org.xdi.oxauth.ws.rs.TokenEndpointAuthMethodRestrictionHttpTest の継承関係図

org.xdi.oxauth.ws.rs.TokenEndpointAuthMethodRestrictionHttpTest 連携図

公開メンバ関数
void	omittedTokenEndpointAuthMethod (final String redirectUris, final String sectorIdentifierUri) throws Exception

void	tokenEndpointAuthMethodClientSecretBasic (final String redirectUris, final String redirectUri, final String userId, final String userSecret, final String sectorIdentifierUri) throws Exception

void	tokenEndpointAuthMethodClientSecretBasicFail1 (final String redirectUris, final String redirectUri, final String userId, final String userSecret, final String sectorIdentifierUri) throws Exception

void	tokenEndpointAuthMethodClientSecretBasicFail2 (final String redirectUris, final String redirectUri, final String userId, final String userSecret, final String sectorIdentifierUri) throws Exception

void	tokenEndpointAuthMethodClientSecretBasicFail3 (final String redirectUris, final String redirectUri, final String userId, final String userSecret, final String keyId, final String keyStoreFile, final String keyStoreSecret, final String sectorIdentifierUri) throws Exception

void	tokenEndpointAuthMethodClientSecretPost (final String redirectUris, final String redirectUri, final String userId, final String userSecret, final String sectorIdentifierUri) throws Exception

void	tokenEndpointAuthMethodClientSecretPostFail1 (final String redirectUris, final String redirectUri, final String userId, final String userSecret, final String sectorIdentifierUri) throws Exception

void	tokenEndpointAuthMethodClientSecretPostFail2 (final String redirectUris, final String redirectUri, final String userId, final String userSecret, final String sectorIdentifierUri) throws Exception

void	tokenEndpointAuthMethodClientSecretPostFail3 (final String redirectUris, final String redirectUri, final String userId, final String userSecret, final String keyId, final String keyStoreFile, final String keyStoreSecret, final String sectorIdentifierUri) throws Exception

void	tokenEndpointAuthMethodClientSecretJwt (final String redirectUris, final String redirectUri, final String userId, final String userSecret, final String dnName, final String keyStoreFile, final String keyStoreSecret, final String sectorIdentifierUri) throws Exception

void	tokenEndpointAuthMethodClientSecretJwtHS256 (final String redirectUris, final String redirectUri, final String userId, final String userSecret, final String dnName, final String keyStoreFile, final String keyStoreSecret, final String sectorIdentifierUri) throws Exception

void	tokenEndpointAuthMethodClientSecretJwtHS384 (final String redirectUris, final String redirectUri, final String userId, final String userSecret, final String dnName, final String keyStoreFile, final String keyStoreSecret, final String sectorIdentifierUri) throws Exception

void	tokenEndpointAuthMethodClientSecretJwtHS512 (final String redirectUris, final String redirectUri, final String userId, final String userSecret, final String dnName, final String keyStoreFile, final String keyStoreSecret, final String sectorIdentifierUri) throws Exception

void	tokenEndpointAuthMethodClientSecretJwtRS256Fail (final String redirectUris, final String redirectUri, final String userId, final String userSecret, final String dnName, final String keyStoreFile, final String keyStoreSecret, final String keyId, final String sectorIdentifierUri) throws Exception

void	tokenEndpointAuthMethodClientSecretJwtRS384Fail (final String redirectUris, final String redirectUri, final String userId, final String userSecret, final String dnName, final String keyStoreFile, final String keyStoreSecret, final String keyId, final String sectorIdentifierUri) throws Exception

void	tokenEndpointAuthMethodClientSecretJwtRS512Fail (final String redirectUris, final String redirectUri, final String userId, final String userSecret, final String dnName, final String keyStoreFile, final String keyStoreSecret, final String keyId, final String sectorIdentifierUri) throws Exception

void	tokenEndpointAuthMethodClientSecretJwtES256Fail (final String redirectUris, final String redirectUri, final String userId, final String userSecret, final String dnName, final String keyStoreFile, final String keyStoreSecret, final String keyId, final String sectorIdentifierUri) throws Exception

void	tokenEndpointAuthMethodClientSecretJwtES384Fail (final String redirectUris, final String redirectUri, final String userId, final String userSecret, final String dnName, final String keyStoreFile, final String keyStoreSecret, final String keyId, final String sectorIdentifierUri) throws Exception

void	tokenEndpointAuthMethodClientSecretJwtES512Fail (final String redirectUris, final String redirectUri, final String userId, final String userSecret, final String dnName, final String keyStoreFile, final String keyStoreSecret, final String keyId, final String sectorIdentifierUri) throws Exception

void	tokenEndpointAuthMethodClientSecretJwtSigningAlgHS256 (final String redirectUris, final String redirectUri, final String userId, final String userSecret, final String dnName, final String keyStoreFile, final String keyStoreSecret, final String sectorIdentifierUri) throws Exception

void	tokenEndpointAuthMethodClientSecretJwtSigningAlgHS256Fail1 (final String redirectUris, final String redirectUri, final String userId, final String userSecret, final String dnName, final String keyStoreFile, final String keyStoreSecret, final String sectorIdentifierUri) throws Exception

void	tokenEndpointAuthMethodClientSecretJwtSigningAlgHS256Fail2 (final String redirectUris, final String redirectUri, final String userId, final String userSecret, final String dnName, final String keyStoreFile, final String keyStoreSecret, final String sectorIdentifierUri) throws Exception

void	tokenEndpointAuthMethodClientSecretJwtSigningAlgHS384 (final String redirectUris, final String redirectUri, final String userId, final String userSecret, final String dnName, final String keyStoreFile, final String keyStoreSecret, final String sectorIdentifierUri) throws Exception

void	tokenEndpointAuthMethodClientSecretJwtSigningAlgHS384Fail1 (final String redirectUris, final String redirectUri, final String userId, final String userSecret, final String dnName, final String keyStoreFile, final String keyStoreSecret, final String sectorIdentifierUri) throws Exception

void	tokenEndpointAuthMethodClientSecretJwtSigningAlgHS384Fail2 (final String redirectUris, final String redirectUri, final String userId, final String userSecret, final String dnName, final String keyStoreFile, final String keyStoreSecret, final String sectorIdentifierUri) throws Exception

void	tokenEndpointAuthMethodClientSecretJwtSigningAlgHS512 (final String redirectUris, final String redirectUri, final String userId, final String userSecret, final String dnName, final String keyStoreFile, final String keyStoreSecret, final String sectorIdentifierUri) throws Exception

void	tokenEndpointAuthMethodClientSecretJwtSigningAlgHS512Fail1 (final String redirectUris, final String redirectUri, final String userId, final String userSecret, final String dnName, final String keyStoreFile, final String keyStoreSecret, final String sectorIdentifierUri) throws Exception

void	tokenEndpointAuthMethodClientSecretJwtSigningAlgHS512Fail2 (final String redirectUris, final String redirectUri, final String userId, final String userSecret, final String dnName, final String keyStoreFile, final String keyStoreSecret, final String sectorIdentifierUri) throws Exception

void	tokenEndpointAuthMethodClientSecretJwtFail1 (final String redirectUris, final String redirectUri, final String userId, final String userSecret, final String sectorIdentifierUri) throws Exception

void	tokenEndpointAuthMethodClientSecretJwtFail2 (final String redirectUris, final String redirectUri, final String userId, final String userSecret, final String sectorIdentifierUri) throws Exception

void	tokenEndpointAuthMethodClientSecretJwtFail3 (final String redirectUris, final String redirectUri, final String userId, final String userSecret, final String keyId, final String keyStoreFile, final String keyStoreSecret, final String sectorIdentifierUri) throws Exception

void	tokenEndpointAuthMethodPrivateKeyJwt (final String redirectUris, final String redirectUri, final String userId, final String userSecret, final String clientJwksUri, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret, final String sectorIdentifierUri) throws Exception

void	tokenEndpointAuthMethodPrivateKeyJwtFail1 (final String redirectUris, final String redirectUri, final String userId, final String userSecret, final String sectorIdentifierUri) throws Exception

void	tokenEndpointAuthMethodPrivateKeyJwtFail2 (final String redirectUris, final String redirectUri, final String userId, final String userSecret, final String sectorIdentifierUri) throws Exception

void	tokenEndpointAuthMethodPrivateKeyJwtFail3 (final String redirectUris, final String redirectUri, final String userId, final String userSecret, final String sectorIdentifierUri) throws Exception

void	tokenEndpointAuthMethodPrivateKeyJwtRS256 (final String redirectUris, final String redirectUri, final String userId, final String userSecret, final String clientJwksUri, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret, final String sectorIdentifierUri) throws Exception

void	tokenEndpointAuthMethodPrivateKeyJwtRS384 (final String redirectUris, final String redirectUri, final String userId, final String userSecret, final String clientJwksUri, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret, final String sectorIdentifierUri) throws Exception

void	tokenEndpointAuthMethodPrivateKeyJwtRS512 (final String redirectUris, final String redirectUri, final String userId, final String userSecret, final String clientJwksUri, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret, final String sectorIdentifierUri) throws Exception

void	tokenEndpointAuthMethodPrivateKeyJwtES256 (final String redirectUris, final String redirectUri, final String userId, final String userSecret, final String clientJwksUri, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret, final String sectorIdentifierUri) throws Exception

void	tokenEndpointAuthMethodPrivateKeyJwtES384 (final String redirectUris, final String redirectUri, final String userId, final String userSecret, final String clientJwksUri, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret, final String sectorIdentifierUri) throws Exception

void	tokenEndpointAuthMethodPrivateKeyJwtES512 (final String redirectUris, final String redirectUri, final String userId, final String userSecret, final String clientJwksUri, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret, final String sectorIdentifierUri) throws Exception

void	tokenEndpointAuthMethodPrivateKeyJwtSigningAlgRS256 (final String redirectUris, final String redirectUri, final String userId, final String userSecret, final String clientJwksUri, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret, final String sectorIdentifierUri) throws Exception

void	tokenEndpointAuthMethodPrivateKeyJwtSigningAlgRS256Fail1 (final String redirectUris, final String redirectUri, final String userId, final String userSecret, final String clientJwksUri, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret, final String sectorIdentifierUri) throws Exception

void	tokenEndpointAuthMethodPrivateKeyJwtSigningAlgRS256Fail2 (final String redirectUris, final String redirectUri, final String userId, final String userSecret, final String clientJwksUri, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret, final String sectorIdentifierUri) throws Exception

void	tokenEndpointAuthMethodPrivateKeyJwtSigningAlgRS256Fail3 (final String redirectUris, final String redirectUri, final String userId, final String userSecret, final String clientJwksUri, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret, final String sectorIdentifierUri) throws Exception

void	tokenEndpointAuthMethodPrivateKeyJwtSigningAlgRS256Fail4 (final String redirectUris, final String redirectUri, final String userId, final String userSecret, final String clientJwksUri, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret, final String sectorIdentifierUri) throws Exception

void	tokenEndpointAuthMethodPrivateKeyJwtSigningAlgRS256Fail5 (final String redirectUris, final String redirectUri, final String userId, final String userSecret, final String clientJwksUri, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret, final String sectorIdentifierUri) throws Exception

void	tokenEndpointAuthMethodPrivateKeyJwtSigningAlgRS384 (final String redirectUris, final String redirectUri, final String userId, final String userSecret, final String clientJwksUri, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret, final String sectorIdentifierUri) throws Exception

void	tokenEndpointAuthMethodPrivateKeyJwtSigningAlgRS384Fail1 (final String redirectUris, final String redirectUri, final String userId, final String userSecret, final String clientJwksUri, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret, final String sectorIdentifierUri) throws Exception

void	tokenEndpointAuthMethodPrivateKeyJwtSigningAlgRS384Fail2 (final String redirectUris, final String redirectUri, final String userId, final String userSecret, final String clientJwksUri, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret, final String sectorIdentifierUri) throws Exception

void	tokenEndpointAuthMethodPrivateKeyJwtSigningAlgRS384Fail3 (final String redirectUris, final String redirectUri, final String userId, final String userSecret, final String clientJwksUri, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret, final String sectorIdentifierUri) throws Exception

void	tokenEndpointAuthMethodPrivateKeyJwtSigningAlgRS384Fail4 (final String redirectUris, final String redirectUri, final String userId, final String userSecret, final String clientJwksUri, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret, final String sectorIdentifierUri) throws Exception

void	tokenEndpointAuthMethodPrivateKeyJwtSigningAlgRS384Fail5 (final String redirectUris, final String redirectUri, final String userId, final String userSecret, final String clientJwksUri, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret, final String sectorIdentifierUri) throws Exception

void	tokenEndpointAuthMethodPrivateKeyJwtSigningAlgRS512 (final String redirectUris, final String redirectUri, final String userId, final String userSecret, final String clientJwksUri, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret, final String sectorIdentifierUri) throws Exception

void	tokenEndpointAuthMethodPrivateKeyJwtSigningAlgRS512Fail1 (final String redirectUris, final String redirectUri, final String userId, final String userSecret, final String clientJwksUri, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret, final String sectorIdentifierUri) throws Exception

void	tokenEndpointAuthMethodPrivateKeyJwtSigningAlgRS512Fail2 (final String redirectUris, final String redirectUri, final String userId, final String userSecret, final String clientJwksUri, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret, final String sectorIdentifierUri) throws Exception

void	tokenEndpointAuthMethodPrivateKeyJwtSigningAlgRS512Fail3 (final String redirectUris, final String redirectUri, final String userId, final String userSecret, final String clientJwksUri, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret, final String sectorIdentifierUri) throws Exception

void	tokenEndpointAuthMethodPrivateKeyJwtSigningAlgRS512Fail4 (final String redirectUris, final String redirectUri, final String userId, final String userSecret, final String clientJwksUri, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret, final String sectorIdentifierUri) throws Exception

void	tokenEndpointAuthMethodPrivateKeyJwtSigningAlgRS512Fail5 (final String redirectUris, final String redirectUri, final String userId, final String userSecret, final String clientJwksUri, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret, final String sectorIdentifierUri) throws Exception

void	tokenEndpointAuthMethodPrivateKeyJwtSigningAlgES256 (final String redirectUris, final String redirectUri, final String userId, final String userSecret, final String clientJwksUri, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret, final String sectorIdentifierUri) throws Exception

void	tokenEndpointAuthMethodPrivateKeyJwtSigningAlgES256Fail1 (final String redirectUris, final String redirectUri, final String userId, final String userSecret, final String clientJwksUri, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret, final String sectorIdentifierUri) throws Exception

void	tokenEndpointAuthMethodPrivateKeyJwtSigningAlgES256Fail2 (final String redirectUris, final String redirectUri, final String userId, final String userSecret, final String clientJwksUri, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret, final String sectorIdentifierUri) throws Exception

void	tokenEndpointAuthMethodPrivateKeyJwtSigningAlgES256Fail3 (final String redirectUris, final String redirectUri, final String userId, final String userSecret, final String clientJwksUri, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret, final String sectorIdentifierUri) throws Exception

void	tokenEndpointAuthMethodPrivateKeyJwtSigningAlgES256Fail4 (final String redirectUris, final String redirectUri, final String userId, final String userSecret, final String clientJwksUri, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret, final String sectorIdentifierUri) throws Exception

void	tokenEndpointAuthMethodPrivateKeyJwtSigningAlgES256Fail5 (final String redirectUris, final String redirectUri, final String userId, final String userSecret, final String clientJwksUri, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret, final String sectorIdentifierUri) throws Exception

void	tokenEndpointAuthMethodPrivateKeyJwtSigningAlgES384 (final String redirectUris, final String redirectUri, final String userId, final String userSecret, final String clientJwksUri, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret, final String sectorIdentifierUri) throws Exception

void	tokenEndpointAuthMethodPrivateKeyJwtSigningAlgES384Fail1 (final String redirectUris, final String redirectUri, final String userId, final String userSecret, final String clientJwksUri, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret, final String sectorIdentifierUri) throws Exception

void	tokenEndpointAuthMethodPrivateKeyJwtSigningAlgES384Fail2 (final String redirectUris, final String redirectUri, final String userId, final String userSecret, final String clientJwksUri, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret, final String sectorIdentifierUri) throws Exception

void	tokenEndpointAuthMethodPrivateKeyJwtSigningAlgES384Fail3 (final String redirectUris, final String redirectUri, final String userId, final String userSecret, final String clientJwksUri, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret, final String sectorIdentifierUri) throws Exception

void	tokenEndpointAuthMethodPrivateKeyJwtSigningAlgES384Fail4 (final String redirectUris, final String redirectUri, final String userId, final String userSecret, final String clientJwksUri, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret, final String sectorIdentifierUri) throws Exception

void	tokenEndpointAuthMethodPrivateKeyJwtSigningAlgES384Fail5 (final String redirectUris, final String redirectUri, final String userId, final String userSecret, final String clientJwksUri, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret, final String sectorIdentifierUri) throws Exception

void	tokenEndpointAuthMethodPrivateKeyJwtSigningAlgES512 (final String redirectUris, final String redirectUri, final String userId, final String userSecret, final String clientJwksUri, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret, final String sectorIdentifierUri) throws Exception

void	tokenEndpointAuthMethodPrivateKeyJwtSigningAlgES512Fail1 (final String redirectUris, final String redirectUri, final String userId, final String userSecret, final String clientJwksUri, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret, final String sectorIdentifierUri) throws Exception

void	tokenEndpointAuthMethodPrivateKeyJwtSigningAlgES512Fail2 (final String redirectUris, final String redirectUri, final String userId, final String userSecret, final String clientJwksUri, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret, final String sectorIdentifierUri) throws Exception

void	tokenEndpointAuthMethodPrivateKeyJwtSigningAlgES512Fail3 (final String redirectUris, final String redirectUri, final String userId, final String userSecret, final String clientJwksUri, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret, final String sectorIdentifierUri) throws Exception

void	tokenEndpointAuthMethodPrivateKeyJwtSigningAlgES512Fail4 (final String redirectUris, final String redirectUri, final String userId, final String userSecret, final String clientJwksUri, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret, final String sectorIdentifierUri) throws Exception

void	tokenEndpointAuthMethodPrivateKeyJwtSigningAlgES512Fail5 (final String redirectUris, final String redirectUri, final String userId, final String userSecret, final String clientJwksUri, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret, final String sectorIdentifierUri) throws Exception

void	initTestSuite (ITestContext context) throws FileNotFoundException, IOException

WebDriver	getDriver ()

void	setDriver (WebDriver driver)

String	getAuthorizationEndpoint ()

void	setAuthorizationEndpoint (String authorizationEndpoint)

String	getTokenEndpoint ()

void	setTokenEndpoint (String tokenEndpoint)

String	getUserInfoEndpoint ()

void	setUserInfoEndpoint (String userInfoEndpoint)

String	getClientInfoEndpoint ()

void	setClientInfoEndpoint (String clientInfoEndpoint)

String	getCheckSessionIFrame ()

void	setCheckSessionIFrame (String checkSessionIFrame)

String	getEndSessionEndpoint ()

void	setEndSessionEndpoint (String endSessionEndpoint)

String	getJwksUri ()

void	setJwksUri (String jwksUri)

String	getRegistrationEndpoint ()

void	setRegistrationEndpoint (String registrationEndpoint)

String	getIntrospectionEndpoint ()

void	setIntrospectionEndpoint (String p_introspectionEndpoint)

Map< String, List< String > >	getScopeToClaimsMapping ()

void	setScopeToClaimsMapping (Map< String, List< String >> p_scopeToClaimsMapping)

String	getIdGenEndpoint ()

void	setIdGenEndpoint (String p_idGenEndpoint)

String	getConfigurationEndpoint ()

void	setConfigurationEndpoint (String configurationEndpoint)

void	startSelenium ()

void	stopSelenium ()

AuthorizationResponse	authenticateResourceOwnerAndGrantAccess (String authorizeUrl, AuthorizationRequest authorizationRequest, String userId, String userSecret)

AuthorizationResponse	authenticateResourceOwnerAndGrantAccess (String authorizeUrl, AuthorizationRequest authorizationRequest, String userId, String userSecret, boolean cleanupCookies)

AuthorizationResponse	authenticateResourceOwnerAndGrantAccess (String authorizeUrl, AuthorizationRequest authorizationRequest, String userId, String userSecret, boolean cleanupCookies, boolean useNewDriver)

AuthorizationResponse	authenticateResourceOwnerAndGrantAccess (String authorizeUrl, AuthorizationRequest authorizationRequest, String userId, String userSecret, boolean cleanupCookies, boolean useNewDriver, int authzSteps)

AuthorizationResponse	authenticateResourceOwnerAndDenyAccess (String authorizeUrl, AuthorizationRequest authorizationRequest, String userId, String userSecret)

AuthorizationResponse	authorizationRequestAndGrantAccess (String authorizeUrl, AuthorizationRequest authorizationRequest)

AuthorizationResponse	authorizationRequestAndDenyAccess (String authorizeUrl, AuthorizationRequest authorizationRequest)

AuthorizationResponse	authenticateResourceOwner (String authorizeUrl, AuthorizationRequest authorizationRequest, String userId, String userSecret, boolean cleanupCookies)

String	waitForResourceOwnerAndGrantLoginForm (String authorizeUrl, AuthorizationRequest authorizationRequest, boolean cleanupCookies)

String	waitForResourceOwnerAndGrantLoginForm (String authorizeUrl, AuthorizationRequest authorizationRequest)

void	discovery (ITestContext context) throws Exception

void	showTitle (String title)

void	showTitle (String title)

void	showEntity (String entity)

void	showResponse (String title, Response response)

静的公開メンバ関数
static void	showClient (BaseClient client)

static void	showClient (BaseClient client, CookieStore cookieStore)

static void	showClientUserAgent (BaseClient client)

static void	assertErrorResponse (BaseResponseWithErrors p_response, IErrorType p_errorType)

static DefaultHttpClient	createHttpClient ()

static DefaultHttpClient	createHttpClient (HostnameVerifierType p_verifierType)

static ClientExecutor	clientExecutor () throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException

static ClientExecutor	clientExecutor (boolean trustAll) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException

static HttpClient	createHttpClientTrustAll () throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException

static void	showResponse (String title, Response response, Object entity)

static void	fails (Throwable e)

static void	output (String p_msg)

static Archive<?>	createDeployment ()

静的公開変数類
static FileConfiguration	testData

限定公開変数類
WebDriver	driver

String	authorizationEndpoint

String	authorizationPageEndpoint

String	gluuConfigurationEndpoint

String	tokenEndpoint

String	userInfoEndpoint

String	clientInfoEndpoint

String	checkSessionIFrame

String	endSessionEndpoint

String	jwksUri

String	registrationEndpoint

String	configurationEndpoint

String	idGenEndpoint

String	introspectionEndpoint

Map< String, List< String > >	scopeToClaimsMapping

詳解

著者: Javier Rojas Blum

バージョン: November 29, 2017

関数詳解

◆ assertErrorResponse()

static void org.xdi.oxauth.BaseTest.assertErrorResponse	(	BaseResponseWithErrors	p_response,
		IErrorType	p_errorType
	)

inlinestaticinherited

                                                                                                       {
         assertEquals(p_response.getStatus(), 400, "Unexpected response code. Entity: " + p_response.getEntity());
         assertNotNull(p_response.getEntity(), "The entity is null");
         assertEquals(p_response.getErrorType(), p_errorType);
         assertTrue(StringUtils.isNotBlank(p_response.getErrorDescription()));
     }

◆ authenticateResourceOwner()

AuthorizationResponse org.xdi.oxauth.BaseTest.authenticateResourceOwner	(	String	authorizeUrl,
		AuthorizationRequest	authorizationRequest,
		String	userId,
		String	userSecret,
		boolean	cleanupCookies
	)

inlineinherited

The authorization server authenticates the resource owner (via the user-agent) No authorization page.

