  endSessionEndpoint)
inlineinherited
178  {
179  this.endSessionEndpoint = endSessionEndpoint;
180  }
org.xdi.oxauth.BaseTest.endSessionEndpoint
String endSessionEndpoint
Definition: BaseTest.java:79

◆ setIdGenEndpoint()

void org.xdi.oxauth.BaseTest.setIdGenEndpoint ( String  p_idGenEndpoint)
inlineinherited
218  {
219  idGenEndpoint = p_idGenEndpoint;
220  }
org.xdi.oxauth.BaseTest.idGenEndpoint
String idGenEndpoint
Definition: BaseTest.java:83

◆ setIntrospectionEndpoint()

void org.xdi.oxauth.BaseTest.setIntrospectionEndpoint ( String  p_introspectionEndpoint)
inlineinherited
202  {
203  introspectionEndpoint = p_introspectionEndpoint;
204  }
org.xdi.oxauth.BaseTest.introspectionEndpoint
String introspectionEndpoint
Definition: BaseTest.java:84

◆ setJwksUri()

void org.xdi.oxauth.BaseTest.setJwksUri ( String  jwksUri)
inlineinherited
186  {
187  this.jwksUri = jwksUri;
188  }
org.xdi.oxauth.BaseTest.jwksUri
String jwksUri
Definition: BaseTest.java:80

◆ setRegistrationEndpoint()

void org.xdi.oxauth.BaseTest.setRegistrationEndpoint ( String  registrationEndpoint)
inlineinherited
194  {
195  this.registrationEndpoint = registrationEndpoint;
196  }
org.xdi.oxauth.BaseTest.registrationEndpoint
String registrationEndpoint
Definition: BaseTest.java:81

◆ setScopeToClaimsMapping()

void org.xdi.oxauth.BaseTest.setScopeToClaimsMapping ( Map< String, List< String >>  p_scopeToClaimsMapping)
inlineinherited
210  {
211  scopeToClaimsMapping = p_scopeToClaimsMapping;
212  }
org.xdi.oxauth.BaseTest.scopeToClaimsMapping
Map< String, List< String > > scopeToClaimsMapping
Definition: BaseTest.java:85

◆ setTokenEndpoint()

void org.xdi.oxauth.BaseTest.setTokenEndpoint ( String  tokenEndpoint)
inlineinherited
146  {
147  this.tokenEndpoint = tokenEndpoint;
148  }
org.xdi.oxauth.BaseTest.tokenEndpoint
String tokenEndpoint
Definition: BaseTest.java:75

◆ setUserInfoEndpoint()

void org.xdi.oxauth.BaseTest.setUserInfoEndpoint ( String  userInfoEndpoint)
inlineinherited
154  {
155  this.userInfoEndpoint = userInfoEndpoint;
156  }
org.xdi.oxauth.BaseTest.userInfoEndpoint
String userInfoEndpoint
Definition: BaseTest.java:76

◆ showClient() [1/2]

static void org.xdi.oxauth.BaseTest.showClient ( BaseClient  client)
inlinestaticinherited
775  {
776  ClientUtils.showClient(client);
777  }
org.xdi.oxauth.client.ClientUtils
Definition: ClientUtils.java:17
org.xdi.oxauth.client.ClientUtils.showClient
static void showClient(BaseClient client)
Definition: ClientUtils.java:21

◆ showClient() [2/2]

static void org.xdi.oxauth.BaseTest.showClient ( BaseClient  client,
CookieStore  cookieStore 
)
inlinestaticinherited
779  {
780  ClientUtils.showClient(client, cookieStore);
781  }
org.xdi.oxauth.client.ClientUtils
Definition: ClientUtils.java:17
org.xdi.oxauth.client.ClientUtils.showClient
static void showClient(BaseClient client)
Definition: ClientUtils.java:21

◆ showClientUserAgent()

static void org.xdi.oxauth.BaseTest.showClientUserAgent ( BaseClient  client)
inlinestaticinherited
783  {
784  ClientUtils.showClientUserAgent(client);
785  }
org.xdi.oxauth.client.ClientUtils
Definition: ClientUtils.java:17
org.xdi.oxauth.client.ClientUtils.showClientUserAgent
static void showClientUserAgent(BaseClient client)
Definition: ClientUtils.java:35