                                                                                                                                       {
         String authorizationRequestUrl = authorizeUrl + "?" + authorizationRequest.getQueryString();
 
         AuthorizeClient authorizeClient = new AuthorizeClient(authorizeUrl);
         authorizeClient.setRequest(authorizationRequest);
 
         System.out.println("authenticateResourceOwner: authorizationRequestUrl:" + authorizationRequestUrl);
         startSelenium();
         if (cleanupCookies) {
             System.out.println("authenticateResourceOwner: Cleaning cookies");
             deleteAllCookies();
         }
 //        try {
             driver.navigate().to(authorizationRequestUrl);
 //        } catch (WebDriverException ex) {
 //            if (ex.getCause() instanceof ScriptException) {
 //                System.out.println("authenticateResourceOwner: Script error: " + ex.getMessage());
 //            } else {
 //                throw ex;
 //            }
 //        }
 
         if (userSecret != null) {
             if (userId != null) {
                 WebElement usernameElement = driver.findElement(By.name(loginFormUsername));
                 usernameElement.sendKeys(userId);
             }
 
             WebElement passwordElement = driver.findElement(By.name(loginFormPassword));
             passwordElement.sendKeys(userSecret);
 
             WebElement loginButton = driver.findElement(By.name(loginFormLoginButton));
 
             loginButton.click();
         }
 
         String authorizationResponseStr = driver.getCurrentUrl();
 
         Cookie sessionStateCookie = driver.manage().getCookieNamed("session_state");
         String sessionState = null;
         if (sessionStateCookie != null) {
             sessionState = sessionStateCookie.getValue();
         }
         System.out.println("authenticateResourceOwner: sessionState:" + sessionState);
 
         stopSelenium();
 
         AuthorizationResponse authorizationResponse = new AuthorizationResponse(authorizationResponseStr);
         if (authorizationRequest.getRedirectUri() != null && authorizationRequest.getRedirectUri().equals(authorizationResponseStr)) {
             authorizationResponse.setResponseMode(ResponseMode.FORM_POST);
         }
         authorizeClient.setResponse(authorizationResponse);
         showClientUserAgent(authorizeClient);
 
         return authorizationResponse;
     }

◆ authenticateResourceOwnerAndDenyAccess()

AuthorizationResponse org.xdi.oxauth.BaseTest.authenticateResourceOwnerAndDenyAccess	(	String	authorizeUrl,
		AuthorizationRequest	authorizationRequest,
		String	userId,
		String	userSecret
	)

inlineinherited

                                                                                                               {
         String authorizationRequestUrl = authorizeUrl + "?" + authorizationRequest.getQueryString();
 
         AuthorizeClient authorizeClient = new AuthorizeClient(authorizeUrl);
         authorizeClient.setRequest(authorizationRequest);
 
         System.out.println("authenticateResourceOwnerAndDenyAccess: authorizationRequestUrl:" + authorizationRequestUrl);
         startSelenium();
         driver.navigate().to(authorizationRequestUrl);
 
         WebElement usernameElement = driver.findElement(By.name(loginFormUsername));
         WebElement passwordElement = driver.findElement(By.name(loginFormPassword));
         WebElement loginButton = driver.findElement(By.name(loginFormLoginButton));
 
         if (userId != null) {
             usernameElement.sendKeys(userId);
         }
         passwordElement.sendKeys(userSecret);
         loginButton.click();
 
         String authorizationResponseStr = driver.getCurrentUrl();
 
         WebElement doNotAllowButton = driver.findElement(By.id(authorizeFormDoNotAllowButton));
 
         final String previousURL = driver.getCurrentUrl();
         doNotAllowButton.click();
         WebDriverWait wait = new WebDriverWait(driver, 10);
         wait.until(new ExpectedCondition<Boolean>() {
             public Boolean apply(WebDriver d) {
                 return (d.getCurrentUrl() != previousURL);
             }
         });
 
         authorizationResponseStr = driver.getCurrentUrl();
 
         Cookie sessionIdCookie = driver.manage().getCookieNamed("session_id");
         String sessionId = null;
         if (sessionIdCookie != null) {
             sessionId = sessionIdCookie.getValue();
         }
         System.out.println("authenticateResourceOwnerAndDenyAccess: sessionId:" + sessionId);
 
         stopSelenium();
 
         AuthorizationResponse authorizationResponse = new AuthorizationResponse(authorizationResponseStr);
         if (authorizationRequest.getRedirectUri() != null && authorizationRequest.getRedirectUri().equals(authorizationResponseStr)) {
             authorizationResponse.setResponseMode(ResponseMode.FORM_POST);
         }
         authorizationResponse.setSessionId(sessionId);
         authorizeClient.setResponse(authorizationResponse);
         showClientUserAgent(authorizeClient);
 
         return authorizationResponse;
     }

◆ authenticateResourceOwnerAndGrantAccess() [1/4]

AuthorizationResponse org.xdi.oxauth.BaseTest.authenticateResourceOwnerAndGrantAccess	(	String	authorizeUrl,
		AuthorizationRequest	authorizationRequest,
		String	userId,
		String	userSecret
	)

inlineinherited

The authorization server authenticates the resource owner (via the user-agent) and establishes whether the resource owner grants or denies the client's access request.

                                                                                                               {
         return authenticateResourceOwnerAndGrantAccess(authorizeUrl, authorizationRequest, userId, userSecret, true);
     }

◆ authenticateResourceOwnerAndGrantAccess() [2/4]

AuthorizationResponse org.xdi.oxauth.BaseTest.authenticateResourceOwnerAndGrantAccess	(	String	authorizeUrl,
		AuthorizationRequest	authorizationRequest,
		String	userId,
		String	userSecret,
		boolean	cleanupCookies
	)

inlineinherited

The authorization server authenticates the resource owner (via the user-agent) and establishes whether the resource owner grants or denies the client's access request.

                                                                                                                                       {
         return authenticateResourceOwnerAndGrantAccess(authorizeUrl, authorizationRequest, userId, userSecret, cleanupCookies, false);
     }

◆ authenticateResourceOwnerAndGrantAccess() [3/4]

AuthorizationResponse org.xdi.oxauth.BaseTest.authenticateResourceOwnerAndGrantAccess	(	String	authorizeUrl,
		AuthorizationRequest	authorizationRequest,
		String	userId,
		String	userSecret,
		boolean	cleanupCookies,
		boolean	useNewDriver
	)

inlineinherited

The authorization server authenticates the resource owner (via the user-agent) and establishes whether the resource owner grants or denies the client's access request.

                                                           {
         return authenticateResourceOwnerAndGrantAccess(authorizeUrl, authorizationRequest, userId, userSecret, cleanupCookies, useNewDriver, 1);
     }

◆ authenticateResourceOwnerAndGrantAccess() [4/4]

AuthorizationResponse org.xdi.oxauth.BaseTest.authenticateResourceOwnerAndGrantAccess	(	String	authorizeUrl,
		AuthorizationRequest	authorizationRequest,
		String	userId,
		String	userSecret,
		boolean	cleanupCookies,
		boolean	useNewDriver,
		int	authzSteps
	)

inlineinherited

The authorization server authenticates the resource owner (via the user-agent) and establishes whether the resource owner grants or denies the client's access request.

                                                                           {
         WebDriver currentDriver = initWebDriver(useNewDriver, cleanupCookies);
 
         AuthorizeClient authorizeClient = processAuthentication(currentDriver, authorizeUrl, authorizationRequest,
                 userId, userSecret);
 
         int remainAuthzSteps = authzSteps;
 
         String authorizationResponseStr = null;
         do {
             authorizationResponseStr = acceptAuthorization(currentDriver);
             remainAuthzSteps--;
         } while (remainAuthzSteps >= 1);
 
         AuthorizationResponse authorizationResponse = buildAuthorizationResponse(authorizationRequest, useNewDriver,
                 currentDriver, authorizeClient, authorizationResponseStr);
 
         stopWebDriver(useNewDriver, currentDriver);
 
         return authorizationResponse;
     }

◆ authorizationRequestAndDenyAccess()

AuthorizationResponse org.xdi.oxauth.BaseTest.authorizationRequestAndDenyAccess	(	String	authorizeUrl,
		AuthorizationRequest	authorizationRequest
	)

inlineinherited

                                                                             {
         String authorizationRequestUrl = authorizeUrl + "?" + authorizationRequest.getQueryString();
 
         AuthorizeClient authorizeClient = new AuthorizeClient(authorizeUrl);
         authorizeClient.setRequest(authorizationRequest);
 
         System.out.println("authorizationRequestAndDenyAccess: authorizationRequestUrl:" + authorizationRequestUrl);
         startSelenium();
         driver.navigate().to(authorizationRequestUrl);
 
         WebElement doNotAllowButton = driver.findElement(By.id(authorizeFormDoNotAllowButton));
 
         final String previousURL = driver.getCurrentUrl();
         doNotAllowButton.click();
         WebDriverWait wait = new WebDriverWait(driver, 10);
         wait.until(new ExpectedCondition<Boolean>() {
             public Boolean apply(WebDriver d) {
                 return (d.getCurrentUrl() != previousURL);
             }
         });
 
         String authorizationResponseStr = driver.getCurrentUrl();
 
         Cookie sessionStateCookie = driver.manage().getCookieNamed("session_state");
         String sessionState = null;
         if (sessionStateCookie != null) {
             sessionState = sessionStateCookie.getValue();
         }
         System.out.println("authorizationRequestAndDenyAccess: sessionState:" + sessionState);
 
         stopSelenium();
 
         AuthorizationResponse authorizationResponse = new AuthorizationResponse(authorizationResponseStr);
         if (authorizationRequest.getRedirectUri() != null && authorizationRequest.getRedirectUri().equals(authorizationResponseStr)) {
             authorizationResponse.setResponseMode(ResponseMode.FORM_POST);
         }
         authorizeClient.setResponse(authorizationResponse);
         showClientUserAgent(authorizeClient);
 
         return authorizationResponse;
     }

◆ authorizationRequestAndGrantAccess()

AuthorizationResponse org.xdi.oxauth.BaseTest.authorizationRequestAndGrantAccess	(	String	authorizeUrl,
		AuthorizationRequest	authorizationRequest
	)

inlineinherited

                                                                             {
         String authorizationRequestUrl = authorizeUrl + "?" + authorizationRequest.getQueryString();
 
         AuthorizeClient authorizeClient = new AuthorizeClient(authorizeUrl);
         authorizeClient.setRequest(authorizationRequest);
 
         System.out.println("authorizationRequestAndGrantAccess: authorizationRequestUrl:" + authorizationRequestUrl);
         startSelenium();
         driver.navigate().to(authorizationRequestUrl);
 
         String authorizationResponseStr = driver.getCurrentUrl();
 
         WebElement allowButton = driver.findElement(By.id(authorizeFormAllowButton));
 
         final String previousURL = driver.getCurrentUrl();
         allowButton.click();
         WebDriverWait wait = new WebDriverWait(driver, 10);
         wait.until(new ExpectedCondition<Boolean>() {
             public Boolean apply(WebDriver d) {
                 return (d.getCurrentUrl() != previousURL);
             }
         });
 
         authorizationResponseStr = driver.getCurrentUrl();
 
         Cookie sessionStateCookie = driver.manage().getCookieNamed("session_state");
         String sessionState = null;
         if (sessionStateCookie != null) {
             sessionState = sessionStateCookie.getValue();
         }
         System.out.println("authorizationRequestAndGrantAccess: sessionState:" + sessionState);
 
         stopSelenium();
 
         AuthorizationResponse authorizationResponse = new AuthorizationResponse(authorizationResponseStr);
         if (authorizationRequest.getRedirectUri() != null && authorizationRequest.getRedirectUri().equals(authorizationResponseStr)) {
             authorizationResponse.setResponseMode(ResponseMode.FORM_POST);
         }
         authorizeClient.setResponse(authorizationResponse);
         showClientUserAgent(authorizeClient);
 
         return authorizationResponse;
     }

◆ clientExecutor() [1/2]

static ClientExecutor org.xdi.oxauth.BaseTest.clientExecutor ( ) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException

inlinestaticinherited

                                                                                                                                                         {
         return clientExecutor(false);
     }

◆ clientExecutor() [2/2]

static ClientExecutor org.xdi.oxauth.BaseTest.clientExecutor ( boolean trustAll ) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException

inlinestaticinherited

                                                                                                                                                                         {
         if (trustAll) {
             return new ApacheHttpClient4Executor(createHttpClientTrustAll());
         }
         return ClientRequest.getDefaultExecutor();
     }

◆ createDeployment()

static Archive<?> org.xdi.oxauth.ConfigurableTest.createDeployment ( )

inlinestaticinherited

                                                     {
                 return Deployments.createDeployment();
         }

◆ createHttpClient() [1/2]

static DefaultHttpClient org.xdi.oxauth.BaseTest.createHttpClient ( )

inlinestaticinherited

                                                        {
         return createHttpClient(HostnameVerifierType.DEFAULT);
     }

◆ createHttpClient() [2/2]

static DefaultHttpClient org.xdi.oxauth.BaseTest.createHttpClient ( HostnameVerifierType p_verifierType )

inlinestaticinherited

                                                                                           {
         if (p_verifierType != null && p_verifierType != HostnameVerifierType.DEFAULT) {
             switch (p_verifierType) {
                 case ALLOW_ALL:
                     HostnameVerifier hostnameVerifier = org.apache.http.conn.ssl.SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER;
 
                     DefaultHttpClient client = new DefaultHttpClient();
 
                     SchemeRegistry registry = new SchemeRegistry();
                     SSLSocketFactory socketFactory = SSLSocketFactory.getSocketFactory();
                     socketFactory.setHostnameVerifier((X509HostnameVerifier) hostnameVerifier);
                     registry.register(new Scheme("https", socketFactory, 443));
                     SingleClientConnManager mgr = new SingleClientConnManager(client.getParams(), registry);
 
                     // Set verifier
                     HttpsURLConnection.setDefaultHostnameVerifier(hostnameVerifier);
                     return new DefaultHttpClient(mgr, client.getParams());
                 case DEFAULT:
                     return new DefaultHttpClient();
             }
         }
         return new DefaultHttpClient();
     }

◆ createHttpClientTrustAll()

static HttpClient org.xdi.oxauth.BaseTest.createHttpClientTrustAll ( ) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException

inlinestaticinherited

                                                                                                                                                               {
         SSLSocketFactory sf = new SSLSocketFactory(new TrustStrategy() {
             @Override
             public boolean isTrusted(X509Certificate[] chain, String authType) throws CertificateException {
                 return true;
             }
         }, new AllowAllHostnameVerifier());
 
         SchemeRegistry registry = new SchemeRegistry();
         registry.register(new Scheme("http", 80, PlainSocketFactory.getSocketFactory()));
         registry.register(new Scheme("https", 443, sf));
         ClientConnectionManager ccm = new PoolingClientConnectionManager(registry);
         return new DefaultHttpClient(ccm);
     }

◆ discovery()

void org.xdi.oxauth.BaseTest.discovery ( ITestContext context ) throws Exception

inlineinherited

                                                                  {
         // Load Form Interaction
         loginFormUsername = context.getCurrentXmlTest().getParameter("loginFormUsername");
         loginFormPassword = context.getCurrentXmlTest().getParameter("loginFormPassword");
         loginFormLoginButton = context.getCurrentXmlTest().getParameter("loginFormLoginButton");
         authorizeFormAllowButton = context.getCurrentXmlTest().getParameter("authorizeFormAllowButton");
         authorizeFormDoNotAllowButton = context.getCurrentXmlTest().getParameter("authorizeFormDoNotAllowButton");
 
         String resource = context.getCurrentXmlTest().getParameter("swdResource");
 
         if (StringUtils.isNotBlank(resource)) {
 
             showTitle("OpenID Connect Discovery");
 
             OpenIdConnectDiscoveryClient openIdConnectDiscoveryClient = new OpenIdConnectDiscoveryClient(resource);
             OpenIdConnectDiscoveryResponse openIdConnectDiscoveryResponse = openIdConnectDiscoveryClient.exec(clientExecutor(true));
 
             showClient(openIdConnectDiscoveryClient);
             assertEquals(openIdConnectDiscoveryResponse.getStatus(), 200, "Unexpected response code");
             assertNotNull(openIdConnectDiscoveryResponse.getSubject());
             assertTrue(openIdConnectDiscoveryResponse.getLinks().size() > 0);
 
             configurationEndpoint = openIdConnectDiscoveryResponse.getLinks().get(0).getHref() +
                     "/.well-known/openid-configuration";
 
             System.out.println("OpenID Connect Configuration");
 
             OpenIdConfigurationClient client = new OpenIdConfigurationClient(configurationEndpoint);
             client.setExecutor(clientExecutor(true));
             OpenIdConfigurationResponse response = client.execOpenIdConfiguration();
 
             showClient(client);
             assertEquals(response.getStatus(), 200, "Unexpected response code");
             assertNotNull(response.getIssuer(), "The issuer is null");
             assertNotNull(response.getAuthorizationEndpoint(), "The authorizationEndpoint is null");
             assertNotNull(response.getTokenEndpoint(), "The tokenEndpoint is null");
             assertNotNull(response.getUserInfoEndpoint(), "The userInfoEndPoint is null");
             assertNotNull(response.getJwksUri(), "The jwksUri is null");
             assertNotNull(response.getRegistrationEndpoint(), "The registrationEndpoint is null");
 
             assertTrue(response.getScopesSupported().size() > 0, "The scopesSupported is empty");
             assertTrue(response.getScopeToClaimsMapping().size() > 0, "The scope to claims mapping is empty");
             assertTrue(response.getResponseTypesSupported().size() > 0, "The responseTypesSupported is empty");
             assertTrue(response.getGrantTypesSupported().size() > 0, "The grantTypesSupported is empty");
             assertTrue(response.getAcrValuesSupported().size() >= 0, "The acrValuesSupported is empty");
             assertTrue(response.getSubjectTypesSupported().size() > 0, "The subjectTypesSupported is empty");
             assertTrue(response.getIdTokenSigningAlgValuesSupported().size() > 0, "The idTokenSigningAlgValuesSupported is empty");
             assertTrue(response.getRequestObjectSigningAlgValuesSupported().size() > 0, "The requestObjectSigningAlgValuesSupported is empty");
             assertTrue(response.getTokenEndpointAuthMethodsSupported().size() > 0, "The tokenEndpointAuthMethodsSupported is empty");
             assertTrue(response.getClaimsSupported().size() > 0, "The claimsSupported is empty");
 
             authorizationEndpoint = response.getAuthorizationEndpoint();
             tokenEndpoint = response.getTokenEndpoint();
             userInfoEndpoint = response.getUserInfoEndpoint();
             clientInfoEndpoint = response.getClientInfoEndpoint();
             checkSessionIFrame = response.getCheckSessionIFrame();
             endSessionEndpoint = response.getEndSessionEndpoint();
             jwksUri = response.getJwksUri();
             registrationEndpoint = response.getRegistrationEndpoint();
             idGenEndpoint = response.getIdGenerationEndpoint();
             introspectionEndpoint = response.getIntrospectionEndpoint();
             scopeToClaimsMapping = response.getScopeToClaimsMapping();
             gluuConfigurationEndpoint = determineGluuConfigurationEndpoint(openIdConnectDiscoveryResponse.getLinks().get(0).getHref());
         } else {
             showTitle("Loading configuration endpoints from properties file");
 
             authorizationEndpoint = context.getCurrentXmlTest().getParameter("authorizationEndpoint");
             tokenEndpoint = context.getCurrentXmlTest().getParameter("tokenEndpoint");
             userInfoEndpoint = context.getCurrentXmlTest().getParameter("userInfoEndpoint");
             clientInfoEndpoint = context.getCurrentXmlTest().getParameter("clientInfoEndpoint");
             checkSessionIFrame = context.getCurrentXmlTest().getParameter("checkSessionIFrame");
             endSessionEndpoint = context.getCurrentXmlTest().getParameter("endSessionEndpoint");
             jwksUri = context.getCurrentXmlTest().getParameter("jwksUri");
             registrationEndpoint = context.getCurrentXmlTest().getParameter("registrationEndpoint");
             configurationEndpoint = context.getCurrentXmlTest().getParameter("configurationEndpoint");
             idGenEndpoint = context.getCurrentXmlTest().getParameter("idGenEndpoint");
             introspectionEndpoint = context.getCurrentXmlTest().getParameter("introspectionEndpoint");
             scopeToClaimsMapping = new HashMap<String, List<String>>();
         }
 
         authorizationPageEndpoint = determineAuthorizationPageEndpoint(authorizationEndpoint);
     }

◆ fails()

static void org.xdi.oxauth.BaseTest.fails ( Throwable e )

inlinestaticinherited

                                               {
                 Assert.fail(e.getMessage(), e);
         }

◆ getAuthorizationEndpoint()

String org.xdi.oxauth.BaseTest.getAuthorizationEndpoint ( )

inlineinherited

                                              {
         return authorizationEndpoint;
     }

◆ getCheckSessionIFrame()

String org.xdi.oxauth.BaseTest.getCheckSessionIFrame ( )

inlineinherited

                                           {
         return checkSessionIFrame;
     }

◆ getClientInfoEndpoint()

String org.xdi.oxauth.BaseTest.getClientInfoEndpoint ( )

inlineinherited

                                           {
         return clientInfoEndpoint;
     }

◆ getConfigurationEndpoint()

String org.xdi.oxauth.BaseTest.getConfigurationEndpoint ( )

inlineinherited

                                              {
         return configurationEndpoint;
     }

◆ getDriver()

WebDriver org.xdi.oxauth.BaseTest.getDriver ( )

inlineinherited

                                  {
         return driver;
     }

◆ getEndSessionEndpoint()

String org.xdi.oxauth.BaseTest.getEndSessionEndpoint ( )

inlineinherited

                                           {
         return endSessionEndpoint;
     }

◆ getIdGenEndpoint()

String org.xdi.oxauth.BaseTest.getIdGenEndpoint ( )

inlineinherited

                                      {
         return idGenEndpoint;
     }

◆ getIntrospectionEndpoint()

String org.xdi.oxauth.BaseTest.getIntrospectionEndpoint ( )

inlineinherited

                                              {
         return introspectionEndpoint;
     }

◆ getJwksUri()

String org.xdi.oxauth.BaseTest.getJwksUri ( )

inlineinherited

                                {
         return jwksUri;
     }

◆ getRegistrationEndpoint()

String org.xdi.oxauth.BaseTest.getRegistrationEndpoint ( )

inlineinherited

                                             {
         return registrationEndpoint;
     }

◆ getScopeToClaimsMapping()

Map<String, List<String> > org.xdi.oxauth.BaseTest.getScopeToClaimsMapping ( )

inlineinherited

                                                                {
         return scopeToClaimsMapping;
     }

◆ getTokenEndpoint()

String org.xdi.oxauth.BaseTest.getTokenEndpoint ( )

inlineinherited

                                      {
         return tokenEndpoint;
     }

◆ getUserInfoEndpoint()

String org.xdi.oxauth.BaseTest.getUserInfoEndpoint ( )

inlineinherited

                                         {
         return userInfoEndpoint;
     }

◆ initTestSuite()

void org.xdi.oxauth.BaseTest.initTestSuite ( ITestContext context ) throws FileNotFoundException, IOException

inlineinherited

                                                                                               {
         SecurityProviderUtility.installBCProvider();
 
         Reporter.log("Invoked init test suite method \n", true);
 
         String propertiesFile = context.getCurrentXmlTest().getParameter("propertiesFile");
         if (StringHelper.isEmpty(propertiesFile)) {
             propertiesFile = "target/test-classes/testng.properties";
             //propertiesFile = "U:\\own\\project\\git\\oxAuth\\Client\\src\\test\\resources\\testng_yuriy.properties";
             //propertiesFile = "/Users/JAVIER/IdeaProjects/oxAuth/Client/target/test-classes/testng.properties";
         }
 
         FileInputStream conf = new FileInputStream(propertiesFile);
         Properties prop = new Properties();
         prop.load(conf);
 
         Map<String, String> parameters = new HashMap<String, String>();
         for (Entry<Object, Object> entry : prop.entrySet()) {
             Object key = entry.getKey();
             Object value = entry.getValue();
 
             if (StringHelper.isEmptyString(key) || StringHelper.isEmptyString(value)) {
                 continue;
             }
             parameters.put(key.toString(), value.toString());
         }
 
         // Overrided test paramters
         context.getSuite().getXmlSuite().setParameters(parameters);
     }

◆ omittedTokenEndpointAuthMethod()

void org.xdi.oxauth.ws.rs.TokenEndpointAuthMethodRestrictionHttpTest.omittedTokenEndpointAuthMethod	(	final String	redirectUris,
		final String	sectorIdentifierUri
	)		throws Exception

inline

Register a client without specify a Token Endpoint Auth Method. Read client to check whether it is using the default Token Endpoint Auth Method client_secret_basic.

                                                                                                                              {
         showTitle("omittedTokenEndpointAuthMethod");
 
         // 1. Register client
         RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
                 StringUtils.spaceSeparatedToList(redirectUris));
         registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
 
         RegisterClient registerClient = new RegisterClient(registrationEndpoint);
         registerClient.setRequest(registerRequest);
         RegisterResponse registerResponse = registerClient.exec();
 
         showClient(registerClient);
         assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
         assertNotNull(registerResponse.getClientId());
         assertNotNull(registerResponse.getClientSecret());
         assertNotNull(registerResponse.getRegistrationAccessToken());
         assertNotNull(registerResponse.getClientIdIssuedAt());
         assertNotNull(registerResponse.getClientSecretExpiresAt());
 
         String registrationAccessToken = registerResponse.getRegistrationAccessToken();
         String registrationClientUri = registerResponse.getRegistrationClientUri();
 
         // 2. Client read
         RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
 
         RegisterClient readClient = new RegisterClient(registrationClientUri);
         readClient.setRequest(readClientRequest);
         RegisterResponse readClientResponse = readClient.exec();
 
         showClient(readClient);
         assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
         assertNotNull(readClientResponse.getClientId());
         assertNotNull(readClientResponse.getClientSecret());
         assertNotNull(readClientResponse.getClientIdIssuedAt());
         assertNotNull(readClientResponse.getClientSecretExpiresAt());
 
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_METHOD.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_METHOD.toString()),
                 AuthenticationMethod.CLIENT_SECRET_BASIC.toString());
         assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
         assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
         assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
         assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
         assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
         assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
     }

◆ output()

static void org.xdi.oxauth.BaseTest.output ( String p_msg )

inlinestaticinherited

                                                 {
                 System.out.println(p_msg);
         }

◆ setAuthorizationEndpoint()

void org.xdi.oxauth.BaseTest.setAuthorizationEndpoint ( String authorizationEndpoint )

inlineinherited

                                                                        {
         this.authorizationEndpoint = authorizationEndpoint;
     }

◆ setCheckSessionIFrame()

void org.xdi.oxauth.BaseTest.setCheckSessionIFrame ( String checkSessionIFrame )

inlineinherited

                                                                  {
         this.checkSessionIFrame = checkSessionIFrame;
     }

◆ setClientInfoEndpoint()

void org.xdi.oxauth.BaseTest.setClientInfoEndpoint ( String clientInfoEndpoint )

inlineinherited

                                                                  {
         this.clientInfoEndpoint = clientInfoEndpoint;
     }

◆ setConfigurationEndpoint()

void org.xdi.oxauth.BaseTest.setConfigurationEndpoint ( String configurationEndpoint )

inlineinherited

                                                                        {
         this.configurationEndpoint = configurationEndpoint;
     }

◆ setDriver()

void org.xdi.oxauth.BaseTest.setDriver ( WebDriver driver )

inlineinherited

                                             {
         this.driver = driver;
     }

◆ setEndSessionEndpoint()

void org.xdi.oxauth.BaseTest.setEndSessionEndpoint ( String endSessionEndpoint )

inlineinherited

                                                                  {
         this.endSessionEndpoint = endSessionEndpoint;
     }

◆ setIdGenEndpoint()

void org.xdi.oxauth.BaseTest.setIdGenEndpoint ( String p_idGenEndpoint )

inlineinherited

                                                          {
         idGenEndpoint = p_idGenEndpoint;
     }

◆ setIntrospectionEndpoint()

void org.xdi.oxauth.BaseTest.setIntrospectionEndpoint ( String p_introspectionEndpoint )

inlineinherited

                                                                          {
         introspectionEndpoint = p_introspectionEndpoint;
     }

◆ setJwksUri()

void org.xdi.oxauth.BaseTest.setJwksUri ( String jwksUri )

inlineinherited

                                            {
         this.jwksUri = jwksUri;
     }

◆ setRegistrationEndpoint()

void org.xdi.oxauth.BaseTest.setRegistrationEndpoint ( String registrationEndpoint )

inlineinherited

                                                                      {
         this.registrationEndpoint = registrationEndpoint;
     }

◆ setScopeToClaimsMapping()

void org.xdi.oxauth.BaseTest.setScopeToClaimsMapping ( Map< String, List< String >> p_scopeToClaimsMapping )

inlineinherited

                                                                                           {
         scopeToClaimsMapping = p_scopeToClaimsMapping;
     }

◆ setTokenEndpoint()

void org.xdi.oxauth.BaseTest.setTokenEndpoint ( String tokenEndpoint )

inlineinherited

                                                        {
         this.tokenEndpoint = tokenEndpoint;
     }

◆ setUserInfoEndpoint()

void org.xdi.oxauth.BaseTest.setUserInfoEndpoint ( String userInfoEndpoint )

inlineinherited

                                                              {
         this.userInfoEndpoint = userInfoEndpoint;
     }

◆ showClient() [1/2]

static void org.xdi.oxauth.BaseTest.showClient ( BaseClient client )

inlinestaticinherited

                                                      {
         ClientUtils.showClient(client);
     }

◆ showClient() [2/2]

static void org.xdi.oxauth.BaseTest.showClient	(	BaseClient	client,
		CookieStore	cookieStore
	)

inlinestaticinherited

                                                                               {
         ClientUtils.showClient(client, cookieStore);
     }

◆ showClientUserAgent()

static void org.xdi.oxauth.BaseTest.showClientUserAgent ( BaseClient client )

inlinestaticinherited

                                                               {
         ClientUtils.showClientUserAgent(client);
     }

◆ showEntity()

void org.xdi.oxauth.BaseTest.showEntity ( String entity )

inlineinherited

                                           {
         if (entity != null) {
             System.out.println("Entity: " + entity.replace("\\n", "\n"));
         }
     }

◆ showResponse() [1/2]

void org.xdi.oxauth.BaseTest.showResponse	(	String	title,
		Response	response
	)

inlineinherited

                                                                   {
                 showResponse(title, response, null);
         }

◆ showResponse() [2/2]

static void org.xdi.oxauth.BaseTest.showResponse	(	String	title,
		Response	response,
		Object	entity
	)

inlinestaticinherited

                                                                                         {
                 System.out.println(" ");
                 System.out.println("RESPONSE FOR: " + title);
                 System.out.println(response.getStatus());
                 for (Entry<String, List<Object>> headers : response.getHeaders().entrySet()) {
                         String headerName = headers.getKey();
                         System.out.println(headerName + ": " + headers.getValue());
                 }
 
                 if (entity != null) {
                         System.out.println(entity.toString().replace("\\n", "\n"));
                 }
                 System.out.println(" ");
                 System.out.println("Status message: " + response.getStatus());
         }

◆ showTitle() [1/2]

void org.xdi.oxauth.BaseTest.showTitle ( String title )

inlineinherited

                                             {
                 title = "TEST: " + title;
 
                 System.out.println("#######################################################");
                 System.out.println(title);
                 System.out.println("#######################################################");
         }

◆ showTitle() [2/2]

void org.xdi.oxauth.BaseTest.showTitle ( String title )

inlineinherited

                                         {
         title = "TEST: " + title;
 
         System.out.println("#######################################################");
         System.out.println(title);
         System.out.println("#######################################################");
     }

◆ startSelenium()

void org.xdi.oxauth.BaseTest.startSelenium ( )

inlineinherited

                                 {
         //System.setProperty("webdriver.chrome.driver", "/Users/JAVIER/tmp/chromedriver");
         //driver = new ChromeDriver();
 
         //driver = new SafariDriver();
 
         //driver = new FirefoxDriver();
 
         //driver = new InternetExplorerDriver();
 
         driver = new HtmlUnitDriver(true);
     }

◆ stopSelenium()

void org.xdi.oxauth.BaseTest.stopSelenium ( )

inlineinherited

                                {
 //        driver.close();
         driver.quit();
     }

◆ tokenEndpointAuthMethodClientSecretBasic()

void org.xdi.oxauth.ws.rs.TokenEndpointAuthMethodRestrictionHttpTest.tokenEndpointAuthMethodClientSecretBasic	(	final String	redirectUris,
		final String	redirectUri,
		final String	userId,
		final String	userSecret,
		final String	sectorIdentifierUri
	)		throws Exception

inline

Register a client with Token Endpoint Auth Method client_secret_basic. Read client to check whether it is using the Token Endpoint Auth Method client_secret_basic. Request authorization code. Call to Token Endpoint with Auth Method client_secret_basic.

                                                                {
         showTitle("tokenEndpointAuthMethodClientSecretBasic");
 
         // 1. Register client
         RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
                 StringUtils.spaceSeparatedToList(redirectUris));
         registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.CLIENT_SECRET_BASIC);
         registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
 
         RegisterClient registerClient = new RegisterClient(registrationEndpoint);
         registerClient.setRequest(registerRequest);
         RegisterResponse registerResponse = registerClient.exec();
 
         showClient(registerClient);
         assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
         assertNotNull(registerResponse.getClientId());
         assertNotNull(registerResponse.getClientSecret());
         assertNotNull(registerResponse.getRegistrationAccessToken());
         assertNotNull(registerResponse.getClientIdIssuedAt());
         assertNotNull(registerResponse.getClientSecretExpiresAt());
 
         String clientId = registerResponse.getClientId();
         String clientSecret = registerResponse.getClientSecret();
         String registrationAccessToken = registerResponse.getRegistrationAccessToken();
         String registrationClientUri = registerResponse.getRegistrationClientUri();
 
         // 2. Client read
         RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
 
         RegisterClient readClient = new RegisterClient(registrationClientUri);
         readClient.setRequest(readClientRequest);
         RegisterResponse readClientResponse = readClient.exec();
 
         showClient(readClient);
         assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
         assertNotNull(readClientResponse.getClientId());
         assertNotNull(readClientResponse.getClientSecret());
         assertNotNull(readClientResponse.getClientIdIssuedAt());
         assertNotNull(readClientResponse.getClientSecretExpiresAt());
 
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_METHOD.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_METHOD.toString()),
                 AuthenticationMethod.CLIENT_SECRET_BASIC.toString());
         assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
         assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
         assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
         assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
         assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
         assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
 
         // 3. Request authorization
         List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
         List<String> scopes = Arrays.asList(
                 "openid",
                 "profile",
                 "address",
                 "email");
         String state = UUID.randomUUID().toString();
 
         AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
         authorizationRequest.setState(state);
 
         AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
                 authorizationEndpoint, authorizationRequest, userId, userSecret);
 
         assertNotNull(authorizationResponse.getLocation(), "The location is null");
         assertNotNull(authorizationResponse.getCode(), "The authorization code is null");
         assertNotNull(authorizationResponse.getState(), "The state is null");
         assertNotNull(authorizationResponse.getScope(), "The scope is null");
         assertNull(authorizationResponse.getIdToken(), "The id token is not null");
 
         String authorizationCode = authorizationResponse.getCode();
 
         // 4. Get Access Token
         TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
         tokenRequest.setCode(authorizationCode);
         tokenRequest.setRedirectUri(redirectUri);
         tokenRequest.setAuthUsername(clientId);
         tokenRequest.setAuthPassword(clientSecret);
         tokenRequest.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_BASIC);
 
         TokenClient tokenClient = new TokenClient(tokenEndpoint);
         tokenClient.setRequest(tokenRequest);
         TokenResponse tokenResponse = tokenClient.exec();
 
         showClient(tokenClient);
         assertEquals(tokenResponse.getStatus(), 200, "Unexpected response code: " + tokenResponse.getStatus());
         assertNotNull(tokenResponse.getEntity(), "The entity is null");
         assertNotNull(tokenResponse.getAccessToken(), "The access token is null");
         assertNotNull(tokenResponse.getExpiresIn(), "The expires in value is null");
         assertNotNull(tokenResponse.getTokenType(), "The token type is null");
         assertNotNull(tokenResponse.getRefreshToken(), "The refresh token is null");
     }

◆ tokenEndpointAuthMethodClientSecretBasicFail1()

void org.xdi.oxauth.ws.rs.TokenEndpointAuthMethodRestrictionHttpTest.tokenEndpointAuthMethodClientSecretBasicFail1	(	final String	redirectUris,
		final String	redirectUri,
		final String	userId,
		final String	userSecret,
		final String	sectorIdentifierUri
	)		throws Exception

inline

Fail 1: Call to Token Endpoint with Auth Method client_secret_post should fail.

                                                                {
         showTitle("tokenEndpointAuthMethodClientSecretBasicFail1");
 
         // 1. Register client
         RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
                 StringUtils.spaceSeparatedToList(redirectUris));
         registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.CLIENT_SECRET_BASIC);
         registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
 
         RegisterClient registerClient = new RegisterClient(registrationEndpoint);
         registerClient.setRequest(registerRequest);
         RegisterResponse registerResponse = registerClient.exec();
 
         showClient(registerClient);
         assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
         assertNotNull(registerResponse.getClientId());
         assertNotNull(registerResponse.getClientSecret());
         assertNotNull(registerResponse.getRegistrationAccessToken());
         assertNotNull(registerResponse.getClientIdIssuedAt());
         assertNotNull(registerResponse.getClientSecretExpiresAt());
 
         String clientId = registerResponse.getClientId();
         String clientSecret = registerResponse.getClientSecret();
         String registrationAccessToken = registerResponse.getRegistrationAccessToken();
         String registrationClientUri = registerResponse.getRegistrationClientUri();
 
         // 2. Client read
         RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
 
         RegisterClient readClient = new RegisterClient(registrationClientUri);
         readClient.setRequest(readClientRequest);
         RegisterResponse readClientResponse = readClient.exec();
 
         showClient(readClient);
         assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
         assertNotNull(readClientResponse.getClientId());
         assertNotNull(readClientResponse.getClientSecret());
         assertNotNull(readClientResponse.getClientIdIssuedAt());
         assertNotNull(readClientResponse.getClientSecretExpiresAt());
 
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_METHOD.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_METHOD.toString()),
                 AuthenticationMethod.CLIENT_SECRET_BASIC.toString());
         assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
         assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
         assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
         assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
         assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
         assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
 
         // 3. Request authorization
         List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
         List<String> scopes = Arrays.asList(
                 "openid",
                 "profile",
                 "address",
                 "email");
         String state = UUID.randomUUID().toString();
 
         AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
         authorizationRequest.setState(state);
 
         AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
                 authorizationEndpoint, authorizationRequest, userId, userSecret);
 
         assertNotNull(authorizationResponse.getLocation(), "The location is null");
         assertNotNull(authorizationResponse.getCode(), "The authorization code is null");
         assertNotNull(authorizationResponse.getState(), "The state is null");
         assertNotNull(authorizationResponse.getScope(), "The scope is null");
         assertNull(authorizationResponse.getIdToken(), "The id token is not null");
 
         String authorizationCode = authorizationResponse.getCode();
 
         // 4. Get Access Token
         TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
         tokenRequest.setCode(authorizationCode);
         tokenRequest.setRedirectUri(redirectUri);
         tokenRequest.setAuthUsername(clientId);
         tokenRequest.setAuthPassword(clientSecret);
         tokenRequest.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_POST);
 
         TokenClient tokenClient = new TokenClient(tokenEndpoint);
         tokenClient.setRequest(tokenRequest);
         TokenResponse tokenResponse = tokenClient.exec();
 
         showClient(tokenClient);
         assertEquals(tokenResponse.getStatus(), 401, "Unexpected response code: " + tokenResponse.getStatus());
         assertNotNull(tokenResponse.getErrorType(), "The error type is null");
         assertNotNull(tokenResponse.getErrorDescription(), "The error description is null");
     }

◆ tokenEndpointAuthMethodClientSecretBasicFail2()

void org.xdi.oxauth.ws.rs.TokenEndpointAuthMethodRestrictionHttpTest.tokenEndpointAuthMethodClientSecretBasicFail2	(	final String	redirectUris,
		final String	redirectUri,
		final String	userId,
		final String	userSecret,
		final String	sectorIdentifierUri
	)		throws Exception

inline

Fail 2: Call to Token Endpoint with Auth Method client_secret_jwt should fail.