◆ showEntity()

void org.xdi.oxauth.BaseTest.showEntity ( String  entity)
inlineinherited
769  {
770  if (entity != null) {
771  System.out.println("Entity: " + entity.replace("\\n", "\n"));
772  }
773  }

◆ showResponse() [1/2]

void org.xdi.oxauth.BaseTest.showResponse ( String  title,
Response  response 
)
inlineinherited
30  {
31  showResponse(title, response, null);
32  }
org.xdi.oxauth.BaseTest.showResponse
void showResponse(String title, Response response)
Definition: BaseTest.java:30

◆ showResponse() [2/2]

static void org.xdi.oxauth.BaseTest.showResponse ( String  title,
Response  response,
Object  entity 
)
inlinestaticinherited
34  {
35  System.out.println(" ");
36  System.out.println("RESPONSE FOR: " + title);
37  System.out.println(response.getStatus());
38  for (Entry<String, List<Object>> headers : response.getHeaders().entrySet()) {
39  String headerName = headers.getKey();
40  System.out.println(headerName + ": " + headers.getValue());
41  }
42 
43  if (entity != null) {
44  System.out.println(entity.toString().replace("\\n", "\n"));
45  }
46  System.out.println(" ");
47  System.out.println("Status message: " + response.getStatus());
48  }

◆ showTitle() [1/2]

void org.xdi.oxauth.BaseTest.showTitle ( String  title)
inlineinherited
22  {
23  title = "TEST: " + title;
24 
25  System.out.println("#######################################################");
26  System.out.println(title);
27  System.out.println("#######################################################");
28  }

◆ showTitle() [2/2]

void org.xdi.oxauth.BaseTest.showTitle ( String  title)
inlineinherited
761  {
762  title = "TEST: " + title;
763 
764  System.out.println("#######################################################");
765  System.out.println(title);
766  System.out.println("#######################################################");
767  }

◆ startSelenium()

void org.xdi.oxauth.BaseTest.startSelenium ( )
inlineinherited
230  {
231  //System.setProperty("webdriver.chrome.driver", "/Users/JAVIER/tmp/chromedriver");
232  //driver = new ChromeDriver();
233 
234  //driver = new SafariDriver();
235 
236  //driver = new FirefoxDriver();
237 
238  //driver = new InternetExplorerDriver();
239 
240  driver = new HtmlUnitDriver(true);
241  }
org.xdi.oxauth.BaseTest.driver
WebDriver driver
Definition: BaseTest.java:70

◆ stopSelenium()

void org.xdi.oxauth.BaseTest.stopSelenium ( )
inlineinherited
243  {
244 // driver.close();
245  driver.quit();
246  }
org.xdi.oxauth.BaseTest.driver
WebDriver driver
Definition: BaseTest.java:70

◆ testES256()