                                                                {
         showTitle("tokenEndpointAuthMethodClientSecretBasicFail2");
 
         // 1. Register client
         RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
                 StringUtils.spaceSeparatedToList(redirectUris));
         registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.CLIENT_SECRET_BASIC);
         registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
 
         RegisterClient registerClient = new RegisterClient(registrationEndpoint);
         registerClient.setRequest(registerRequest);
         RegisterResponse registerResponse = registerClient.exec();
 
         showClient(registerClient);
         assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
         assertNotNull(registerResponse.getClientId());
         assertNotNull(registerResponse.getClientSecret());
         assertNotNull(registerResponse.getRegistrationAccessToken());
         assertNotNull(registerResponse.getClientIdIssuedAt());
         assertNotNull(registerResponse.getClientSecretExpiresAt());
 
         String clientId = registerResponse.getClientId();
         String clientSecret = registerResponse.getClientSecret();
         String registrationAccessToken = registerResponse.getRegistrationAccessToken();
         String registrationClientUri = registerResponse.getRegistrationClientUri();
 
         // 2. Client read
         RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
 
         RegisterClient readClient = new RegisterClient(registrationClientUri);
         readClient.setRequest(readClientRequest);
         RegisterResponse readClientResponse = readClient.exec();
 
         showClient(readClient);
         assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
         assertNotNull(readClientResponse.getClientId());
         assertNotNull(readClientResponse.getClientSecret());
         assertNotNull(readClientResponse.getClientIdIssuedAt());
         assertNotNull(readClientResponse.getClientSecretExpiresAt());
 
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_METHOD.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_METHOD.toString()),
                 AuthenticationMethod.CLIENT_SECRET_BASIC.toString());
         assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
         assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
         assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
         assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
         assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
         assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
 
         // 3. Request authorization
         List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
         List<String> scopes = Arrays.asList(
                 "openid",
                 "profile",
                 "address",
                 "email");
         String state = UUID.randomUUID().toString();
 
         AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
         authorizationRequest.setState(state);
 
         AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
                 authorizationEndpoint, authorizationRequest, userId, userSecret);
 
         assertNotNull(authorizationResponse.getLocation(), "The location is null");
         assertNotNull(authorizationResponse.getCode(), "The authorization code is null");
         assertNotNull(authorizationResponse.getState(), "The state is null");
         assertNotNull(authorizationResponse.getScope(), "The scope is null");
         assertNull(authorizationResponse.getIdToken(), "The id token is not null");
 
         String authorizationCode = authorizationResponse.getCode();
 
         // 4. Get Access Token
         TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
         tokenRequest.setAudience(tokenEndpoint);
         tokenRequest.setCode(authorizationCode);
         tokenRequest.setRedirectUri(redirectUri);
         tokenRequest.setAuthUsername(clientId);
         tokenRequest.setAuthPassword(clientSecret);
         tokenRequest.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_JWT);
 
         TokenClient tokenClient = new TokenClient(tokenEndpoint);
         tokenClient.setRequest(tokenRequest);
         TokenResponse tokenResponse = tokenClient.exec();
 
         showClient(tokenClient);
         assertEquals(tokenResponse.getStatus(), 401, "Unexpected response code: " + tokenResponse.getStatus());
         assertNotNull(tokenResponse.getErrorType(), "The error type is null");
         assertNotNull(tokenResponse.getErrorDescription(), "The error description is null");
     }

◆ tokenEndpointAuthMethodClientSecretBasicFail3()

void org.xdi.oxauth.ws.rs.TokenEndpointAuthMethodRestrictionHttpTest.tokenEndpointAuthMethodClientSecretBasicFail3	(	final String	redirectUris,
		final String	redirectUri,
		final String	userId,
		final String	userSecret,
		final String	keyId,
		final String	keyStoreFile,
		final String	keyStoreSecret,
		final String	sectorIdentifierUri
	)		throws Exception

inline

Fail 3: Call to Token Endpoint with Auth Method private_key_jwt should fail.

                                                                                                                                            {
         showTitle("tokenEndpointAuthMethodClientSecretBasicFail3");
 
         // 1. Register client
         RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
                 StringUtils.spaceSeparatedToList(redirectUris));
         registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.CLIENT_SECRET_BASIC);
         registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
 
         RegisterClient registerClient = new RegisterClient(registrationEndpoint);
         registerClient.setRequest(registerRequest);
         RegisterResponse registerResponse = registerClient.exec();
 
         showClient(registerClient);
         assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
         assertNotNull(registerResponse.getClientId());
         assertNotNull(registerResponse.getClientSecret());
         assertNotNull(registerResponse.getRegistrationAccessToken());
         assertNotNull(registerResponse.getClientIdIssuedAt());
         assertNotNull(registerResponse.getClientSecretExpiresAt());
 
         String clientId = registerResponse.getClientId();
         String clientSecret = registerResponse.getClientSecret();
         String registrationAccessToken = registerResponse.getRegistrationAccessToken();
         String registrationClientUri = registerResponse.getRegistrationClientUri();
 
         // 2. Client read
         RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
 
         RegisterClient readClient = new RegisterClient(registrationClientUri);
         readClient.setRequest(readClientRequest);
         RegisterResponse readClientResponse = readClient.exec();
 
         showClient(readClient);
         assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
         assertNotNull(readClientResponse.getClientId());
         assertNotNull(readClientResponse.getClientSecret());
         assertNotNull(readClientResponse.getClientIdIssuedAt());
         assertNotNull(readClientResponse.getClientSecretExpiresAt());
 
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_METHOD.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_METHOD.toString()),
                 AuthenticationMethod.CLIENT_SECRET_BASIC.toString());
         assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
         assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
         assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
         assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
         assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
         assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
 
         // 3. Request authorization
         List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
         List<String> scopes = Arrays.asList(
                 "openid",
                 "profile",
                 "address",
                 "email");
         String state = UUID.randomUUID().toString();
 
         AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
         authorizationRequest.setState(state);
 
         AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
                 authorizationEndpoint, authorizationRequest, userId, userSecret);
 
         assertNotNull(authorizationResponse.getLocation(), "The location is null");
         assertNotNull(authorizationResponse.getCode(), "The authorization code is null");
         assertNotNull(authorizationResponse.getState(), "The state is null");
         assertNotNull(authorizationResponse.getScope(), "The scope is null");
         assertNull(authorizationResponse.getIdToken(), "The id token is not null");
 
         String authorizationCode = authorizationResponse.getCode();
 
         // 4. Get Access Token
         OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, null);
 
         TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
         tokenRequest.setAuthenticationMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
         tokenRequest.setAlgorithm(SignatureAlgorithm.RS256);
         tokenRequest.setKeyId(keyId);
         tokenRequest.setCryptoProvider(cryptoProvider);
         tokenRequest.setAudience(tokenEndpoint);
         tokenRequest.setCode(authorizationCode);
         tokenRequest.setRedirectUri(redirectUri);
         tokenRequest.setAuthUsername(clientId);
         tokenRequest.setAuthPassword(clientSecret);
 
 
         TokenClient tokenClient = new TokenClient(tokenEndpoint);
         tokenClient.setRequest(tokenRequest);
         TokenResponse tokenResponse = tokenClient.exec();
 
         showClient(tokenClient);
         assertEquals(tokenResponse.getStatus(), 401, "Unexpected response code: " + tokenResponse.getStatus());
         assertNotNull(tokenResponse.getErrorType(), "The error type is null");
         assertNotNull(tokenResponse.getErrorDescription(), "The error description is null");
     }

◆ tokenEndpointAuthMethodClientSecretJwt()

void org.xdi.oxauth.ws.rs.TokenEndpointAuthMethodRestrictionHttpTest.tokenEndpointAuthMethodClientSecretJwt	(	final String	redirectUris,
		final String	redirectUri,
		final String	userId,
		final String	userSecret,
		final String	dnName,
		final String	keyStoreFile,
		final String	keyStoreSecret,
		final String	sectorIdentifierUri
	)		throws Exception

inline

Register a client with Token Endpoint Auth Method client_secret_jwt. Read client to check whether it is using the Token Endpoint Auth Method client_secret_jwt. Request authorization code. Call to Token Endpoint with Auth Method client_secret_Jwt.

                                                                                                                                             {
         showTitle("tokenEndpointAuthMethodClientSecretJwt");
 
         // 1. Register client
         RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
                 StringUtils.spaceSeparatedToList(redirectUris));
         registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.CLIENT_SECRET_JWT);
         registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
 
         RegisterClient registerClient = new RegisterClient(registrationEndpoint);
         registerClient.setRequest(registerRequest);
         RegisterResponse registerResponse = registerClient.exec();
 
         showClient(registerClient);
         assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
         assertNotNull(registerResponse.getClientId());
         assertNotNull(registerResponse.getClientSecret());
         assertNotNull(registerResponse.getRegistrationAccessToken());
         assertNotNull(registerResponse.getClientIdIssuedAt());
         assertNotNull(registerResponse.getClientSecretExpiresAt());
 
         String clientId = registerResponse.getClientId();
         String clientSecret = registerResponse.getClientSecret();
         String registrationAccessToken = registerResponse.getRegistrationAccessToken();
         String registrationClientUri = registerResponse.getRegistrationClientUri();
 
         // 2. Client read
         RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
 
         RegisterClient readClient = new RegisterClient(registrationClientUri);
         readClient.setRequest(readClientRequest);
         RegisterResponse readClientResponse = readClient.exec();
 
         showClient(readClient);
         assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
         assertNotNull(readClientResponse.getClientId());
         assertNotNull(readClientResponse.getClientSecret());
         assertNotNull(readClientResponse.getClientIdIssuedAt());
         assertNotNull(readClientResponse.getClientSecretExpiresAt());
 
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_METHOD.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_METHOD.toString()),
                 AuthenticationMethod.CLIENT_SECRET_JWT.toString());
         assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
         assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
         assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
         assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
         assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
         assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
 
         // 3. Request authorization
         List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
         List<String> scopes = Arrays.asList(
                 "openid",
                 "profile",
                 "address",
                 "email");
         String state = UUID.randomUUID().toString();
 
         AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
         authorizationRequest.setState(state);
 
         AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
                 authorizationEndpoint, authorizationRequest, userId, userSecret);
 
         assertNotNull(authorizationResponse.getLocation(), "The location is null");
         assertNotNull(authorizationResponse.getCode(), "The authorization code is null");
         assertNotNull(authorizationResponse.getState(), "The state is null");
         assertNotNull(authorizationResponse.getScope(), "The scope is null");
         assertNull(authorizationResponse.getIdToken(), "The id token is not null");
 
         String authorizationCode = authorizationResponse.getCode();
 
         // 4. Get Access Token
         OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
 
         TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
         tokenRequest.setAudience(tokenEndpoint);
         tokenRequest.setCode(authorizationCode);
         tokenRequest.setRedirectUri(redirectUri);
         tokenRequest.setAuthUsername(clientId);
         tokenRequest.setAuthPassword(clientSecret);
         tokenRequest.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_JWT);
         tokenRequest.setCryptoProvider(cryptoProvider);
 
         TokenClient tokenClient = new TokenClient(tokenEndpoint);
         tokenClient.setRequest(tokenRequest);
         TokenResponse tokenResponse = tokenClient.exec();
 
         showClient(tokenClient);
         assertEquals(tokenResponse.getStatus(), 200, "Unexpected response code: " + tokenResponse.getStatus());
         assertNotNull(tokenResponse.getEntity(), "The entity is null");
         assertNotNull(tokenResponse.getAccessToken(), "The access token is null");
         assertNotNull(tokenResponse.getExpiresIn(), "The expires in value is null");
         assertNotNull(tokenResponse.getTokenType(), "The token type is null");
         assertNotNull(tokenResponse.getRefreshToken(), "The refresh token is null");
     }

◆ tokenEndpointAuthMethodClientSecretJwtES256Fail()

void org.xdi.oxauth.ws.rs.TokenEndpointAuthMethodRestrictionHttpTest.tokenEndpointAuthMethodClientSecretJwtES256Fail	(	final String	redirectUris,
		final String	redirectUri,
		final String	userId,
		final String	userSecret,
		final String	dnName,
		final String	keyStoreFile,
		final String	keyStoreSecret,
		final String	keyId,
		final String	sectorIdentifierUri
	)		throws Exception

inline

If token_endpoint_auth_signing_alg is omitted in client registration, only symmetric algorithm supported by the OP and the RP can be used.

                                                                {
         showTitle("tokenEndpointAuthMethodClientSecretJwtES256Fail");
 
         // 1. Register client
         RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
                 StringUtils.spaceSeparatedToList(redirectUris));
         registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.CLIENT_SECRET_JWT);
         registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
 
         RegisterClient registerClient = new RegisterClient(registrationEndpoint);
         registerClient.setRequest(registerRequest);
         RegisterResponse registerResponse = registerClient.exec();
 
         showClient(registerClient);
         assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
         assertNotNull(registerResponse.getClientId());
         assertNotNull(registerResponse.getClientSecret());
         assertNotNull(registerResponse.getRegistrationAccessToken());
         assertNotNull(registerResponse.getClientIdIssuedAt());
         assertNotNull(registerResponse.getClientSecretExpiresAt());
 
         String clientId = registerResponse.getClientId();
         String clientSecret = registerResponse.getClientSecret();
         String registrationAccessToken = registerResponse.getRegistrationAccessToken();
         String registrationClientUri = registerResponse.getRegistrationClientUri();
 
         // 2. Client read
         RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
 
         RegisterClient readClient = new RegisterClient(registrationClientUri);
         readClient.setRequest(readClientRequest);
         RegisterResponse readClientResponse = readClient.exec();
 
         showClient(readClient);
         assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
         assertNotNull(readClientResponse.getClientId());
         assertNotNull(readClientResponse.getClientSecret());
         assertNotNull(readClientResponse.getClientIdIssuedAt());
         assertNotNull(readClientResponse.getClientSecretExpiresAt());
 
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_METHOD.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_METHOD.toString()),
                 AuthenticationMethod.CLIENT_SECRET_JWT.toString());
         assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
         assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
         assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
         assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
         assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
         assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
 
         // 3. Request authorization
         List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
         List<String> scopes = Arrays.asList(
                 "openid",
                 "profile",
                 "address",
                 "email");
         String state = UUID.randomUUID().toString();
 
         AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
         authorizationRequest.setState(state);
 
         AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
                 authorizationEndpoint, authorizationRequest, userId, userSecret);
 
         assertNotNull(authorizationResponse.getLocation(), "The location is null");
         assertNotNull(authorizationResponse.getCode(), "The authorization code is null");
         assertNotNull(authorizationResponse.getState(), "The state is null");
         assertNotNull(authorizationResponse.getScope(), "The scope is null");
         assertNull(authorizationResponse.getIdToken(), "The id token is not null");
 
         String authorizationCode = authorizationResponse.getCode();
 
         // 4. Get Access Token
         OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
 
         TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
         tokenRequest.setAudience(tokenEndpoint);
         tokenRequest.setCode(authorizationCode);
         tokenRequest.setRedirectUri(redirectUri);
         tokenRequest.setAuthUsername(clientId);
         tokenRequest.setAuthPassword(clientSecret);
         tokenRequest.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_JWT);
         tokenRequest.setAlgorithm(SignatureAlgorithm.ES256);
         tokenRequest.setKeyId(keyId);
         tokenRequest.setCryptoProvider(cryptoProvider);
 
         TokenClient tokenClient = new TokenClient(tokenEndpoint);
         tokenClient.setRequest(tokenRequest);
         TokenResponse tokenResponse = tokenClient.exec();
 
         showClient(tokenClient);
         assertEquals(tokenResponse.getStatus(), 401, "Unexpected response code: " + tokenResponse.getStatus());
         assertNotNull(tokenResponse.getErrorType(), "The error type is null");
         assertNotNull(tokenResponse.getErrorDescription(), "The error description is null");
     }

◆ tokenEndpointAuthMethodClientSecretJwtES384Fail()

void org.xdi.oxauth.ws.rs.TokenEndpointAuthMethodRestrictionHttpTest.tokenEndpointAuthMethodClientSecretJwtES384Fail	(	final String	redirectUris,
		final String	redirectUri,
		final String	userId,
		final String	userSecret,
		final String	dnName,
		final String	keyStoreFile,
		final String	keyStoreSecret,
		final String	keyId,
		final String	sectorIdentifierUri
	)		throws Exception

inline

If token_endpoint_auth_signing_alg is omitted in client registration, only symmetric algorithm supported by the OP and the RP can be used.

                                                                {
         showTitle("tokenEndpointAuthMethodClientSecretJwtES384Fail");
 
         // 1. Register client
         RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
                 StringUtils.spaceSeparatedToList(redirectUris));
         registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.CLIENT_SECRET_JWT);
         registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
 
         RegisterClient registerClient = new RegisterClient(registrationEndpoint);
         registerClient.setRequest(registerRequest);
         RegisterResponse registerResponse = registerClient.exec();
 
         showClient(registerClient);
         assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
         assertNotNull(registerResponse.getClientId());
         assertNotNull(registerResponse.getClientSecret());
         assertNotNull(registerResponse.getRegistrationAccessToken());
         assertNotNull(registerResponse.getClientIdIssuedAt());
         assertNotNull(registerResponse.getClientSecretExpiresAt());
 
         String clientId = registerResponse.getClientId();
         String clientSecret = registerResponse.getClientSecret();
         String registrationAccessToken = registerResponse.getRegistrationAccessToken();
         String registrationClientUri = registerResponse.getRegistrationClientUri();
 
         // 2. Client read
         RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
 
         RegisterClient readClient = new RegisterClient(registrationClientUri);
         readClient.setRequest(readClientRequest);
         RegisterResponse readClientResponse = readClient.exec();
 
         showClient(readClient);
         assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
         assertNotNull(readClientResponse.getClientId());
         assertNotNull(readClientResponse.getClientSecret());
         assertNotNull(readClientResponse.getClientIdIssuedAt());
         assertNotNull(readClientResponse.getClientSecretExpiresAt());
 
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_METHOD.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_METHOD.toString()),
                 AuthenticationMethod.CLIENT_SECRET_JWT.toString());
         assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
         assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
         assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
         assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
         assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
         assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
 
         // 3. Request authorization
         List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
         List<String> scopes = Arrays.asList(
                 "openid",
                 "profile",
                 "address",
                 "email");
         String state = UUID.randomUUID().toString();
 
         AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
         authorizationRequest.setState(state);
 
         AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
                 authorizationEndpoint, authorizationRequest, userId, userSecret);
 
         assertNotNull(authorizationResponse.getLocation(), "The location is null");
         assertNotNull(authorizationResponse.getCode(), "The authorization code is null");
         assertNotNull(authorizationResponse.getState(), "The state is null");
         assertNotNull(authorizationResponse.getScope(), "The scope is null");
         assertNull(authorizationResponse.getIdToken(), "The id token is not null");
 
         String authorizationCode = authorizationResponse.getCode();
 
         // 4. Get Access Token
         OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
 
         TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
         tokenRequest.setAudience(tokenEndpoint);
         tokenRequest.setCode(authorizationCode);
         tokenRequest.setRedirectUri(redirectUri);
         tokenRequest.setAuthUsername(clientId);
         tokenRequest.setAuthPassword(clientSecret);
         tokenRequest.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_JWT);
         tokenRequest.setAlgorithm(SignatureAlgorithm.ES384);
         tokenRequest.setKeyId(keyId);
         tokenRequest.setCryptoProvider(cryptoProvider);
 
         TokenClient tokenClient = new TokenClient(tokenEndpoint);
         tokenClient.setRequest(tokenRequest);
         TokenResponse tokenResponse = tokenClient.exec();
 
         showClient(tokenClient);
         assertEquals(tokenResponse.getStatus(), 401, "Unexpected response code: " + tokenResponse.getStatus());
         assertNotNull(tokenResponse.getErrorType(), "The error type is null");
         assertNotNull(tokenResponse.getErrorDescription(), "The error description is null");
     }

◆ tokenEndpointAuthMethodClientSecretJwtES512Fail()

void org.xdi.oxauth.ws.rs.TokenEndpointAuthMethodRestrictionHttpTest.tokenEndpointAuthMethodClientSecretJwtES512Fail	(	final String	redirectUris,
		final String	redirectUri,
		final String	userId,
		final String	userSecret,
		final String	dnName,
		final String	keyStoreFile,
		final String	keyStoreSecret,
		final String	keyId,
		final String	sectorIdentifierUri
	)		throws Exception

inline

If token_endpoint_auth_signing_alg is omitted in client registration, only symmetric algorithm supported by the OP and the RP can be used.

                                                                {
         showTitle("tokenEndpointAuthMethodClientSecretJwtES512Fail");
 
         // 1. Register client
         RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
                 StringUtils.spaceSeparatedToList(redirectUris));
         registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.CLIENT_SECRET_JWT);
         registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
 
         RegisterClient registerClient = new RegisterClient(registrationEndpoint);
         registerClient.setRequest(registerRequest);
         RegisterResponse registerResponse = registerClient.exec();
 
         showClient(registerClient);
         assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
         assertNotNull(registerResponse.getClientId());
         assertNotNull(registerResponse.getClientSecret());
         assertNotNull(registerResponse.getRegistrationAccessToken());
         assertNotNull(registerResponse.getClientIdIssuedAt());
         assertNotNull(registerResponse.getClientSecretExpiresAt());
 
         String clientId = registerResponse.getClientId();
         String clientSecret = registerResponse.getClientSecret();
         String registrationAccessToken = registerResponse.getRegistrationAccessToken();
         String registrationClientUri = registerResponse.getRegistrationClientUri();
 
         // 2. Client read
         RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
 
         RegisterClient readClient = new RegisterClient(registrationClientUri);
         readClient.setRequest(readClientRequest);
         RegisterResponse readClientResponse = readClient.exec();
 
         showClient(readClient);
         assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
         assertNotNull(readClientResponse.getClientId());
         assertNotNull(readClientResponse.getClientSecret());
         assertNotNull(readClientResponse.getClientIdIssuedAt());
         assertNotNull(readClientResponse.getClientSecretExpiresAt());
 
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_METHOD.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_METHOD.toString()),
                 AuthenticationMethod.CLIENT_SECRET_JWT.toString());
         assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
         assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
         assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
         assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
         assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
         assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
 
         // 3. Request authorization
         List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
         List<String> scopes = Arrays.asList(
                 "openid",
                 "profile",
                 "address",
                 "email");
         String state = UUID.randomUUID().toString();
 
         AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
         authorizationRequest.setState(state);
 
         AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
                 authorizationEndpoint, authorizationRequest, userId, userSecret);
 
         assertNotNull(authorizationResponse.getLocation(), "The location is null");
         assertNotNull(authorizationResponse.getCode(), "The authorization code is null");
         assertNotNull(authorizationResponse.getState(), "The state is null");
         assertNotNull(authorizationResponse.getScope(), "The scope is null");
         assertNull(authorizationResponse.getIdToken(), "The id token is not null");
 
         String authorizationCode = authorizationResponse.getCode();
 
         // 4. Get Access Token
         OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
 
         TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
         tokenRequest.setAudience(tokenEndpoint);
         tokenRequest.setCode(authorizationCode);
         tokenRequest.setRedirectUri(redirectUri);
         tokenRequest.setAuthUsername(clientId);
         tokenRequest.setAuthPassword(clientSecret);
         tokenRequest.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_JWT);
         tokenRequest.setAlgorithm(SignatureAlgorithm.ES512);
         tokenRequest.setKeyId(keyId);
         tokenRequest.setCryptoProvider(cryptoProvider);
 
         TokenClient tokenClient = new TokenClient(tokenEndpoint);
         tokenClient.setRequest(tokenRequest);
         TokenResponse tokenResponse = tokenClient.exec();
 
         showClient(tokenClient);
         assertEquals(tokenResponse.getStatus(), 401, "Unexpected response code: " + tokenResponse.getStatus());
         assertNotNull(tokenResponse.getErrorType(), "The error type is null");
         assertNotNull(tokenResponse.getErrorDescription(), "The error description is null");
     }

◆ tokenEndpointAuthMethodClientSecretJwtFail1()

void org.xdi.oxauth.ws.rs.TokenEndpointAuthMethodRestrictionHttpTest.tokenEndpointAuthMethodClientSecretJwtFail1	(	final String	redirectUris,
		final String	redirectUri,
		final String	userId,
		final String	userSecret,
		final String	sectorIdentifierUri
	)		throws Exception

inline

Fail 1: Call to Token Endpoint with Auth Method client_secret_basic should fail.