void org.xdi.oxauth.ws.rs.TokenSignaturesHttpTest.testES256 ( final String  clientJwksUri,
final String  keyId,
final String  dnName,
final String  keyStoreFile,
final String  keyStoreSecret 
) throws NoSuchProviderException, NoSuchAlgorithmException, InvalidAlgorithmParameterException, SignatureException, InvalidKeyException, InvalidKeySpecException, IllegalBlockSizeException, IOException, NoSuchPaddingException, BadPaddingException
inline
881  {
882  try {
883  showTitle("Test ES256");
884 
885  JwkClient jwkClient = new JwkClient(clientJwksUri);
886  JwkResponse jwkResponse = jwkClient.exec();
887 
888  String signingInput = "eyJhbGciOiJIUzI1NiJ9.eyJub25jZSI6ICI2Qm9HN1QwR0RUZ2wiLCAiaWRfdG9rZW4iOiB7Im1heF9hZ2UiOiA4NjQwMH0sICJzdGF0ZSI6ICJTVEFURTAiLCAicmVkaXJlY3RfdXJpIjogImh0dHBzOi8vbG9jYWxob3N0L2NhbGxiYWNrMSIsICJ1c2VyaW5mbyI6IHsiY2xhaW1zIjogeyJuYW1lIjogbnVsbH19LCAiY2xpZW50X2lkIjogIkAhMTExMSEwMDA4IUU2NTQuQjQ2MCIsICJzY29wZSI6IFsib3BlbmlkIl0sICJyZXNwb25zZV90eXBlIjogWyJjb2RlIl19";
889 
890  OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
891  String encodedSignature = cryptoProvider.sign(signingInput, keyId, null, SignatureAlgorithm.ES256);
892 
893  System.out.println("Encoded Signature: " + encodedSignature);
894 
895  boolean signatureVerified = cryptoProvider.verifySignature(
896  signingInput, encodedSignature, keyId, jwkResponse.getJwks().toJSONObject(), null,
897  SignatureAlgorithm.ES256);
898  assertTrue(signatureVerified, "Invalid signature");
899  } catch (Exception e) {
900  fail(e.getMessage(), e);
901  }
902  }
org.xdi.oxauth.client.JwkClient.exec
JwkResponse exec()
Definition: JwkClient.java:54
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm
Definition: SignatureAlgorithm.java:20
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm.ES256
ES256
Definition: SignatureAlgorithm.java:29
org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.verifySignature
boolean verifySignature(String signingInput, String encodedSignature, String alias, JSONObject jwks, String sharedSecret, SignatureAlgorithm signatureAlgorithm)
Definition: OxAuthCryptoProvider.java:179
org.xdi.oxauth.model.jwk.JSONWebKeySet.toJSONObject
JSONObject toJSONObject()
Definition: JSONWebKeySet.java:76
org.xdi.oxauth.client.JwkResponse.getJwks
JSONWebKeySet getJwks()
Definition: JwkResponse.java:40
org.xdi.oxauth.client.JwkClient
Definition: JwkClient.java:29
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.client.JwkResponse
Definition: JwkResponse.java:27
org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign
String sign(String signingInput, String alias, String sharedSecret, SignatureAlgorithm signatureAlgorithm)
Definition: OxAuthCryptoProvider.java:157
org.xdi.oxauth.model.crypto.OxAuthCryptoProvider
Definition: OxAuthCryptoProvider.java:62

◆ testES384()

void org.xdi.oxauth.ws.rs.TokenSignaturesHttpTest.testES384 ( final String  clientJwksUri,
final String  keyId,
final String  dnName,
final String  keyStoreFile,
final String  keyStoreSecret 
) throws NoSuchProviderException, NoSuchAlgorithmException, InvalidAlgorithmParameterException, SignatureException, InvalidKeyException, InvalidKeySpecException, IllegalBlockSizeException, IOException, NoSuchPaddingException, BadPaddingException
inline
909  {
910  try {
911  showTitle("Test ES384");
912 
913  JwkClient jwkClient = new JwkClient(clientJwksUri);
914  JwkResponse jwkResponse = jwkClient.exec();
915 
916  String signingInput = "eyJhbGciOiJIUzI1NiJ9.eyJub25jZSI6ICI2Qm9HN1QwR0RUZ2wiLCAiaWRfdG9rZW4iOiB7Im1heF9hZ2UiOiA4NjQwMH0sICJzdGF0ZSI6ICJTVEFURTAiLCAicmVkaXJlY3RfdXJpIjogImh0dHBzOi8vbG9jYWxob3N0L2NhbGxiYWNrMSIsICJ1c2VyaW5mbyI6IHsiY2xhaW1zIjogeyJuYW1lIjogbnVsbH19LCAiY2xpZW50X2lkIjogIkAhMTExMSEwMDA4IUU2NTQuQjQ2MCIsICJzY29wZSI6IFsib3BlbmlkIl0sICJyZXNwb25zZV90eXBlIjogWyJjb2RlIl19";
917 
918  OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
919  String encodedSignature = cryptoProvider.sign(signingInput, keyId, null, SignatureAlgorithm.ES384);
920 
921  System.out.println("Encoded Signature: " + encodedSignature);
922 
923  boolean signatureVerified = cryptoProvider.verifySignature(
924  signingInput, encodedSignature, keyId, jwkResponse.getJwks().toJSONObject(), null,
925  SignatureAlgorithm.ES384);
926  assertTrue(signatureVerified, "Invalid signature");
927  } catch (Exception e) {
928  fail(e.getMessage(), e);
929  }
930  }
org.xdi.oxauth.client.JwkClient.exec
JwkResponse exec()
Definition: JwkClient.java:54
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm
Definition: SignatureAlgorithm.java:20
org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.verifySignature
boolean verifySignature(String signingInput, String encodedSignature, String alias, JSONObject jwks, String sharedSecret, SignatureAlgorithm signatureAlgorithm)
Definition: OxAuthCryptoProvider.java:179
org.xdi.oxauth.model.jwk.JSONWebKeySet.toJSONObject
JSONObject toJSONObject()
Definition: JSONWebKeySet.java:76
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm.ES384
ES384
Definition: SignatureAlgorithm.java:30
org.xdi.oxauth.client.JwkResponse.getJwks
JSONWebKeySet getJwks()
Definition: JwkResponse.java:40
org.xdi.oxauth.client.JwkClient
Definition: JwkClient.java:29
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.client.JwkResponse
Definition: JwkResponse.java:27
org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign
String sign(String signingInput, String alias, String sharedSecret, SignatureAlgorithm signatureAlgorithm)
Definition: OxAuthCryptoProvider.java:157
org.xdi.oxauth.model.crypto.OxAuthCryptoProvider
Definition: OxAuthCryptoProvider.java:62