                                                                {
         showTitle("tokenEndpointAuthMethodClientSecretJwtFail1");
 
         // 1. Register client
         RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
                 StringUtils.spaceSeparatedToList(redirectUris));
         registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.CLIENT_SECRET_JWT);
         registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
 
         RegisterClient registerClient = new RegisterClient(registrationEndpoint);
         registerClient.setRequest(registerRequest);
         RegisterResponse registerResponse = registerClient.exec();
 
         showClient(registerClient);
         assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
         assertNotNull(registerResponse.getClientId());
         assertNotNull(registerResponse.getClientSecret());
         assertNotNull(registerResponse.getRegistrationAccessToken());
         assertNotNull(registerResponse.getClientIdIssuedAt());
         assertNotNull(registerResponse.getClientSecretExpiresAt());
 
         String clientId = registerResponse.getClientId();
         String clientSecret = registerResponse.getClientSecret();
         String registrationAccessToken = registerResponse.getRegistrationAccessToken();
         String registrationClientUri = registerResponse.getRegistrationClientUri();
 
         // 2. Client read
         RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
 
         RegisterClient readClient = new RegisterClient(registrationClientUri);
         readClient.setRequest(readClientRequest);
         RegisterResponse readClientResponse = readClient.exec();
 
         showClient(readClient);
         assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
         assertNotNull(readClientResponse.getClientId());
         assertNotNull(readClientResponse.getClientSecret());
         assertNotNull(readClientResponse.getClientIdIssuedAt());
         assertNotNull(readClientResponse.getClientSecretExpiresAt());
 
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_METHOD.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_METHOD.toString()),
                 AuthenticationMethod.CLIENT_SECRET_JWT.toString());
         assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
         assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
         assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
         assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
         assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
         assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
 
         // 3. Request authorization
         List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
         List<String> scopes = Arrays.asList(
                 "openid",
                 "profile",
                 "address",
                 "email");
         String state = UUID.randomUUID().toString();
 
         AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
         authorizationRequest.setState(state);
 
         AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
                 authorizationEndpoint, authorizationRequest, userId, userSecret);
 
         assertNotNull(authorizationResponse.getLocation(), "The location is null");
         assertNotNull(authorizationResponse.getCode(), "The authorization code is null");
         assertNotNull(authorizationResponse.getState(), "The state is null");
         assertNotNull(authorizationResponse.getScope(), "The scope is null");
         assertNull(authorizationResponse.getIdToken(), "The id token is not null");
 
         String authorizationCode = authorizationResponse.getCode();
 
         // 4. Get Access Token
         TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
         tokenRequest.setCode(authorizationCode);
         tokenRequest.setRedirectUri(redirectUri);
         tokenRequest.setAuthUsername(clientId);
         tokenRequest.setAuthPassword(clientSecret);
         tokenRequest.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_BASIC);
 
         TokenClient tokenClient = new TokenClient(tokenEndpoint);
         tokenClient.setRequest(tokenRequest);
         TokenResponse tokenResponse = tokenClient.exec();
 
         showClient(tokenClient);
         assertEquals(tokenResponse.getStatus(), 401, "Unexpected response code: " + tokenResponse.getStatus());
         assertNotNull(tokenResponse.getErrorType(), "The error type is null");
         assertNotNull(tokenResponse.getErrorDescription(), "The error description is null");
     }

◆ tokenEndpointAuthMethodClientSecretJwtFail2()

void org.xdi.oxauth.ws.rs.TokenEndpointAuthMethodRestrictionHttpTest.tokenEndpointAuthMethodClientSecretJwtFail2	(	final String	redirectUris,
		final String	redirectUri,
		final String	userId,
		final String	userSecret,
		final String	sectorIdentifierUri
	)		throws Exception

inline

Fail 2: Call to Token Endpoint with Auth Method client_secret_post should fail.

                                                                {
         showTitle("tokenEndpointAuthMethodClientSecretJwtFail2");
 
         // 1. Register client
         RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
                 StringUtils.spaceSeparatedToList(redirectUris));
         registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.CLIENT_SECRET_JWT);
         registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
 
         RegisterClient registerClient = new RegisterClient(registrationEndpoint);
         registerClient.setRequest(registerRequest);
         RegisterResponse registerResponse = registerClient.exec();
 
         showClient(registerClient);
         assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
         assertNotNull(registerResponse.getClientId());
         assertNotNull(registerResponse.getClientSecret());
         assertNotNull(registerResponse.getRegistrationAccessToken());
         assertNotNull(registerResponse.getClientIdIssuedAt());
         assertNotNull(registerResponse.getClientSecretExpiresAt());
 
         String clientId = registerResponse.getClientId();
         String clientSecret = registerResponse.getClientSecret();
         String registrationAccessToken = registerResponse.getRegistrationAccessToken();
         String registrationClientUri = registerResponse.getRegistrationClientUri();
 
         // 2. Client read
         RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
 
         RegisterClient readClient = new RegisterClient(registrationClientUri);
         readClient.setRequest(readClientRequest);
         RegisterResponse readClientResponse = readClient.exec();
 
         showClient(readClient);
         assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
         assertNotNull(readClientResponse.getClientId());
         assertNotNull(readClientResponse.getClientSecret());
         assertNotNull(readClientResponse.getClientIdIssuedAt());
         assertNotNull(readClientResponse.getClientSecretExpiresAt());
 
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_METHOD.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_METHOD.toString()),
                 AuthenticationMethod.CLIENT_SECRET_JWT.toString());
         assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
         assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
         assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
         assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
         assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
         assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
 
         // 3. Request authorization
         List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
         List<String> scopes = Arrays.asList(
                 "openid",
                 "profile",
                 "address",
                 "email");
         String state = UUID.randomUUID().toString();
 
         AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
         authorizationRequest.setState(state);
 
         AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
                 authorizationEndpoint, authorizationRequest, userId, userSecret);
 
         assertNotNull(authorizationResponse.getLocation(), "The location is null");
         assertNotNull(authorizationResponse.getCode(), "The authorization code is null");
         assertNotNull(authorizationResponse.getState(), "The state is null");
         assertNotNull(authorizationResponse.getScope(), "The scope is null");
         assertNull(authorizationResponse.getIdToken(), "The id token is not null");
 
         String authorizationCode = authorizationResponse.getCode();
 
         // 4. Get Access Token
         TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
         tokenRequest.setCode(authorizationCode);
         tokenRequest.setRedirectUri(redirectUri);
         tokenRequest.setAuthUsername(clientId);
         tokenRequest.setAuthPassword(clientSecret);
         tokenRequest.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_POST);
 
         TokenClient tokenClient = new TokenClient(tokenEndpoint);
         tokenClient.setRequest(tokenRequest);
         TokenResponse tokenResponse = tokenClient.exec();
 
         showClient(tokenClient);
         assertEquals(tokenResponse.getStatus(), 401, "Unexpected response code: " + tokenResponse.getStatus());
         assertNotNull(tokenResponse.getErrorType(), "The error type is null");
         assertNotNull(tokenResponse.getErrorDescription(), "The error description is null");
     }

◆ tokenEndpointAuthMethodClientSecretJwtFail3()

void org.xdi.oxauth.ws.rs.TokenEndpointAuthMethodRestrictionHttpTest.tokenEndpointAuthMethodClientSecretJwtFail3	(	final String	redirectUris,
		final String	redirectUri,
		final String	userId,
		final String	userSecret,
		final String	keyId,
		final String	keyStoreFile,
		final String	keyStoreSecret,
		final String	sectorIdentifierUri
	)		throws Exception

inline

Fail 3: Call to Token Endpoint with Auth Method private_key_jwt should fail.

                                                                                                                                            {
         showTitle("tokenEndpointAuthMethodClientSecretJwtFail3");
 
         // 1. Register client
         RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
                 StringUtils.spaceSeparatedToList(redirectUris));
         registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.CLIENT_SECRET_JWT);
         registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
 
         RegisterClient registerClient = new RegisterClient(registrationEndpoint);
         registerClient.setRequest(registerRequest);
         RegisterResponse registerResponse = registerClient.exec();
 
         showClient(registerClient);
         assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
         assertNotNull(registerResponse.getClientId());
         assertNotNull(registerResponse.getClientSecret());
         assertNotNull(registerResponse.getRegistrationAccessToken());
         assertNotNull(registerResponse.getClientIdIssuedAt());
         assertNotNull(registerResponse.getClientSecretExpiresAt());
 
         String clientId = registerResponse.getClientId();
         String clientSecret = registerResponse.getClientSecret();
         String registrationAccessToken = registerResponse.getRegistrationAccessToken();
         String registrationClientUri = registerResponse.getRegistrationClientUri();
 
         // 2. Client read
         RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
 
         RegisterClient readClient = new RegisterClient(registrationClientUri);
         readClient.setRequest(readClientRequest);
         RegisterResponse readClientResponse = readClient.exec();
 
         showClient(readClient);
         assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
         assertNotNull(readClientResponse.getClientId());
         assertNotNull(readClientResponse.getClientSecret());
         assertNotNull(readClientResponse.getClientIdIssuedAt());
         assertNotNull(readClientResponse.getClientSecretExpiresAt());
 
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_METHOD.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_METHOD.toString()),
                 AuthenticationMethod.CLIENT_SECRET_JWT.toString());
         assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
         assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
         assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
         assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
         assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
         assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
 
         // 3. Request authorization
         List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
         List<String> scopes = Arrays.asList(
                 "openid",
                 "profile",
                 "address",
                 "email");
         String state = UUID.randomUUID().toString();
 
         AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
         authorizationRequest.setState(state);
 
         AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
                 authorizationEndpoint, authorizationRequest, userId, userSecret);
 
         assertNotNull(authorizationResponse.getLocation(), "The location is null");
         assertNotNull(authorizationResponse.getCode(), "The authorization code is null");
         assertNotNull(authorizationResponse.getState(), "The state is null");
         assertNotNull(authorizationResponse.getScope(), "The scope is null");
         assertNull(authorizationResponse.getIdToken(), "The id token is not null");
 
         String authorizationCode = authorizationResponse.getCode();
 
         // 4. Get Access Token
         OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, null);
 
         TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
         tokenRequest.setAuthenticationMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
         tokenRequest.setAlgorithm(SignatureAlgorithm.RS256);
         tokenRequest.setKeyId(keyId);
         tokenRequest.setCryptoProvider(cryptoProvider);
         tokenRequest.setAudience(tokenEndpoint);
         tokenRequest.setCode(authorizationCode);
         tokenRequest.setRedirectUri(redirectUri);
         tokenRequest.setAuthUsername(clientId);
         tokenRequest.setAuthPassword(clientSecret);
 
 
         TokenClient tokenClient = new TokenClient(tokenEndpoint);
         tokenClient.setRequest(tokenRequest);
         TokenResponse tokenResponse = tokenClient.exec();
 
         showClient(tokenClient);
         assertEquals(tokenResponse.getStatus(), 401, "Unexpected response code: " + tokenResponse.getStatus());
         assertNotNull(tokenResponse.getErrorType(), "The error type is null");
         assertNotNull(tokenResponse.getErrorDescription(), "The error description is null");
     }

◆ tokenEndpointAuthMethodClientSecretJwtHS256()

void org.xdi.oxauth.ws.rs.TokenEndpointAuthMethodRestrictionHttpTest.tokenEndpointAuthMethodClientSecretJwtHS256	(	final String	redirectUris,
		final String	redirectUri,
		final String	userId,
		final String	userSecret,
		final String	dnName,
		final String	keyStoreFile,
		final String	keyStoreSecret,
		final String	sectorIdentifierUri
	)		throws Exception

inline

If token_endpoint_auth_signing_alg is omitted in client registration, only symmetric algorithm supported by the OP and the RP can be used.

                                                                                                                                             {
         showTitle("tokenEndpointAuthMethodClientSecretJwtHS256");
 
         // 1. Register client
         RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
                 StringUtils.spaceSeparatedToList(redirectUris));
         registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.CLIENT_SECRET_JWT);
         registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
 
         RegisterClient registerClient = new RegisterClient(registrationEndpoint);
         registerClient.setRequest(registerRequest);
         RegisterResponse registerResponse = registerClient.exec();
 
         showClient(registerClient);
         assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
         assertNotNull(registerResponse.getClientId());
         assertNotNull(registerResponse.getClientSecret());
         assertNotNull(registerResponse.getRegistrationAccessToken());
         assertNotNull(registerResponse.getClientIdIssuedAt());
         assertNotNull(registerResponse.getClientSecretExpiresAt());
 
         String clientId = registerResponse.getClientId();
         String clientSecret = registerResponse.getClientSecret();
         String registrationAccessToken = registerResponse.getRegistrationAccessToken();
         String registrationClientUri = registerResponse.getRegistrationClientUri();
 
         // 2. Client read
         RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
 
         RegisterClient readClient = new RegisterClient(registrationClientUri);
         readClient.setRequest(readClientRequest);
         RegisterResponse readClientResponse = readClient.exec();
 
         showClient(readClient);
         assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
         assertNotNull(readClientResponse.getClientId());
         assertNotNull(readClientResponse.getClientSecret());
         assertNotNull(readClientResponse.getClientIdIssuedAt());
         assertNotNull(readClientResponse.getClientSecretExpiresAt());
 
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_METHOD.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_METHOD.toString()),
                 AuthenticationMethod.CLIENT_SECRET_JWT.toString());
         assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
         assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
         assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
         assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
         assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
         assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
 
         // 3. Request authorization
         List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
         List<String> scopes = Arrays.asList(
                 "openid",
                 "profile",
                 "address",
                 "email");
         String state = UUID.randomUUID().toString();
 
         AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
         authorizationRequest.setState(state);
 
         AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
                 authorizationEndpoint, authorizationRequest, userId, userSecret);
 
         assertNotNull(authorizationResponse.getLocation(), "The location is null");
         assertNotNull(authorizationResponse.getCode(), "The authorization code is null");
         assertNotNull(authorizationResponse.getState(), "The state is null");
         assertNotNull(authorizationResponse.getScope(), "The scope is null");
         assertNull(authorizationResponse.getIdToken(), "The id token is not null");
 
         String authorizationCode = authorizationResponse.getCode();
 
         // 4. Get Access Token
         OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
 
         TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
         tokenRequest.setAudience(tokenEndpoint);
         tokenRequest.setCode(authorizationCode);
         tokenRequest.setRedirectUri(redirectUri);
         tokenRequest.setAuthUsername(clientId);
         tokenRequest.setAuthPassword(clientSecret);
         tokenRequest.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_JWT);
         tokenRequest.setAlgorithm(SignatureAlgorithm.HS256);
         tokenRequest.setCryptoProvider(cryptoProvider);
 
         TokenClient tokenClient = new TokenClient(tokenEndpoint);
         tokenClient.setRequest(tokenRequest);
         TokenResponse tokenResponse = tokenClient.exec();
 
         showClient(tokenClient);
         assertEquals(tokenResponse.getStatus(), 200, "Unexpected response code: " + tokenResponse.getStatus());
         assertNotNull(tokenResponse.getEntity(), "The entity is null");
         assertNotNull(tokenResponse.getAccessToken(), "The access token is null");
         assertNotNull(tokenResponse.getExpiresIn(), "The expires in value is null");
         assertNotNull(tokenResponse.getTokenType(), "The token type is null");
         assertNotNull(tokenResponse.getRefreshToken(), "The refresh token is null");
     }

◆ tokenEndpointAuthMethodClientSecretJwtHS384()

void org.xdi.oxauth.ws.rs.TokenEndpointAuthMethodRestrictionHttpTest.tokenEndpointAuthMethodClientSecretJwtHS384	(	final String	redirectUris,
		final String	redirectUri,
		final String	userId,
		final String	userSecret,
		final String	dnName,
		final String	keyStoreFile,
		final String	keyStoreSecret,
		final String	sectorIdentifierUri
	)		throws Exception

inline

If token_endpoint_auth_signing_alg is omitted in client registration, only symmetric algorithm supported by the OP and the RP can be used.

                                                                                                                                             {
         showTitle("tokenEndpointAuthMethodClientSecretJwtHS384");
 
         // 1. Register client
         RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
                 StringUtils.spaceSeparatedToList(redirectUris));
         registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.CLIENT_SECRET_JWT);
         registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
 
         RegisterClient registerClient = new RegisterClient(registrationEndpoint);
         registerClient.setRequest(registerRequest);
         RegisterResponse registerResponse = registerClient.exec();
 
         showClient(registerClient);
         assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
         assertNotNull(registerResponse.getClientId());
         assertNotNull(registerResponse.getClientSecret());
         assertNotNull(registerResponse.getRegistrationAccessToken());
         assertNotNull(registerResponse.getClientIdIssuedAt());
         assertNotNull(registerResponse.getClientSecretExpiresAt());
 
         String clientId = registerResponse.getClientId();
         String clientSecret = registerResponse.getClientSecret();
         String registrationAccessToken = registerResponse.getRegistrationAccessToken();
         String registrationClientUri = registerResponse.getRegistrationClientUri();
 
         // 2. Client read
         RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
 
         RegisterClient readClient = new RegisterClient(registrationClientUri);
         readClient.setRequest(readClientRequest);
         RegisterResponse readClientResponse = readClient.exec();
 
         showClient(readClient);
         assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
         assertNotNull(readClientResponse.getClientId());
         assertNotNull(readClientResponse.getClientSecret());
         assertNotNull(readClientResponse.getClientIdIssuedAt());
         assertNotNull(readClientResponse.getClientSecretExpiresAt());
 
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_METHOD.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_METHOD.toString()),
                 AuthenticationMethod.CLIENT_SECRET_JWT.toString());
         assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
         assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
         assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
         assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
         assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
         assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
 
         // 3. Request authorization
         List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
         List<String> scopes = Arrays.asList(
                 "openid",
                 "profile",
                 "address",
                 "email");
         String state = UUID.randomUUID().toString();
 
         AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
         authorizationRequest.setState(state);
 
         AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
                 authorizationEndpoint, authorizationRequest, userId, userSecret);
 
         assertNotNull(authorizationResponse.getLocation(), "The location is null");
         assertNotNull(authorizationResponse.getCode(), "The authorization code is null");
         assertNotNull(authorizationResponse.getState(), "The state is null");
         assertNotNull(authorizationResponse.getScope(), "The scope is null");
         assertNull(authorizationResponse.getIdToken(), "The id token is not null");
 
         String authorizationCode = authorizationResponse.getCode();
 
         // 4. Get Access Token
         OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
 
         TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
         tokenRequest.setAudience(tokenEndpoint);
         tokenRequest.setCode(authorizationCode);
         tokenRequest.setRedirectUri(redirectUri);
         tokenRequest.setAuthUsername(clientId);
         tokenRequest.setAuthPassword(clientSecret);
         tokenRequest.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_JWT);
         tokenRequest.setAlgorithm(SignatureAlgorithm.HS384);
         tokenRequest.setCryptoProvider(cryptoProvider);
 
         TokenClient tokenClient = new TokenClient(tokenEndpoint);
         tokenClient.setRequest(tokenRequest);
         TokenResponse tokenResponse = tokenClient.exec();
 
         showClient(tokenClient);
         assertEquals(tokenResponse.getStatus(), 200, "Unexpected response code: " + tokenResponse.getStatus());
         assertNotNull(tokenResponse.getEntity(), "The entity is null");
         assertNotNull(tokenResponse.getAccessToken(), "The access token is null");
         assertNotNull(tokenResponse.getExpiresIn(), "The expires in value is null");
         assertNotNull(tokenResponse.getTokenType(), "The token type is null");
         assertNotNull(tokenResponse.getRefreshToken(), "The refresh token is null");
     }

◆ tokenEndpointAuthMethodClientSecretJwtHS512()

void org.xdi.oxauth.ws.rs.TokenEndpointAuthMethodRestrictionHttpTest.tokenEndpointAuthMethodClientSecretJwtHS512	(	final String	redirectUris,
		final String	redirectUri,
		final String	userId,
		final String	userSecret,
		final String	dnName,
		final String	keyStoreFile,
		final String	keyStoreSecret,
		final String	sectorIdentifierUri
	)		throws Exception

inline

If token_endpoint_auth_signing_alg is omitted in client registration, any algorithm supported by the OP and the RP can be used.

                                                                                                                                             {
         showTitle("tokenEndpointAuthMethodClientSecretJwtHS512");
 
         // 1. Register client
         RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
                 StringUtils.spaceSeparatedToList(redirectUris));
         registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.CLIENT_SECRET_JWT);
         registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
 
         RegisterClient registerClient = new RegisterClient(registrationEndpoint);
         registerClient.setRequest(registerRequest);
         RegisterResponse registerResponse = registerClient.exec();
 
         showClient(registerClient);
         assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
         assertNotNull(registerResponse.getClientId());
         assertNotNull(registerResponse.getClientSecret());
         assertNotNull(registerResponse.getRegistrationAccessToken());
         assertNotNull(registerResponse.getClientIdIssuedAt());
         assertNotNull(registerResponse.getClientSecretExpiresAt());
 
         String clientId = registerResponse.getClientId();
         String clientSecret = registerResponse.getClientSecret();
         String registrationAccessToken = registerResponse.getRegistrationAccessToken();
         String registrationClientUri = registerResponse.getRegistrationClientUri();
 
         // 2. Client read
         RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
 
         RegisterClient readClient = new RegisterClient(registrationClientUri);
         readClient.setRequest(readClientRequest);
         RegisterResponse readClientResponse = readClient.exec();
 
         showClient(readClient);
         assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
         assertNotNull(readClientResponse.getClientId());
         assertNotNull(readClientResponse.getClientSecret());
         assertNotNull(readClientResponse.getClientIdIssuedAt());
         assertNotNull(readClientResponse.getClientSecretExpiresAt());
 
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_METHOD.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_METHOD.toString()),
                 AuthenticationMethod.CLIENT_SECRET_JWT.toString());
         assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
         assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
         assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
         assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
         assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
         assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
 
         // 3. Request authorization
         List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
         List<String> scopes = Arrays.asList(
                 "openid",
                 "profile",
                 "address",
                 "email");
         String state = UUID.randomUUID().toString();
 
         AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
         authorizationRequest.setState(state);
 
         AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
                 authorizationEndpoint, authorizationRequest, userId, userSecret);
 
         assertNotNull(authorizationResponse.getLocation(), "The location is null");
         assertNotNull(authorizationResponse.getCode(), "The authorization code is null");
         assertNotNull(authorizationResponse.getState(), "The state is null");
         assertNotNull(authorizationResponse.getScope(), "The scope is null");
         assertNull(authorizationResponse.getIdToken(), "The id token is not null");
 
         String authorizationCode = authorizationResponse.getCode();
 
         // 4. Get Access Token
         OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
 
         TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
         tokenRequest.setAudience(tokenEndpoint);
         tokenRequest.setCode(authorizationCode);
         tokenRequest.setRedirectUri(redirectUri);
         tokenRequest.setAuthUsername(clientId);
         tokenRequest.setAuthPassword(clientSecret);
         tokenRequest.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_JWT);
         tokenRequest.setAlgorithm(SignatureAlgorithm.HS512);
         tokenRequest.setCryptoProvider(cryptoProvider);
 
         TokenClient tokenClient = new TokenClient(tokenEndpoint);
         tokenClient.setRequest(tokenRequest);
         TokenResponse tokenResponse = tokenClient.exec();
 
         showClient(tokenClient);
         assertEquals(tokenResponse.getStatus(), 200, "Unexpected response code: " + tokenResponse.getStatus());
         assertNotNull(tokenResponse.getEntity(), "The entity is null");
         assertNotNull(tokenResponse.getAccessToken(), "The access token is null");
         assertNotNull(tokenResponse.getExpiresIn(), "The expires in value is null");
         assertNotNull(tokenResponse.getTokenType(), "The token type is null");
         assertNotNull(tokenResponse.getRefreshToken(), "The refresh token is null");
     }

◆ tokenEndpointAuthMethodClientSecretJwtRS256Fail()

void org.xdi.oxauth.ws.rs.TokenEndpointAuthMethodRestrictionHttpTest.tokenEndpointAuthMethodClientSecretJwtRS256Fail	(	final String	redirectUris,
		final String	redirectUri,
		final String	userId,
		final String	userSecret,
		final String	dnName,
		final String	keyStoreFile,
		final String	keyStoreSecret,
		final String	keyId,
		final String	sectorIdentifierUri
	)		throws Exception

inline

If token_endpoint_auth_signing_alg is omitted in client registration, only symmetric algorithm supported by the OP and the RP can be used.

                                                                {
         showTitle("tokenEndpointAuthMethodClientSecretJwtRS256Fail");
 
         // 1. Register client
         RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
                 StringUtils.spaceSeparatedToList(redirectUris));
         registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.CLIENT_SECRET_JWT);
         registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
 
         RegisterClient registerClient = new RegisterClient(registrationEndpoint);
         registerClient.setRequest(registerRequest);
         RegisterResponse registerResponse = registerClient.exec();
 
         showClient(registerClient);
         assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
         assertNotNull(registerResponse.getClientId());
         assertNotNull(registerResponse.getClientSecret());
         assertNotNull(registerResponse.getRegistrationAccessToken());
         assertNotNull(registerResponse.getClientIdIssuedAt());
         assertNotNull(registerResponse.getClientSecretExpiresAt());
 
         String clientId = registerResponse.getClientId();
         String clientSecret = registerResponse.getClientSecret();
         String registrationAccessToken = registerResponse.getRegistrationAccessToken();
         String registrationClientUri = registerResponse.getRegistrationClientUri();
 
         // 2. Client read
         RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
 
         RegisterClient readClient = new RegisterClient(registrationClientUri);
         readClient.setRequest(readClientRequest);
         RegisterResponse readClientResponse = readClient.exec();
 
         showClient(readClient);
         assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
         assertNotNull(readClientResponse.getClientId());
         assertNotNull(readClientResponse.getClientSecret());
         assertNotNull(readClientResponse.getClientIdIssuedAt());
         assertNotNull(readClientResponse.getClientSecretExpiresAt());
 
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_METHOD.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_METHOD.toString()),
                 AuthenticationMethod.CLIENT_SECRET_JWT.toString());
         assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
         assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
         assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
         assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
         assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
         assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
 
         // 3. Request authorization
         List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
         List<String> scopes = Arrays.asList(
                 "openid",
                 "profile",
                 "address",
                 "email");
         String state = UUID.randomUUID().toString();
 
         AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
         authorizationRequest.setState(state);
 
         AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
                 authorizationEndpoint, authorizationRequest, userId, userSecret);
 
         assertNotNull(authorizationResponse.getLocation(), "The location is null");
         assertNotNull(authorizationResponse.getCode(), "The authorization code is null");
         assertNotNull(authorizationResponse.getState(), "The state is null");
         assertNotNull(authorizationResponse.getScope(), "The scope is null");
         assertNull(authorizationResponse.getIdToken(), "The id token is not null");
 
         String authorizationCode = authorizationResponse.getCode();
 
         // 4. Get Access Token
         OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
 
         TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
         tokenRequest.setAudience(tokenEndpoint);
         tokenRequest.setCode(authorizationCode);
         tokenRequest.setRedirectUri(redirectUri);
         tokenRequest.setAuthUsername(clientId);
         tokenRequest.setAuthPassword(clientSecret);
         tokenRequest.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_JWT);
         tokenRequest.setAlgorithm(SignatureAlgorithm.RS256);
         tokenRequest.setKeyId(keyId);
         tokenRequest.setCryptoProvider(cryptoProvider);
 
         TokenClient tokenClient = new TokenClient(tokenEndpoint);
         tokenClient.setRequest(tokenRequest);
         TokenResponse tokenResponse = tokenClient.exec();
 
         showClient(tokenClient);
         assertEquals(tokenResponse.getStatus(), 401, "Unexpected response code: " + tokenResponse.getStatus());
         assertNotNull(tokenResponse.getErrorType(), "The error type is null");
         assertNotNull(tokenResponse.getErrorDescription(), "The error description is null");
     }

◆ tokenEndpointAuthMethodClientSecretJwtRS384Fail()

void org.xdi.oxauth.ws.rs.TokenEndpointAuthMethodRestrictionHttpTest.tokenEndpointAuthMethodClientSecretJwtRS384Fail	(	final String	redirectUris,
		final String	redirectUri,
		final String	userId,
		final String	userSecret,
		final String	dnName,
		final String	keyStoreFile,
		final String	keyStoreSecret,
		final String	keyId,
		final String	sectorIdentifierUri
	)		throws Exception

inline

If token_endpoint_auth_signing_alg is omitted in client registration, only symmetric algorithm supported by the OP and the RP can be used.

                                                                {
         showTitle("tokenEndpointAuthMethodClientSecretJwtRS384Fail");
 
         // 1. Register client
         RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
                 StringUtils.spaceSeparatedToList(redirectUris));
         registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.CLIENT_SECRET_JWT);
         registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
 
         RegisterClient registerClient = new RegisterClient(registrationEndpoint);
         registerClient.setRequest(registerRequest);
         RegisterResponse registerResponse = registerClient.exec();
 
         showClient(registerClient);
         assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
         assertNotNull(registerResponse.getClientId());
         assertNotNull(registerResponse.getClientSecret());
         assertNotNull(registerResponse.getRegistrationAccessToken());
         assertNotNull(registerResponse.getClientIdIssuedAt());
         assertNotNull(registerResponse.getClientSecretExpiresAt());
 
         String clientId = registerResponse.getClientId();
         String clientSecret = registerResponse.getClientSecret();
         String registrationAccessToken = registerResponse.getRegistrationAccessToken();
         String registrationClientUri = registerResponse.getRegistrationClientUri();
 
         // 2. Client read
         RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
 
         RegisterClient readClient = new RegisterClient(registrationClientUri);
         readClient.setRequest(readClientRequest);
         RegisterResponse readClientResponse = readClient.exec();
 
         showClient(readClient);
         assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
         assertNotNull(readClientResponse.getClientId());
         assertNotNull(readClientResponse.getClientSecret());
         assertNotNull(readClientResponse.getClientIdIssuedAt());
         assertNotNull(readClientResponse.getClientSecretExpiresAt());
 
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_METHOD.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_METHOD.toString()),
                 AuthenticationMethod.CLIENT_SECRET_JWT.toString());
         assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
         assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
         assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
         assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
         assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
         assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
 
         // 3. Request authorization
         List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
         List<String> scopes = Arrays.asList(
                 "openid",
                 "profile",
                 "address",
                 "email");
         String state = UUID.randomUUID().toString();
 
         AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
         authorizationRequest.setState(state);
 
         AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
                 authorizationEndpoint, authorizationRequest, userId, userSecret);
 
         assertNotNull(authorizationResponse.getLocation(), "The location is null");
         assertNotNull(authorizationResponse.getCode(), "The authorization code is null");
         assertNotNull(authorizationResponse.getState(), "The state is null");
         assertNotNull(authorizationResponse.getScope(), "The scope is null");
         assertNull(authorizationResponse.getIdToken(), "The id token is not null");
 
         String authorizationCode = authorizationResponse.getCode();
 
         // 4. Get Access Token
         OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
 
         TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
         tokenRequest.setAudience(tokenEndpoint);
         tokenRequest.setCode(authorizationCode);
         tokenRequest.setRedirectUri(redirectUri);
         tokenRequest.setAuthUsername(clientId);
         tokenRequest.setAuthPassword(clientSecret);
         tokenRequest.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_JWT);
         tokenRequest.setAlgorithm(SignatureAlgorithm.RS384);
         tokenRequest.setKeyId(keyId);
         tokenRequest.setCryptoProvider(cryptoProvider);
 
         TokenClient tokenClient = new TokenClient(tokenEndpoint);
         tokenClient.setRequest(tokenRequest);
         TokenResponse tokenResponse = tokenClient.exec();
 
         showClient(tokenClient);
         assertEquals(tokenResponse.getStatus(), 401, "Unexpected response code: " + tokenResponse.getStatus());
         assertNotNull(tokenResponse.getErrorType(), "The error type is null");
         assertNotNull(tokenResponse.getErrorDescription(), "The error description is null");
     }

◆ tokenEndpointAuthMethodClientSecretJwtRS512Fail()

void org.xdi.oxauth.ws.rs.TokenEndpointAuthMethodRestrictionHttpTest.tokenEndpointAuthMethodClientSecretJwtRS512Fail	(	final String	redirectUris,
		final String	redirectUri,
		final String	userId,
		final String	userSecret,
		final String	dnName,
		final String	keyStoreFile,
		final String	keyStoreSecret,
		final String	keyId,
		final String	sectorIdentifierUri
	)		throws Exception

inline

If token_endpoint_auth_signing_alg is omitted in client registration, only symmetric algorithm supported by the OP and the RP can be used.

                                                                {
         showTitle("tokenEndpointAuthMethodClientSecretJwtRS512Fail");
 
         // 1. Register client
         RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
                 StringUtils.spaceSeparatedToList(redirectUris));
         registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.CLIENT_SECRET_JWT);
         registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
 
         RegisterClient registerClient = new RegisterClient(registrationEndpoint);
         registerClient.setRequest(registerRequest);
         RegisterResponse registerResponse = registerClient.exec();
 
         showClient(registerClient);
         assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
         assertNotNull(registerResponse.getClientId());
         assertNotNull(registerResponse.getClientSecret());
         assertNotNull(registerResponse.getRegistrationAccessToken());
         assertNotNull(registerResponse.getClientIdIssuedAt());
         assertNotNull(registerResponse.getClientSecretExpiresAt());
 
         String clientId = registerResponse.getClientId();
         String clientSecret = registerResponse.getClientSecret();
         String registrationAccessToken = registerResponse.getRegistrationAccessToken();
         String registrationClientUri = registerResponse.getRegistrationClientUri();
 
         // 2. Client read
         RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
 
         RegisterClient readClient = new RegisterClient(registrationClientUri);
         readClient.setRequest(readClientRequest);
         RegisterResponse readClientResponse = readClient.exec();
 
         showClient(readClient);
         assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
         assertNotNull(readClientResponse.getClientId());
         assertNotNull(readClientResponse.getClientSecret());
         assertNotNull(readClientResponse.getClientIdIssuedAt());
         assertNotNull(readClientResponse.getClientSecretExpiresAt());
 
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_METHOD.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_METHOD.toString()),
                 AuthenticationMethod.CLIENT_SECRET_JWT.toString());
         assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
         assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
         assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
         assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
         assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
         assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
 
         // 3. Request authorization
         List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
         List<String> scopes = Arrays.asList(
                 "openid",
                 "profile",
                 "address",
                 "email");
         String state = UUID.randomUUID().toString();
 
         AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
         authorizationRequest.setState(state);
 
         AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
                 authorizationEndpoint, authorizationRequest, userId, userSecret);
 
         assertNotNull(authorizationResponse.getLocation(), "The location is null");
         assertNotNull(authorizationResponse.getCode(), "The authorization code is null");
         assertNotNull(authorizationResponse.getState(), "The state is null");
         assertNotNull(authorizationResponse.getScope(), "The scope is null");
         assertNull(authorizationResponse.getIdToken(), "The id token is not null");
 
         String authorizationCode = authorizationResponse.getCode();
 
         // 4. Get Access Token
         OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
 
         TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
         tokenRequest.setAudience(tokenEndpoint);
         tokenRequest.setCode(authorizationCode);
         tokenRequest.setRedirectUri(redirectUri);
         tokenRequest.setAuthUsername(clientId);
         tokenRequest.setAuthPassword(clientSecret);
         tokenRequest.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_JWT);
         tokenRequest.setAlgorithm(SignatureAlgorithm.RS512);
         tokenRequest.setKeyId(keyId);
         tokenRequest.setCryptoProvider(cryptoProvider);
 
         TokenClient tokenClient = new TokenClient(tokenEndpoint);
         tokenClient.setRequest(tokenRequest);
         TokenResponse tokenResponse = tokenClient.exec();
 
         showClient(tokenClient);
         assertEquals(tokenResponse.getStatus(), 401, "Unexpected response code: " + tokenResponse.getStatus());
         assertNotNull(tokenResponse.getErrorType(), "The error type is null");
         assertNotNull(tokenResponse.getErrorDescription(), "The error description is null");
     }

◆ tokenEndpointAuthMethodClientSecretJwtSigningAlgHS256()

void org.xdi.oxauth.ws.rs.TokenEndpointAuthMethodRestrictionHttpTest.tokenEndpointAuthMethodClientSecretJwtSigningAlgHS256	(	final String	redirectUris,
		final String	redirectUri,
		final String	userId,
		final String	userSecret,
		final String	dnName,
		final String	keyStoreFile,
		final String	keyStoreSecret,
		final String	sectorIdentifierUri
	)		throws Exception

inline

                                                                                                                                             {
         showTitle("tokenEndpointAuthMethodClientSecretJwtSigningAlgHS256");
 
         // 1. Register client
         RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
                 StringUtils.spaceSeparatedToList(redirectUris));
         registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.CLIENT_SECRET_JWT);
         registerRequest.setTokenEndpointAuthSigningAlg(SignatureAlgorithm.HS256);
         registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
 
         RegisterClient registerClient = new RegisterClient(registrationEndpoint);
         registerClient.setRequest(registerRequest);
         RegisterResponse registerResponse = registerClient.exec();
 
         showClient(registerClient);
         assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
         assertNotNull(registerResponse.getClientId());
         assertNotNull(registerResponse.getClientSecret());
         assertNotNull(registerResponse.getRegistrationAccessToken());
         assertNotNull(registerResponse.getClientIdIssuedAt());
         assertNotNull(registerResponse.getClientSecretExpiresAt());
 
         String clientId = registerResponse.getClientId();
         String clientSecret = registerResponse.getClientSecret();
         String registrationAccessToken = registerResponse.getRegistrationAccessToken();
         String registrationClientUri = registerResponse.getRegistrationClientUri();
 
         // 2. Client read
         RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
 
         RegisterClient readClient = new RegisterClient(registrationClientUri);
         readClient.setRequest(readClientRequest);
         RegisterResponse readClientResponse = readClient.exec();
 
         showClient(readClient);
         assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
         assertNotNull(readClientResponse.getClientId());
         assertNotNull(readClientResponse.getClientSecret());
         assertNotNull(readClientResponse.getClientIdIssuedAt());
         assertNotNull(readClientResponse.getClientSecretExpiresAt());
 
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_METHOD.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_METHOD.toString()),
                 AuthenticationMethod.CLIENT_SECRET_JWT.toString());
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString()),
                 SignatureAlgorithm.HS256.toString());
         assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
         assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
         assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
         assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
         assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
         assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
 
         // 3. Request authorization
         List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
         List<String> scopes = Arrays.asList(
                 "openid",
                 "profile",
                 "address",
                 "email");
         String state = UUID.randomUUID().toString();
 
         AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
         authorizationRequest.setState(state);
 
         AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
                 authorizationEndpoint, authorizationRequest, userId, userSecret);
 
         assertNotNull(authorizationResponse.getLocation(), "The location is null");
         assertNotNull(authorizationResponse.getCode(), "The authorization code is null");
         assertNotNull(authorizationResponse.getState(), "The state is null");
         assertNotNull(authorizationResponse.getScope(), "The scope is null");
         assertNull(authorizationResponse.getIdToken(), "The id token is not null");
 
         String authorizationCode = authorizationResponse.getCode();
 
         // 4. Get Access Token
         OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
 
         TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
         tokenRequest.setAudience(tokenEndpoint);
         tokenRequest.setCode(authorizationCode);
         tokenRequest.setRedirectUri(redirectUri);
         tokenRequest.setAuthUsername(clientId);
         tokenRequest.setAuthPassword(clientSecret);
         tokenRequest.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_JWT);
         tokenRequest.setAlgorithm(SignatureAlgorithm.HS256);
         tokenRequest.setCryptoProvider(cryptoProvider);
 
         TokenClient tokenClient = new TokenClient(tokenEndpoint);
         tokenClient.setRequest(tokenRequest);
         TokenResponse tokenResponse = tokenClient.exec();
 
         showClient(tokenClient);
         assertEquals(tokenResponse.getStatus(), 200, "Unexpected response code: " + tokenResponse.getStatus());
         assertNotNull(tokenResponse.getEntity(), "The entity is null");
         assertNotNull(tokenResponse.getAccessToken(), "The access token is null");
         assertNotNull(tokenResponse.getExpiresIn(), "The expires in value is null");
         assertNotNull(tokenResponse.getTokenType(), "The token type is null");
         assertNotNull(tokenResponse.getRefreshToken(), "The refresh token is null");
     }

◆ tokenEndpointAuthMethodClientSecretJwtSigningAlgHS256Fail1()

void org.xdi.oxauth.ws.rs.TokenEndpointAuthMethodRestrictionHttpTest.tokenEndpointAuthMethodClientSecretJwtSigningAlgHS256Fail1	(	final String	redirectUris,
		final String	redirectUri,
		final String	userId,
		final String	userSecret,
		final String	dnName,
		final String	keyStoreFile,
		final String	keyStoreSecret,
		final String	sectorIdentifierUri
	)		throws Exception

inline

                                                                                                                                             {
         showTitle("tokenEndpointAuthMethodClientSecretJwtSigningAlgHS256Fail1");
 
         // 1. Register client
         RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
                 StringUtils.spaceSeparatedToList(redirectUris));
         registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.CLIENT_SECRET_JWT);
         registerRequest.setTokenEndpointAuthSigningAlg(SignatureAlgorithm.HS256);
         registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
 
         RegisterClient registerClient = new RegisterClient(registrationEndpoint);
         registerClient.setRequest(registerRequest);
         RegisterResponse registerResponse = registerClient.exec();
 
         showClient(registerClient);
         assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
         assertNotNull(registerResponse.getClientId());
         assertNotNull(registerResponse.getClientSecret());
         assertNotNull(registerResponse.getRegistrationAccessToken());
         assertNotNull(registerResponse.getClientIdIssuedAt());
         assertNotNull(registerResponse.getClientSecretExpiresAt());
 