◆ testES512()

void org.xdi.oxauth.ws.rs.TokenSignaturesHttpTest.testES512 ( final String  clientJwksUri,
final String  keyId,
final String  dnName,
final String  keyStoreFile,
final String  keyStoreSecret 
) throws NoSuchProviderException, NoSuchAlgorithmException, InvalidAlgorithmParameterException, SignatureException, InvalidKeyException, InvalidKeySpecException, IllegalBlockSizeException, IOException, NoSuchPaddingException, BadPaddingException
inline
937  {
938  try {
939  showTitle("Test ES512");
940 
941  JwkClient jwkClient = new JwkClient(clientJwksUri);
942  JwkResponse jwkResponse = jwkClient.exec();
943 
944  String signingInput = "eyJhbGciOiJIUzI1NiJ9.eyJub25jZSI6ICI2Qm9HN1QwR0RUZ2wiLCAiaWRfdG9rZW4iOiB7Im1heF9hZ2UiOiA4NjQwMH0sICJzdGF0ZSI6ICJTVEFURTAiLCAicmVkaXJlY3RfdXJpIjogImh0dHBzOi8vbG9jYWxob3N0L2NhbGxiYWNrMSIsICJ1c2VyaW5mbyI6IHsiY2xhaW1zIjogeyJuYW1lIjogbnVsbH19LCAiY2xpZW50X2lkIjogIkAhMTExMSEwMDA4IUU2NTQuQjQ2MCIsICJzY29wZSI6IFsib3BlbmlkIl0sICJyZXNwb25zZV90eXBlIjogWyJjb2RlIl19";
945 
946  OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
947  String encodedSignature = cryptoProvider.sign(signingInput, keyId, null, SignatureAlgorithm.ES512);
948 
949  System.out.println("Encoded Signature: " + encodedSignature);
950 
951  boolean signatureVerified = cryptoProvider.verifySignature(
952  signingInput, encodedSignature, keyId, jwkResponse.getJwks().toJSONObject(), null,
953  SignatureAlgorithm.ES512);
954  assertTrue(signatureVerified, "Invalid signature");
955  } catch (Exception e) {
956  fail(e.getMessage(), e);
957  }
958  }
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm.ES512
ES512
Definition: SignatureAlgorithm.java:31
org.xdi.oxauth.client.JwkClient.exec
JwkResponse exec()
Definition: JwkClient.java:54
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm
Definition: SignatureAlgorithm.java:20
org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.verifySignature
boolean verifySignature(String signingInput, String encodedSignature, String alias, JSONObject jwks, String sharedSecret, SignatureAlgorithm signatureAlgorithm)
Definition: OxAuthCryptoProvider.java:179
org.xdi.oxauth.model.jwk.JSONWebKeySet.toJSONObject
JSONObject toJSONObject()
Definition: JSONWebKeySet.java:76
org.xdi.oxauth.client.JwkResponse.getJwks
JSONWebKeySet getJwks()
Definition: JwkResponse.java:40
org.xdi.oxauth.client.JwkClient
Definition: JwkClient.java:29
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.client.JwkResponse
Definition: JwkResponse.java:27
org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign
String sign(String signingInput, String alias, String sharedSecret, SignatureAlgorithm signatureAlgorithm)
Definition: OxAuthCryptoProvider.java:157
org.xdi.oxauth.model.crypto.OxAuthCryptoProvider
Definition: OxAuthCryptoProvider.java:62

◆ testRS256()

void org.xdi.oxauth.ws.rs.TokenSignaturesHttpTest.testRS256 ( final String  clientJwksUri,
final String  keyId,
final String  dnName,
final String  keyStoreFile,
final String  keyStoreSecret 
) throws NoSuchProviderException, NoSuchAlgorithmException, SignatureException, InvalidKeyException, InvalidKeySpecException, IllegalBlockSizeException, IOException, NoSuchPaddingException, BadPaddingException
inline
799  {
800  try {
801  showTitle("Test RS256");
802 
803  JwkClient jwkClient = new JwkClient(clientJwksUri);
804  JwkResponse jwkResponse = jwkClient.exec();
805 
806  String signingInput = "eyJhbGciOiJIUzI1NiJ9.eyJub25jZSI6ICI2Qm9HN1QwR0RUZ2wiLCAiaWRfdG9rZW4iOiB7Im1heF9hZ2UiOiA4NjQwMH0sICJzdGF0ZSI6ICJTVEFURTAiLCAicmVkaXJlY3RfdXJpIjogImh0dHBzOi8vbG9jYWxob3N0L2NhbGxiYWNrMSIsICJ1c2VyaW5mbyI6IHsiY2xhaW1zIjogeyJuYW1lIjogbnVsbH19LCAiY2xpZW50X2lkIjogIkAhMTExMSEwMDA4IUU2NTQuQjQ2MCIsICJzY29wZSI6IFsib3BlbmlkIl0sICJyZXNwb25zZV90eXBlIjogWyJjb2RlIl19";
807 
808  OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
809  String encodedSignature = cryptoProvider.sign(signingInput, keyId, null, SignatureAlgorithm.RS256);
810 
811  System.out.println("Encoded Signature: " + encodedSignature);
812 
813  boolean signatureVerified = cryptoProvider.verifySignature(
814  signingInput, encodedSignature, keyId, jwkResponse.getJwks().toJSONObject(), null,
815  SignatureAlgorithm.RS256);
816  assertTrue(signatureVerified, "Invalid signature");
817  } catch (Exception e) {
818  fail(e.getMessage(), e);
819  }
820  }
org.xdi.oxauth.client.JwkClient.exec
JwkResponse exec()
Definition: JwkClient.java:54
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm
Definition: SignatureAlgorithm.java:20
org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.verifySignature
boolean verifySignature(String signingInput, String encodedSignature, String alias, JSONObject jwks, String sharedSecret, SignatureAlgorithm signatureAlgorithm)
Definition: OxAuthCryptoProvider.java:179
org.xdi.oxauth.model.jwk.JSONWebKeySet.toJSONObject
JSONObject toJSONObject()
Definition: JSONWebKeySet.java:76
org.xdi.oxauth.client.JwkResponse.getJwks
JSONWebKeySet getJwks()
Definition: JwkResponse.java:40
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm.RS256
RS256
Definition: SignatureAlgorithm.java:26
org.xdi.oxauth.client.JwkClient
Definition: JwkClient.java:29
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.client.JwkResponse
Definition: JwkResponse.java:27
org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign
String sign(String signingInput, String alias, String sharedSecret, SignatureAlgorithm signatureAlgorithm)
Definition: OxAuthCryptoProvider.java:157
org.xdi.oxauth.model.crypto.OxAuthCryptoProvider
Definition: OxAuthCryptoProvider.java:62