         String clientId = registerResponse.getClientId();
         String clientSecret = registerResponse.getClientSecret();
         String registrationAccessToken = registerResponse.getRegistrationAccessToken();
         String registrationClientUri = registerResponse.getRegistrationClientUri();
 
         // 2. Client read
         RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
 
         RegisterClient readClient = new RegisterClient(registrationClientUri);
         readClient.setRequest(readClientRequest);
         RegisterResponse readClientResponse = readClient.exec();
 
         showClient(readClient);
         assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
         assertNotNull(readClientResponse.getClientId());
         assertNotNull(readClientResponse.getClientSecret());
         assertNotNull(readClientResponse.getClientIdIssuedAt());
         assertNotNull(readClientResponse.getClientSecretExpiresAt());
 
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_METHOD.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_METHOD.toString()),
                 AuthenticationMethod.CLIENT_SECRET_JWT.toString());
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString()),
                 SignatureAlgorithm.HS256.toString());
         assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
         assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
         assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
         assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
         assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
         assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
 
         // 3. Request authorization
         List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
         List<String> scopes = Arrays.asList(
                 "openid",
                 "profile",
                 "address",
                 "email");
         String state = UUID.randomUUID().toString();
 
         AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
         authorizationRequest.setState(state);
 
         AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
                 authorizationEndpoint, authorizationRequest, userId, userSecret);
 
         assertNotNull(authorizationResponse.getLocation(), "The location is null");
         assertNotNull(authorizationResponse.getCode(), "The authorization code is null");
         assertNotNull(authorizationResponse.getState(), "The state is null");
         assertNotNull(authorizationResponse.getScope(), "The scope is null");
         assertNull(authorizationResponse.getIdToken(), "The id token is not null");
 
         String authorizationCode = authorizationResponse.getCode();
 
         // 4. Get Access Token
         OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
 
         TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
         tokenRequest.setAudience(tokenEndpoint);
         tokenRequest.setCode(authorizationCode);
         tokenRequest.setRedirectUri(redirectUri);
         tokenRequest.setAuthUsername(clientId);
         tokenRequest.setAuthPassword(clientSecret);
         tokenRequest.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_JWT);
         tokenRequest.setAlgorithm(SignatureAlgorithm.HS384);
         tokenRequest.setCryptoProvider(cryptoProvider);
 
         TokenClient tokenClient = new TokenClient(tokenEndpoint);
         tokenClient.setRequest(tokenRequest);
         TokenResponse tokenResponse = tokenClient.exec();
 
         showClient(tokenClient);
         assertEquals(tokenResponse.getStatus(), 401, "Unexpected response code: " + tokenResponse.getStatus());
         assertNotNull(tokenResponse.getErrorType(), "The error type is null");
         assertNotNull(tokenResponse.getErrorDescription(), "The error description is null");
     }

◆ tokenEndpointAuthMethodClientSecretJwtSigningAlgHS256Fail2()

void org.xdi.oxauth.ws.rs.TokenEndpointAuthMethodRestrictionHttpTest.tokenEndpointAuthMethodClientSecretJwtSigningAlgHS256Fail2	(	final String	redirectUris,
		final String	redirectUri,
		final String	userId,
		final String	userSecret,
		final String	dnName,
		final String	keyStoreFile,
		final String	keyStoreSecret,
		final String	sectorIdentifierUri
	)		throws Exception

inline

                                                                                                                                             {
         showTitle("tokenEndpointAuthMethodClientSecretJwtSigningAlgHS256Fail2");
 
         // 1. Register client
         RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
                 StringUtils.spaceSeparatedToList(redirectUris));
         registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.CLIENT_SECRET_JWT);
         registerRequest.setTokenEndpointAuthSigningAlg(SignatureAlgorithm.HS256);
         registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
 
         RegisterClient registerClient = new RegisterClient(registrationEndpoint);
         registerClient.setRequest(registerRequest);
         RegisterResponse registerResponse = registerClient.exec();
 
         showClient(registerClient);
         assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
         assertNotNull(registerResponse.getClientId());
         assertNotNull(registerResponse.getClientSecret());
         assertNotNull(registerResponse.getRegistrationAccessToken());
         assertNotNull(registerResponse.getClientIdIssuedAt());
         assertNotNull(registerResponse.getClientSecretExpiresAt());
 
         String clientId = registerResponse.getClientId();
         String clientSecret = registerResponse.getClientSecret();
         String registrationAccessToken = registerResponse.getRegistrationAccessToken();
         String registrationClientUri = registerResponse.getRegistrationClientUri();
 
         // 2. Client read
         RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
 
         RegisterClient readClient = new RegisterClient(registrationClientUri);
         readClient.setRequest(readClientRequest);
         RegisterResponse readClientResponse = readClient.exec();
 
         showClient(readClient);
         assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
         assertNotNull(readClientResponse.getClientId());
         assertNotNull(readClientResponse.getClientSecret());
         assertNotNull(readClientResponse.getClientIdIssuedAt());
         assertNotNull(readClientResponse.getClientSecretExpiresAt());
 
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_METHOD.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_METHOD.toString()),
                 AuthenticationMethod.CLIENT_SECRET_JWT.toString());
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString()),
                 SignatureAlgorithm.HS256.toString());
         assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
         assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
         assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
         assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
         assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
         assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
 
         // 3. Request authorization
         List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
         List<String> scopes = Arrays.asList(
                 "openid",
                 "profile",
                 "address",
                 "email");
         String state = UUID.randomUUID().toString();
 
         AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
         authorizationRequest.setState(state);
 
         AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
                 authorizationEndpoint, authorizationRequest, userId, userSecret);
 
         assertNotNull(authorizationResponse.getLocation(), "The location is null");
         assertNotNull(authorizationResponse.getCode(), "The authorization code is null");
         assertNotNull(authorizationResponse.getState(), "The state is null");
         assertNotNull(authorizationResponse.getScope(), "The scope is null");
         assertNull(authorizationResponse.getIdToken(), "The id token is not null");
 
         String authorizationCode = authorizationResponse.getCode();
 
         // 4. Get Access Token
         OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
 
         TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
         tokenRequest.setAudience(tokenEndpoint);
         tokenRequest.setCode(authorizationCode);
         tokenRequest.setRedirectUri(redirectUri);
         tokenRequest.setAuthUsername(clientId);
         tokenRequest.setAuthPassword(clientSecret);
         tokenRequest.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_JWT);
         tokenRequest.setAlgorithm(SignatureAlgorithm.HS512);
         tokenRequest.setCryptoProvider(cryptoProvider);
 
         TokenClient tokenClient = new TokenClient(tokenEndpoint);
         tokenClient.setRequest(tokenRequest);
         TokenResponse tokenResponse = tokenClient.exec();
 
         showClient(tokenClient);
         assertEquals(tokenResponse.getStatus(), 401, "Unexpected response code: " + tokenResponse.getStatus());
         assertNotNull(tokenResponse.getErrorType(), "The error type is null");
         assertNotNull(tokenResponse.getErrorDescription(), "The error description is null");
     }

◆ tokenEndpointAuthMethodClientSecretJwtSigningAlgHS384()

void org.xdi.oxauth.ws.rs.TokenEndpointAuthMethodRestrictionHttpTest.tokenEndpointAuthMethodClientSecretJwtSigningAlgHS384	(	final String	redirectUris,
		final String	redirectUri,
		final String	userId,
		final String	userSecret,
		final String	dnName,
		final String	keyStoreFile,
		final String	keyStoreSecret,
		final String	sectorIdentifierUri
	)		throws Exception

inline

                                                                                                                                             {
         showTitle("tokenEndpointAuthMethodClientSecretJwtSigningAlgHS384");
 
         // 1. Register client
         RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
                 StringUtils.spaceSeparatedToList(redirectUris));
         registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.CLIENT_SECRET_JWT);
         registerRequest.setTokenEndpointAuthSigningAlg(SignatureAlgorithm.HS384);
         registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
 
         RegisterClient registerClient = new RegisterClient(registrationEndpoint);
         registerClient.setRequest(registerRequest);
         RegisterResponse registerResponse = registerClient.exec();
 
         showClient(registerClient);
         assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
         assertNotNull(registerResponse.getClientId());
         assertNotNull(registerResponse.getClientSecret());
         assertNotNull(registerResponse.getRegistrationAccessToken());
         assertNotNull(registerResponse.getClientIdIssuedAt());
         assertNotNull(registerResponse.getClientSecretExpiresAt());
 
         String clientId = registerResponse.getClientId();
         String clientSecret = registerResponse.getClientSecret();
         String registrationAccessToken = registerResponse.getRegistrationAccessToken();
         String registrationClientUri = registerResponse.getRegistrationClientUri();
 
         // 2. Client read
         RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
 
         RegisterClient readClient = new RegisterClient(registrationClientUri);
         readClient.setRequest(readClientRequest);
         RegisterResponse readClientResponse = readClient.exec();
 
         showClient(readClient);
         assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
         assertNotNull(readClientResponse.getClientId());
         assertNotNull(readClientResponse.getClientSecret());
         assertNotNull(readClientResponse.getClientIdIssuedAt());
         assertNotNull(readClientResponse.getClientSecretExpiresAt());
 
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_METHOD.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_METHOD.toString()),
                 AuthenticationMethod.CLIENT_SECRET_JWT.toString());
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString()),
                 SignatureAlgorithm.HS384.toString());
         assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
         assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
         assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
         assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
         assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
         assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
 
         // 3. Request authorization
         List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
         List<String> scopes = Arrays.asList(
                 "openid",
                 "profile",
                 "address",
                 "email");
         String state = UUID.randomUUID().toString();
 
         AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
         authorizationRequest.setState(state);
 
         AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
                 authorizationEndpoint, authorizationRequest, userId, userSecret);
 
         assertNotNull(authorizationResponse.getLocation(), "The location is null");
         assertNotNull(authorizationResponse.getCode(), "The authorization code is null");
         assertNotNull(authorizationResponse.getState(), "The state is null");
         assertNotNull(authorizationResponse.getScope(), "The scope is null");
         assertNull(authorizationResponse.getIdToken(), "The id token is not null");
 
         String authorizationCode = authorizationResponse.getCode();
 
         // 4. Get Access Token
         OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
 
         TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
         tokenRequest.setAudience(tokenEndpoint);
         tokenRequest.setCode(authorizationCode);
         tokenRequest.setRedirectUri(redirectUri);
         tokenRequest.setAuthUsername(clientId);
         tokenRequest.setAuthPassword(clientSecret);
         tokenRequest.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_JWT);
         tokenRequest.setAlgorithm(SignatureAlgorithm.HS384);
         tokenRequest.setCryptoProvider(cryptoProvider);
 
         TokenClient tokenClient = new TokenClient(tokenEndpoint);
         tokenClient.setRequest(tokenRequest);
         TokenResponse tokenResponse = tokenClient.exec();
 
         showClient(tokenClient);
         assertEquals(tokenResponse.getStatus(), 200, "Unexpected response code: " + tokenResponse.getStatus());
         assertNotNull(tokenResponse.getEntity(), "The entity is null");
         assertNotNull(tokenResponse.getAccessToken(), "The access token is null");
         assertNotNull(tokenResponse.getExpiresIn(), "The expires in value is null");
         assertNotNull(tokenResponse.getTokenType(), "The token type is null");
         assertNotNull(tokenResponse.getRefreshToken(), "The refresh token is null");
     }

◆ tokenEndpointAuthMethodClientSecretJwtSigningAlgHS384Fail1()

void org.xdi.oxauth.ws.rs.TokenEndpointAuthMethodRestrictionHttpTest.tokenEndpointAuthMethodClientSecretJwtSigningAlgHS384Fail1	(	final String	redirectUris,
		final String	redirectUri,
		final String	userId,
		final String	userSecret,
		final String	dnName,
		final String	keyStoreFile,
		final String	keyStoreSecret,
		final String	sectorIdentifierUri
	)		throws Exception

inline

                                                                                                                                             {
         showTitle("tokenEndpointAuthMethodClientSecretJwtSigningAlgHS384Fail1");
 
         // 1. Register client
         RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
                 StringUtils.spaceSeparatedToList(redirectUris));
         registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.CLIENT_SECRET_JWT);
         registerRequest.setTokenEndpointAuthSigningAlg(SignatureAlgorithm.HS384);
         registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
 
         RegisterClient registerClient = new RegisterClient(registrationEndpoint);
         registerClient.setRequest(registerRequest);
         RegisterResponse registerResponse = registerClient.exec();
 
         showClient(registerClient);
         assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
         assertNotNull(registerResponse.getClientId());
         assertNotNull(registerResponse.getClientSecret());
         assertNotNull(registerResponse.getRegistrationAccessToken());
         assertNotNull(registerResponse.getClientIdIssuedAt());
         assertNotNull(registerResponse.getClientSecretExpiresAt());
 
         String clientId = registerResponse.getClientId();
         String clientSecret = registerResponse.getClientSecret();
         String registrationAccessToken = registerResponse.getRegistrationAccessToken();
         String registrationClientUri = registerResponse.getRegistrationClientUri();
 
         // 2. Client read
         RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
 
         RegisterClient readClient = new RegisterClient(registrationClientUri);
         readClient.setRequest(readClientRequest);
         RegisterResponse readClientResponse = readClient.exec();
 
         showClient(readClient);
         assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
         assertNotNull(readClientResponse.getClientId());
         assertNotNull(readClientResponse.getClientSecret());
         assertNotNull(readClientResponse.getClientIdIssuedAt());
         assertNotNull(readClientResponse.getClientSecretExpiresAt());
 
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_METHOD.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_METHOD.toString()),
                 AuthenticationMethod.CLIENT_SECRET_JWT.toString());
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString()),
                 SignatureAlgorithm.HS384.toString());
         assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
         assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
         assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
         assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
         assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
         assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
 
         // 3. Request authorization
         List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
         List<String> scopes = Arrays.asList(
                 "openid",
                 "profile",
                 "address",
                 "email");
         String state = UUID.randomUUID().toString();
 
         AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
         authorizationRequest.setState(state);
 
         AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
                 authorizationEndpoint, authorizationRequest, userId, userSecret);
 
         assertNotNull(authorizationResponse.getLocation(), "The location is null");
         assertNotNull(authorizationResponse.getCode(), "The authorization code is null");
         assertNotNull(authorizationResponse.getState(), "The state is null");
         assertNotNull(authorizationResponse.getScope(), "The scope is null");
         assertNull(authorizationResponse.getIdToken(), "The id token is not null");
 
         String authorizationCode = authorizationResponse.getCode();
 
         // 4. Get Access Token
         OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
 
         TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
         tokenRequest.setAudience(tokenEndpoint);
         tokenRequest.setCode(authorizationCode);
         tokenRequest.setRedirectUri(redirectUri);
         tokenRequest.setAuthUsername(clientId);
         tokenRequest.setAuthPassword(clientSecret);
         tokenRequest.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_JWT);
         tokenRequest.setAlgorithm(SignatureAlgorithm.HS256);
         tokenRequest.setCryptoProvider(cryptoProvider);
 
         TokenClient tokenClient = new TokenClient(tokenEndpoint);
         tokenClient.setRequest(tokenRequest);
         TokenResponse tokenResponse = tokenClient.exec();
 
         showClient(tokenClient);
         assertEquals(tokenResponse.getStatus(), 401, "Unexpected response code: " + tokenResponse.getStatus());
         assertNotNull(tokenResponse.getErrorType(), "The error type is null");
         assertNotNull(tokenResponse.getErrorDescription(), "The error description is null");
     }

◆ tokenEndpointAuthMethodClientSecretJwtSigningAlgHS384Fail2()

void org.xdi.oxauth.ws.rs.TokenEndpointAuthMethodRestrictionHttpTest.tokenEndpointAuthMethodClientSecretJwtSigningAlgHS384Fail2	(	final String	redirectUris,
		final String	redirectUri,
		final String	userId,
		final String	userSecret,
		final String	dnName,
		final String	keyStoreFile,
		final String	keyStoreSecret,
		final String	sectorIdentifierUri
	)		throws Exception

inline

                                                                                                                                             {
         showTitle("tokenEndpointAuthMethodClientSecretJwtSigningAlgHS384Fail2");
 
         // 1. Register client
         RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
                 StringUtils.spaceSeparatedToList(redirectUris));
         registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.CLIENT_SECRET_JWT);
         registerRequest.setTokenEndpointAuthSigningAlg(SignatureAlgorithm.HS384);
         registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
 
         RegisterClient registerClient = new RegisterClient(registrationEndpoint);
         registerClient.setRequest(registerRequest);
         RegisterResponse registerResponse = registerClient.exec();
 
         showClient(registerClient);
         assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
         assertNotNull(registerResponse.getClientId());
         assertNotNull(registerResponse.getClientSecret());
         assertNotNull(registerResponse.getRegistrationAccessToken());
         assertNotNull(registerResponse.getClientIdIssuedAt());
         assertNotNull(registerResponse.getClientSecretExpiresAt());
 
         String clientId = registerResponse.getClientId();
         String clientSecret = registerResponse.getClientSecret();
         String registrationAccessToken = registerResponse.getRegistrationAccessToken();
         String registrationClientUri = registerResponse.getRegistrationClientUri();
 
         // 2. Client read
         RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
 
         RegisterClient readClient = new RegisterClient(registrationClientUri);
         readClient.setRequest(readClientRequest);
         RegisterResponse readClientResponse = readClient.exec();
 
         showClient(readClient);
         assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
         assertNotNull(readClientResponse.getClientId());
         assertNotNull(readClientResponse.getClientSecret());
         assertNotNull(readClientResponse.getClientIdIssuedAt());
         assertNotNull(readClientResponse.getClientSecretExpiresAt());
 
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_METHOD.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_METHOD.toString()),
                 AuthenticationMethod.CLIENT_SECRET_JWT.toString());
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString()),
                 SignatureAlgorithm.HS384.toString());
         assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
         assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
         assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
         assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
         assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
         assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
 
         // 3. Request authorization
         List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
         List<String> scopes = Arrays.asList(
                 "openid",
                 "profile",
                 "address",
                 "email");
         String state = UUID.randomUUID().toString();
 
         AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
         authorizationRequest.setState(state);
 
         AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
                 authorizationEndpoint, authorizationRequest, userId, userSecret);
 
         assertNotNull(authorizationResponse.getLocation(), "The location is null");
         assertNotNull(authorizationResponse.getCode(), "The authorization code is null");
         assertNotNull(authorizationResponse.getState(), "The state is null");
         assertNotNull(authorizationResponse.getScope(), "The scope is null");
         assertNull(authorizationResponse.getIdToken(), "The id token is not null");
 
         String authorizationCode = authorizationResponse.getCode();
 
         // 4. Get Access Token
         OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
 
         TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
         tokenRequest.setAudience(tokenEndpoint);
         tokenRequest.setCode(authorizationCode);
         tokenRequest.setRedirectUri(redirectUri);
         tokenRequest.setAuthUsername(clientId);
         tokenRequest.setAuthPassword(clientSecret);
         tokenRequest.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_JWT);
         tokenRequest.setAlgorithm(SignatureAlgorithm.HS512);
         tokenRequest.setCryptoProvider(cryptoProvider);
 
         TokenClient tokenClient = new TokenClient(tokenEndpoint);
         tokenClient.setRequest(tokenRequest);
         TokenResponse tokenResponse = tokenClient.exec();
 
         showClient(tokenClient);
         assertEquals(tokenResponse.getStatus(), 401, "Unexpected response code: " + tokenResponse.getStatus());
         assertNotNull(tokenResponse.getErrorType(), "The error type is null");
         assertNotNull(tokenResponse.getErrorDescription(), "The error description is null");
     }

◆ tokenEndpointAuthMethodClientSecretJwtSigningAlgHS512()

void org.xdi.oxauth.ws.rs.TokenEndpointAuthMethodRestrictionHttpTest.tokenEndpointAuthMethodClientSecretJwtSigningAlgHS512	(	final String	redirectUris,
		final String	redirectUri,
		final String	userId,
		final String	userSecret,
		final String	dnName,
		final String	keyStoreFile,
		final String	keyStoreSecret,
		final String	sectorIdentifierUri
	)		throws Exception

inline

                                                                                                                                             {
         showTitle("tokenEndpointAuthMethodClientSecretJwtSigningAlgHS512");
 
         // 1. Register client
         RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
                 StringUtils.spaceSeparatedToList(redirectUris));
         registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.CLIENT_SECRET_JWT);
         registerRequest.setTokenEndpointAuthSigningAlg(SignatureAlgorithm.HS512);
         registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
 
         RegisterClient registerClient = new RegisterClient(registrationEndpoint);
         registerClient.setRequest(registerRequest);
         RegisterResponse registerResponse = registerClient.exec();
 
         showClient(registerClient);
         assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
         assertNotNull(registerResponse.getClientId());
         assertNotNull(registerResponse.getClientSecret());
         assertNotNull(registerResponse.getRegistrationAccessToken());
         assertNotNull(registerResponse.getClientIdIssuedAt());
         assertNotNull(registerResponse.getClientSecretExpiresAt());
 
         String clientId = registerResponse.getClientId();
         String clientSecret = registerResponse.getClientSecret();
         String registrationAccessToken = registerResponse.getRegistrationAccessToken();
         String registrationClientUri = registerResponse.getRegistrationClientUri();
 
         // 2. Client read
         RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
 
         RegisterClient readClient = new RegisterClient(registrationClientUri);
         readClient.setRequest(readClientRequest);
         RegisterResponse readClientResponse = readClient.exec();
 
         showClient(readClient);
         assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
         assertNotNull(readClientResponse.getClientId());
         assertNotNull(readClientResponse.getClientSecret());
         assertNotNull(readClientResponse.getClientIdIssuedAt());
         assertNotNull(readClientResponse.getClientSecretExpiresAt());
 