◆ testRS384()

void org.xdi.oxauth.ws.rs.TokenSignaturesHttpTest.testRS384 ( final String  clientJwksUri,
final String  keyId,
final String  dnName,
final String  keyStoreFile,
final String  keyStoreSecret 
) throws NoSuchProviderException, NoSuchAlgorithmException, SignatureException, InvalidKeyException, InvalidKeySpecException, IllegalBlockSizeException, IOException, NoSuchPaddingException, BadPaddingException
inline
826  {
827  try {
828  showTitle("Test RS384");
829 
830  JwkClient jwkClient = new JwkClient(clientJwksUri);
831  JwkResponse jwkResponse = jwkClient.exec();
832 
833  String signingInput = "eyJhbGciOiJIUzI1NiJ9.eyJub25jZSI6ICI2Qm9HN1QwR0RUZ2wiLCAiaWRfdG9rZW4iOiB7Im1heF9hZ2UiOiA4NjQwMH0sICJzdGF0ZSI6ICJTVEFURTAiLCAicmVkaXJlY3RfdXJpIjogImh0dHBzOi8vbG9jYWxob3N0L2NhbGxiYWNrMSIsICJ1c2VyaW5mbyI6IHsiY2xhaW1zIjogeyJuYW1lIjogbnVsbH19LCAiY2xpZW50X2lkIjogIkAhMTExMSEwMDA4IUU2NTQuQjQ2MCIsICJzY29wZSI6IFsib3BlbmlkIl0sICJyZXNwb25zZV90eXBlIjogWyJjb2RlIl19";
834 
835  OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
836  String encodedSignature = cryptoProvider.sign(signingInput, keyId, null, SignatureAlgorithm.RS384);
837 
838  System.out.println("Encoded Signature: " + encodedSignature);
839 
840  boolean signatureVerified = cryptoProvider.verifySignature(
841  signingInput, encodedSignature, keyId, jwkResponse.getJwks().toJSONObject(), null,
842  SignatureAlgorithm.RS384);
843  assertTrue(signatureVerified, "Invalid signature");
844  } catch (Exception e) {
845  fail(e.getMessage(), e);
846  }
847  }
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm.RS384
RS384
Definition: SignatureAlgorithm.java:27
org.xdi.oxauth.client.JwkClient.exec
JwkResponse exec()
Definition: JwkClient.java:54
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm
Definition: SignatureAlgorithm.java:20
org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.verifySignature
boolean verifySignature(String signingInput, String encodedSignature, String alias, JSONObject jwks, String sharedSecret, SignatureAlgorithm signatureAlgorithm)
Definition: OxAuthCryptoProvider.java:179
org.xdi.oxauth.model.jwk.JSONWebKeySet.toJSONObject
JSONObject toJSONObject()
Definition: JSONWebKeySet.java:76
org.xdi.oxauth.client.JwkResponse.getJwks
JSONWebKeySet getJwks()
Definition: JwkResponse.java:40
org.xdi.oxauth.client.JwkClient
Definition: JwkClient.java:29
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.client.JwkResponse
Definition: JwkResponse.java:27
org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign
String sign(String signingInput, String alias, String sharedSecret, SignatureAlgorithm signatureAlgorithm)
Definition: OxAuthCryptoProvider.java:157
org.xdi.oxauth.model.crypto.OxAuthCryptoProvider
Definition: OxAuthCryptoProvider.java:62

◆ testRS512()

void org.xdi.oxauth.ws.rs.TokenSignaturesHttpTest.testRS512 ( final String  clientJwksUri,
final String  keyId,
final String  dnName,
final String  keyStoreFile,
final String  keyStoreSecret 
) throws NoSuchProviderException, NoSuchAlgorithmException, SignatureException, InvalidKeyException, InvalidKeySpecException, IllegalBlockSizeException, IOException, NoSuchPaddingException, BadPaddingException
inline
853  {
854  try {
855  showTitle("Test RS512");
856 
857  JwkClient jwkClient = new JwkClient(clientJwksUri);
858  JwkResponse jwkResponse = jwkClient.exec();
859 
860  String signingInput = "eyJhbGciOiJIUzI1NiJ9.eyJub25jZSI6ICI2Qm9HN1QwR0RUZ2wiLCAiaWRfdG9rZW4iOiB7Im1heF9hZ2UiOiA4NjQwMH0sICJzdGF0ZSI6ICJTVEFURTAiLCAicmVkaXJlY3RfdXJpIjogImh0dHBzOi8vbG9jYWxob3N0L2NhbGxiYWNrMSIsICJ1c2VyaW5mbyI6IHsiY2xhaW1zIjogeyJuYW1lIjogbnVsbH19LCAiY2xpZW50X2lkIjogIkAhMTExMSEwMDA4IUU2NTQuQjQ2MCIsICJzY29wZSI6IFsib3BlbmlkIl0sICJyZXNwb25zZV90eXBlIjogWyJjb2RlIl19";
861 
862  OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
863  String encodedSignature = cryptoProvider.sign(signingInput, keyId, null, SignatureAlgorithm.RS512);
864 
865  System.out.println("Encoded Signature: " + encodedSignature);
866 
867  boolean signatureVerified = cryptoProvider.verifySignature(
868  signingInput, encodedSignature, keyId, jwkResponse.getJwks().toJSONObject(), null,
869  SignatureAlgorithm.RS512);
870  assertTrue(signatureVerified, "Invalid signature");
871  } catch (Exception e) {
872  fail(e.getMessage(), e);
873  }
874  }
org.xdi.oxauth.client.JwkClient.exec
JwkResponse exec()
Definition: JwkClient.java:54
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm
Definition: SignatureAlgorithm.java:20
org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.verifySignature
boolean verifySignature(String signingInput, String encodedSignature, String alias, JSONObject jwks, String sharedSecret, SignatureAlgorithm signatureAlgorithm)
Definition: OxAuthCryptoProvider.java:179
org.xdi.oxauth.model.jwk.JSONWebKeySet.toJSONObject
JSONObject toJSONObject()
Definition: JSONWebKeySet.java:76
org.xdi.oxauth.client.JwkResponse.getJwks
JSONWebKeySet getJwks()
Definition: JwkResponse.java:40
org.xdi.oxauth.client.JwkClient
Definition: JwkClient.java:29
org.xdi.oxauth.BaseTest.showTitle
void showTitle(String title)
Definition: BaseTest.java:761
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm.RS512
RS512
Definition: SignatureAlgorithm.java:28
org.xdi.oxauth.client.JwkResponse
Definition: JwkResponse.java:27
org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign
String sign(String signingInput, String alias, String sharedSecret, SignatureAlgorithm signatureAlgorithm)
Definition: OxAuthCryptoProvider.java:157
org.xdi.oxauth.model.crypto.OxAuthCryptoProvider
Definition: OxAuthCryptoProvider.java:62

◆ waitForResourceOwnerAndGrantLoginForm() [1/2]

String org.xdi.oxauth.BaseTest.waitForResourceOwnerAndGrantLoginForm ( String  authorizeUrl,
AuthorizationRequest  authorizationRequest,
boolean  cleanupCookies 
)
inlineinherited

Try to open login form (via the user-agent)

617  {
618  String authorizationRequestUrl = authorizeUrl + "?" + authorizationRequest.getQueryString();
619 
620  AuthorizeClient authorizeClient = new AuthorizeClient(authorizeUrl);
621  authorizeClient.setRequest(authorizationRequest);
622 
623  System.out.println("waitForResourceOwnerAndGrantLoginForm: authorizationRequestUrl:" + authorizationRequestUrl);
624  startSelenium();
625  if (cleanupCookies) {
626  System.out.println("waitForResourceOwnerAndGrantLoginForm: Cleaning cookies");
627  deleteAllCookies();
628  }
629  driver.navigate().to(authorizationRequestUrl);
630 
631  WebElement usernameElement = driver.findElement(By.name(loginFormUsername));
632  WebElement passwordElement = driver.findElement(By.name(loginFormPassword));
633  WebElement loginButton = driver.findElement(By.name(loginFormLoginButton));
634 
635  if ((usernameElement == null) || (passwordElement == null) || (loginButton == null)) {
636  return null;
637  }
638 
639  Cookie sessionStateCookie = driver.manage().getCookieNamed("session_state");
640  String sessionState = null;
641  if (sessionStateCookie != null) {
642  sessionState = sessionStateCookie.getValue();
643  }
644  System.out.println("waitForResourceOwnerAndGrantLoginForm: sessionState:" + sessionState);
645 
646  stopSelenium();
647 
648  showClientUserAgent(authorizeClient);
649 
650  return sessionState;
651  }
org.xdi.oxauth.BaseTest.loginFormUsername
String loginFormUsername
Definition: BaseTest.java:88
org.xdi.oxauth.BaseTest.loginFormPassword
String loginFormPassword
Definition: BaseTest.java:89
org.xdi.oxauth.BaseTest.deleteAllCookies
void deleteAllCookies()
Definition: BaseTest.java:661
org.xdi.oxauth.BaseTest.stopSelenium
void stopSelenium()
Definition: BaseTest.java:243
org.xdi.oxauth.client.AuthorizeClient
Definition: AuthorizeClient.java:29
org.xdi.oxauth.BaseTest.startSelenium
void startSelenium()
Definition: BaseTest.java:230
org.xdi.oxauth.BaseTest.loginFormLoginButton
String loginFormLoginButton
Definition: BaseTest.java:90
org.xdi.oxauth.client.BaseClient.setRequest
void setRequest(T request)
Definition: BaseClient.java:68
org.xdi.oxauth.BaseTest.driver
WebDriver driver
Definition: BaseTest.java:70
org.xdi.oxauth.client.AuthorizationRequest.getQueryString
String getQueryString()
Definition: AuthorizationRequest.java:486
org.xdi.oxauth.BaseTest.showClientUserAgent
static void showClientUserAgent(BaseClient client)
Definition: BaseTest.java:783

◆ waitForResourceOwnerAndGrantLoginForm() [2/2]

String org.xdi.oxauth.BaseTest.waitForResourceOwnerAndGrantLoginForm ( String  authorizeUrl,
AuthorizationRequest  authorizationRequest 
)
inlineinherited

Try to open login form (via the user-agent)

657  {
658  return waitForResourceOwnerAndGrantLoginForm(authorizeUrl, authorizationRequest, true);
659  }
org.xdi.oxauth.BaseTest.waitForResourceOwnerAndGrantLoginForm
String waitForResourceOwnerAndGrantLoginForm(String authorizeUrl, AuthorizationRequest authorizationRequest, boolean cleanupCookies)
Definition: BaseTest.java:616

メンバ詳解

◆ authorizationEndpoint

String org.xdi.oxauth.BaseTest.authorizationEndpoint
protectedinherited

◆ authorizationPageEndpoint

String org.xdi.oxauth.BaseTest.authorizationPageEndpoint
protectedinherited

◆ checkSessionIFrame

String org.xdi.oxauth.BaseTest.checkSessionIFrame
protectedinherited

◆ clientInfoEndpoint

String org.xdi.oxauth.BaseTest.clientInfoEndpoint
protectedinherited

◆ configurationEndpoint

String org.xdi.oxauth.BaseTest.configurationEndpoint
protectedinherited

◆ driver

WebDriver org.xdi.oxauth.BaseTest.driver
protectedinherited

◆ endSessionEndpoint

String org.xdi.oxauth.BaseTest.endSessionEndpoint
protectedinherited

◆ gluuConfigurationEndpoint

String org.xdi.oxauth.BaseTest.gluuConfigurationEndpoint
protectedinherited

◆ idGenEndpoint

String org.xdi.oxauth.BaseTest.idGenEndpoint
protectedinherited

◆ introspectionEndpoint

String org.xdi.oxauth.BaseTest.introspectionEndpoint
protectedinherited

◆ jwksUri

String org.xdi.oxauth.BaseTest.jwksUri
protectedinherited

◆ registrationEndpoint

String org.xdi.oxauth.BaseTest.registrationEndpoint
protectedinherited

◆ scopeToClaimsMapping

Map<String, List<String> > org.xdi.oxauth.BaseTest.scopeToClaimsMapping
protectedinherited

◆ testData

FileConfiguration org.xdi.oxauth.ConfigurableTest.testData
staticinherited

◆ tokenEndpoint

String org.xdi.oxauth.BaseTest.tokenEndpoint
protectedinherited

◆ userInfoEndpoint

String org.xdi.oxauth.BaseTest.userInfoEndpoint
protectedinherited
このクラス詳解は次のファイルから抽出されました:
2018年09月30日(日) 14時46分42秒作成 - gluu / 構成:   doxygen 1.8.13