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_METHOD.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_METHOD.toString()),
                 AuthenticationMethod.CLIENT_SECRET_JWT.toString());
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString()),
                 SignatureAlgorithm.HS512.toString());
         assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
         assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
         assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
         assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
         assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
         assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
 
         // 3. Request authorization
         List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
         List<String> scopes = Arrays.asList(
                 "openid",
                 "profile",
                 "address",
                 "email");
         String state = UUID.randomUUID().toString();
 
         AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
         authorizationRequest.setState(state);
 
         AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
                 authorizationEndpoint, authorizationRequest, userId, userSecret);
 
         assertNotNull(authorizationResponse.getLocation(), "The location is null");
         assertNotNull(authorizationResponse.getCode(), "The authorization code is null");
         assertNotNull(authorizationResponse.getState(), "The state is null");
         assertNotNull(authorizationResponse.getScope(), "The scope is null");
         assertNull(authorizationResponse.getIdToken(), "The id token is not null");
 
         String authorizationCode = authorizationResponse.getCode();
 
         // 4. Get Access Token
         OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
 
         TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
         tokenRequest.setAudience(tokenEndpoint);
         tokenRequest.setCode(authorizationCode);
         tokenRequest.setRedirectUri(redirectUri);
         tokenRequest.setAuthUsername(clientId);
         tokenRequest.setAuthPassword(clientSecret);
         tokenRequest.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_JWT);
         tokenRequest.setAlgorithm(SignatureAlgorithm.HS512);
         tokenRequest.setCryptoProvider(cryptoProvider);
 
         TokenClient tokenClient = new TokenClient(tokenEndpoint);
         tokenClient.setRequest(tokenRequest);
         TokenResponse tokenResponse = tokenClient.exec();
 
         showClient(tokenClient);
         assertEquals(tokenResponse.getStatus(), 200, "Unexpected response code: " + tokenResponse.getStatus());
         assertNotNull(tokenResponse.getEntity(), "The entity is null");
         assertNotNull(tokenResponse.getAccessToken(), "The access token is null");
         assertNotNull(tokenResponse.getExpiresIn(), "The expires in value is null");
         assertNotNull(tokenResponse.getTokenType(), "The token type is null");
         assertNotNull(tokenResponse.getRefreshToken(), "The refresh token is null");
     }

◆ tokenEndpointAuthMethodClientSecretJwtSigningAlgHS512Fail1()

void org.xdi.oxauth.ws.rs.TokenEndpointAuthMethodRestrictionHttpTest.tokenEndpointAuthMethodClientSecretJwtSigningAlgHS512Fail1	(	final String	redirectUris,
		final String	redirectUri,
		final String	userId,
		final String	userSecret,
		final String	dnName,
		final String	keyStoreFile,
		final String	keyStoreSecret,
		final String	sectorIdentifierUri
	)		throws Exception

inline

                                                                                                                                             {
         showTitle("tokenEndpointAuthMethodClientSecretJwtSigningAlgHS512Fail1");
 
         // 1. Register client
         RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
                 StringUtils.spaceSeparatedToList(redirectUris));
         registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.CLIENT_SECRET_JWT);
         registerRequest.setTokenEndpointAuthSigningAlg(SignatureAlgorithm.HS512);
         registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
 
         RegisterClient registerClient = new RegisterClient(registrationEndpoint);
         registerClient.setRequest(registerRequest);
         RegisterResponse registerResponse = registerClient.exec();
 
         showClient(registerClient);
         assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
         assertNotNull(registerResponse.getClientId());
         assertNotNull(registerResponse.getClientSecret());
         assertNotNull(registerResponse.getRegistrationAccessToken());
         assertNotNull(registerResponse.getClientIdIssuedAt());
         assertNotNull(registerResponse.getClientSecretExpiresAt());
 
         String clientId = registerResponse.getClientId();
         String clientSecret = registerResponse.getClientSecret();
         String registrationAccessToken = registerResponse.getRegistrationAccessToken();
         String registrationClientUri = registerResponse.getRegistrationClientUri();
 
         // 2. Client read
         RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
 
         RegisterClient readClient = new RegisterClient(registrationClientUri);
         readClient.setRequest(readClientRequest);
         RegisterResponse readClientResponse = readClient.exec();
 
         showClient(readClient);
         assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
         assertNotNull(readClientResponse.getClientId());
         assertNotNull(readClientResponse.getClientSecret());
         assertNotNull(readClientResponse.getClientIdIssuedAt());
         assertNotNull(readClientResponse.getClientSecretExpiresAt());
 
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_METHOD.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_METHOD.toString()),
                 AuthenticationMethod.CLIENT_SECRET_JWT.toString());
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString()),
                 SignatureAlgorithm.HS512.toString());
         assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
         assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
         assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
         assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
         assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
         assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
 
         // 3. Request authorization
         List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
         List<String> scopes = Arrays.asList(
                 "openid",
                 "profile",
                 "address",
                 "email");
         String state = UUID.randomUUID().toString();
 
         AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
         authorizationRequest.setState(state);
 
         AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
                 authorizationEndpoint, authorizationRequest, userId, userSecret);
 
         assertNotNull(authorizationResponse.getLocation(), "The location is null");
         assertNotNull(authorizationResponse.getCode(), "The authorization code is null");
         assertNotNull(authorizationResponse.getState(), "The state is null");
         assertNotNull(authorizationResponse.getScope(), "The scope is null");
         assertNull(authorizationResponse.getIdToken(), "The id token is not null");
 
         String authorizationCode = authorizationResponse.getCode();
 
         // 4. Get Access Token
         OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
 
         TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
         tokenRequest.setAudience(tokenEndpoint);
         tokenRequest.setCode(authorizationCode);
         tokenRequest.setRedirectUri(redirectUri);
         tokenRequest.setAuthUsername(clientId);
         tokenRequest.setAuthPassword(clientSecret);
         tokenRequest.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_JWT);
         tokenRequest.setAlgorithm(SignatureAlgorithm.HS256);
         tokenRequest.setCryptoProvider(cryptoProvider);
 
         TokenClient tokenClient = new TokenClient(tokenEndpoint);
         tokenClient.setRequest(tokenRequest);
         TokenResponse tokenResponse = tokenClient.exec();
 
         showClient(tokenClient);
         assertEquals(tokenResponse.getStatus(), 401, "Unexpected response code: " + tokenResponse.getStatus());
         assertNotNull(tokenResponse.getErrorType(), "The error type is null");
         assertNotNull(tokenResponse.getErrorDescription(), "The error description is null");
     }

◆ tokenEndpointAuthMethodClientSecretJwtSigningAlgHS512Fail2()

void org.xdi.oxauth.ws.rs.TokenEndpointAuthMethodRestrictionHttpTest.tokenEndpointAuthMethodClientSecretJwtSigningAlgHS512Fail2	(	final String	redirectUris,
		final String	redirectUri,
		final String	userId,
		final String	userSecret,
		final String	dnName,
		final String	keyStoreFile,
		final String	keyStoreSecret,
		final String	sectorIdentifierUri
	)		throws Exception

inline

                                                                                                                                             {
         showTitle("tokenEndpointAuthMethodClientSecretJwtSigningAlgHS512Fail2");
 
         // 1. Register client
         RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
                 StringUtils.spaceSeparatedToList(redirectUris));
         registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.CLIENT_SECRET_JWT);
         registerRequest.setTokenEndpointAuthSigningAlg(SignatureAlgorithm.HS512);
         registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
 
         RegisterClient registerClient = new RegisterClient(registrationEndpoint);
         registerClient.setRequest(registerRequest);
         RegisterResponse registerResponse = registerClient.exec();
 
         showClient(registerClient);
         assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
         assertNotNull(registerResponse.getClientId());
         assertNotNull(registerResponse.getClientSecret());
         assertNotNull(registerResponse.getRegistrationAccessToken());
         assertNotNull(registerResponse.getClientIdIssuedAt());
         assertNotNull(registerResponse.getClientSecretExpiresAt());
 
         String clientId = registerResponse.getClientId();
         String clientSecret = registerResponse.getClientSecret();
         String registrationAccessToken = registerResponse.getRegistrationAccessToken();
         String registrationClientUri = registerResponse.getRegistrationClientUri();
 
         // 2. Client read
         RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
 
         RegisterClient readClient = new RegisterClient(registrationClientUri);
         readClient.setRequest(readClientRequest);
         RegisterResponse readClientResponse = readClient.exec();
 
         showClient(readClient);
         assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
         assertNotNull(readClientResponse.getClientId());
         assertNotNull(readClientResponse.getClientSecret());
         assertNotNull(readClientResponse.getClientIdIssuedAt());
         assertNotNull(readClientResponse.getClientSecretExpiresAt());
 
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_METHOD.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_METHOD.toString()),
                 AuthenticationMethod.CLIENT_SECRET_JWT.toString());
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString()),
                 SignatureAlgorithm.HS512.toString());
         assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
         assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
         assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
         assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
         assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
         assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
 
         // 3. Request authorization
         List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
         List<String> scopes = Arrays.asList(
                 "openid",
                 "profile",
                 "address",
                 "email");
         String state = UUID.randomUUID().toString();
 
         AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
         authorizationRequest.setState(state);
 
         AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
                 authorizationEndpoint, authorizationRequest, userId, userSecret);
 
         assertNotNull(authorizationResponse.getLocation(), "The location is null");
         assertNotNull(authorizationResponse.getCode(), "The authorization code is null");
         assertNotNull(authorizationResponse.getState(), "The state is null");
         assertNotNull(authorizationResponse.getScope(), "The scope is null");
         assertNull(authorizationResponse.getIdToken(), "The id token is not null");
 
         String authorizationCode = authorizationResponse.getCode();
 
         // 4. Get Access Token
         OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
 
         TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
         tokenRequest.setAudience(tokenEndpoint);
         tokenRequest.setCode(authorizationCode);
         tokenRequest.setRedirectUri(redirectUri);
         tokenRequest.setAuthUsername(clientId);
         tokenRequest.setAuthPassword(clientSecret);
         tokenRequest.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_JWT);
         tokenRequest.setAlgorithm(SignatureAlgorithm.HS384);
         tokenRequest.setCryptoProvider(cryptoProvider);
 
         TokenClient tokenClient = new TokenClient(tokenEndpoint);
         tokenClient.setRequest(tokenRequest);
         TokenResponse tokenResponse = tokenClient.exec();
 
         showClient(tokenClient);
         assertEquals(tokenResponse.getStatus(), 401, "Unexpected response code: " + tokenResponse.getStatus());
         assertNotNull(tokenResponse.getErrorType(), "The error type is null");
         assertNotNull(tokenResponse.getErrorDescription(), "The error description is null");
     }

◆ tokenEndpointAuthMethodClientSecretPost()

void org.xdi.oxauth.ws.rs.TokenEndpointAuthMethodRestrictionHttpTest.tokenEndpointAuthMethodClientSecretPost	(	final String	redirectUris,
		final String	redirectUri,
		final String	userId,
		final String	userSecret,
		final String	sectorIdentifierUri
	)		throws Exception

inline

Register a client with Token Endpoint Auth Method client_secret_post. Read client to check whether it is using the Token Endpoint Auth Method client_secret_post. Request authorization code. Call to Token Endpoint with Auth Method client_secret_post.

                                                                {
         showTitle("tokenEndpointAuthMethodClientSecretPost");
 
         // 1. Register client
         RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
                 StringUtils.spaceSeparatedToList(redirectUris));
         registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.CLIENT_SECRET_POST);
         registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
 
         RegisterClient registerClient = new RegisterClient(registrationEndpoint);
         registerClient.setRequest(registerRequest);
         RegisterResponse registerResponse = registerClient.exec();
 
         showClient(registerClient);
         assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
         assertNotNull(registerResponse.getClientId());
         assertNotNull(registerResponse.getClientSecret());
         assertNotNull(registerResponse.getRegistrationAccessToken());
         assertNotNull(registerResponse.getClientIdIssuedAt());
         assertNotNull(registerResponse.getClientSecretExpiresAt());
 
         String clientId = registerResponse.getClientId();
         String clientSecret = registerResponse.getClientSecret();
         String registrationAccessToken = registerResponse.getRegistrationAccessToken();
         String registrationClientUri = registerResponse.getRegistrationClientUri();
 
         // 2. Client read
         RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
 
         RegisterClient readClient = new RegisterClient(registrationClientUri);
         readClient.setRequest(readClientRequest);
         RegisterResponse readClientResponse = readClient.exec();
 
         showClient(readClient);
         assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
         assertNotNull(readClientResponse.getClientId());
         assertNotNull(readClientResponse.getClientSecret());
         assertNotNull(readClientResponse.getClientIdIssuedAt());
         assertNotNull(readClientResponse.getClientSecretExpiresAt());
 
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_METHOD.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_METHOD.toString()),
                 AuthenticationMethod.CLIENT_SECRET_POST.toString());
         assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
         assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
         assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
         assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
         assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
         assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
 
         // 3. Request authorization
         List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
         List<String> scopes = Arrays.asList(
                 "openid",
                 "profile",
                 "address",
                 "email");
         String state = UUID.randomUUID().toString();
 
         AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
         authorizationRequest.setState(state);
 
         AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
                 authorizationEndpoint, authorizationRequest, userId, userSecret);
 
         assertNotNull(authorizationResponse.getLocation(), "The location is null");
         assertNotNull(authorizationResponse.getCode(), "The authorization code is null");
         assertNotNull(authorizationResponse.getState(), "The state is null");
         assertNotNull(authorizationResponse.getScope(), "The scope is null");
         assertNull(authorizationResponse.getIdToken(), "The id token is not null");
 
         String authorizationCode = authorizationResponse.getCode();
 
         // 4. Get Access Token
         TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
         tokenRequest.setCode(authorizationCode);
         tokenRequest.setRedirectUri(redirectUri);
         tokenRequest.setAuthUsername(clientId);
         tokenRequest.setAuthPassword(clientSecret);
         tokenRequest.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_POST);
 
         TokenClient tokenClient = new TokenClient(tokenEndpoint);
         tokenClient.setRequest(tokenRequest);
         TokenResponse tokenResponse = tokenClient.exec();
 
         showClient(tokenClient);
         assertEquals(tokenResponse.getStatus(), 200, "Unexpected response code: " + tokenResponse.getStatus());
         assertNotNull(tokenResponse.getEntity(), "The entity is null");
         assertNotNull(tokenResponse.getAccessToken(), "The access token is null");
         assertNotNull(tokenResponse.getExpiresIn(), "The expires in value is null");
         assertNotNull(tokenResponse.getTokenType(), "The token type is null");
         assertNotNull(tokenResponse.getRefreshToken(), "The refresh token is null");
     }

◆ tokenEndpointAuthMethodClientSecretPostFail1()

void org.xdi.oxauth.ws.rs.TokenEndpointAuthMethodRestrictionHttpTest.tokenEndpointAuthMethodClientSecretPostFail1	(	final String	redirectUris,
		final String	redirectUri,
		final String	userId,
		final String	userSecret,
		final String	sectorIdentifierUri
	)		throws Exception

inline

Fail 1: Call to Token Endpoint with Auth Method client_secret_basic should fail.

                                                                {
         showTitle("tokenEndpointAuthMethodClientSecretPostFail1");
 
         // 1. Register client
         RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
                 StringUtils.spaceSeparatedToList(redirectUris));
         registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.CLIENT_SECRET_POST);
         registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
 
         RegisterClient registerClient = new RegisterClient(registrationEndpoint);
         registerClient.setRequest(registerRequest);
         RegisterResponse registerResponse = registerClient.exec();
 
         showClient(registerClient);
         assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
         assertNotNull(registerResponse.getClientId());
         assertNotNull(registerResponse.getClientSecret());
         assertNotNull(registerResponse.getRegistrationAccessToken());
         assertNotNull(registerResponse.getClientIdIssuedAt());
         assertNotNull(registerResponse.getClientSecretExpiresAt());
 
         String clientId = registerResponse.getClientId();
         String clientSecret = registerResponse.getClientSecret();
         String registrationAccessToken = registerResponse.getRegistrationAccessToken();
         String registrationClientUri = registerResponse.getRegistrationClientUri();
 
         // 2. Client read
         RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
 
         RegisterClient readClient = new RegisterClient(registrationClientUri);
         readClient.setRequest(readClientRequest);
         RegisterResponse readClientResponse = readClient.exec();
 
         showClient(readClient);
         assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
         assertNotNull(readClientResponse.getClientId());
         assertNotNull(readClientResponse.getClientSecret());
         assertNotNull(readClientResponse.getClientIdIssuedAt());
         assertNotNull(readClientResponse.getClientSecretExpiresAt());
 
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_METHOD.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_METHOD.toString()),
                 AuthenticationMethod.CLIENT_SECRET_POST.toString());
         assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
         assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
         assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
         assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
         assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
         assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
 
         // 3. Request authorization
         List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
         List<String> scopes = Arrays.asList(
                 "openid",
                 "profile",
                 "address",
                 "email");
         String state = UUID.randomUUID().toString();
 
         AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
         authorizationRequest.setState(state);
 
         AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
                 authorizationEndpoint, authorizationRequest, userId, userSecret);
 
         assertNotNull(authorizationResponse.getLocation(), "The location is null");
         assertNotNull(authorizationResponse.getCode(), "The authorization code is null");
         assertNotNull(authorizationResponse.getState(), "The state is null");
         assertNotNull(authorizationResponse.getScope(), "The scope is null");
         assertNull(authorizationResponse.getIdToken(), "The id token is not null");
 
         String authorizationCode = authorizationResponse.getCode();
 
         // 4. Get Access Token
         TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
         tokenRequest.setCode(authorizationCode);
         tokenRequest.setRedirectUri(redirectUri);
         tokenRequest.setAuthUsername(clientId);
         tokenRequest.setAuthPassword(clientSecret);
         tokenRequest.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_BASIC);
 
         TokenClient tokenClient = new TokenClient(tokenEndpoint);
         tokenClient.setRequest(tokenRequest);
         TokenResponse tokenResponse = tokenClient.exec();
 
         showClient(tokenClient);
         assertEquals(tokenResponse.getStatus(), 401, "Unexpected response code: " + tokenResponse.getStatus());
         assertNotNull(tokenResponse.getErrorType(), "The error type is null");
         assertNotNull(tokenResponse.getErrorDescription(), "The error description is null");
     }

◆ tokenEndpointAuthMethodClientSecretPostFail2()

void org.xdi.oxauth.ws.rs.TokenEndpointAuthMethodRestrictionHttpTest.tokenEndpointAuthMethodClientSecretPostFail2	(	final String	redirectUris,
		final String	redirectUri,
		final String	userId,
		final String	userSecret,
		final String	sectorIdentifierUri
	)		throws Exception

inline

Fail 2: Call to Token Endpoint with Auth Method client_secret_jwt should fail.

                                                                {
         showTitle("tokenEndpointAuthMethodClientSecretPostFail2");
 
         // 1. Register client
         RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
                 StringUtils.spaceSeparatedToList(redirectUris));
         registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.CLIENT_SECRET_POST);
         registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
 
         RegisterClient registerClient = new RegisterClient(registrationEndpoint);
         registerClient.setRequest(registerRequest);
         RegisterResponse registerResponse = registerClient.exec();
 
         showClient(registerClient);
         assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
         assertNotNull(registerResponse.getClientId());
         assertNotNull(registerResponse.getClientSecret());
         assertNotNull(registerResponse.getRegistrationAccessToken());
         assertNotNull(registerResponse.getClientIdIssuedAt());
         assertNotNull(registerResponse.getClientSecretExpiresAt());
 
         String clientId = registerResponse.getClientId();
         String clientSecret = registerResponse.getClientSecret();
         String registrationAccessToken = registerResponse.getRegistrationAccessToken();
         String registrationClientUri = registerResponse.getRegistrationClientUri();
 
         // 2. Client read
         RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
 
         RegisterClient readClient = new RegisterClient(registrationClientUri);
         readClient.setRequest(readClientRequest);
         RegisterResponse readClientResponse = readClient.exec();
 
         showClient(readClient);
         assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
         assertNotNull(readClientResponse.getClientId());
         assertNotNull(readClientResponse.getClientSecret());
         assertNotNull(readClientResponse.getClientIdIssuedAt());
         assertNotNull(readClientResponse.getClientSecretExpiresAt());
 
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_METHOD.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_METHOD.toString()),
                 AuthenticationMethod.CLIENT_SECRET_POST.toString());
         assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
         assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
         assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
         assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
         assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
         assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
 
         // 3. Request authorization
         List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
         List<String> scopes = Arrays.asList(
                 "openid",
                 "profile",
                 "address",
                 "email");
         String state = UUID.randomUUID().toString();
 
         AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
         authorizationRequest.setState(state);
 
         AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
                 authorizationEndpoint, authorizationRequest, userId, userSecret);
 
         assertNotNull(authorizationResponse.getLocation(), "The location is null");
         assertNotNull(authorizationResponse.getCode(), "The authorization code is null");
         assertNotNull(authorizationResponse.getState(), "The state is null");
         assertNotNull(authorizationResponse.getScope(), "The scope is null");
         assertNull(authorizationResponse.getIdToken(), "The id token is not null");
 
         String authorizationCode = authorizationResponse.getCode();
 
         // 4. Get Access Token
         TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
         tokenRequest.setAudience(tokenEndpoint);
         tokenRequest.setCode(authorizationCode);
         tokenRequest.setRedirectUri(redirectUri);
         tokenRequest.setAuthUsername(clientId);
         tokenRequest.setAuthPassword(clientSecret);
         tokenRequest.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_JWT);
 
         TokenClient tokenClient = new TokenClient(tokenEndpoint);
         tokenClient.setRequest(tokenRequest);
         TokenResponse tokenResponse = tokenClient.exec();
 
         showClient(tokenClient);
         assertEquals(tokenResponse.getStatus(), 401, "Unexpected response code: " + tokenResponse.getStatus());
         assertNotNull(tokenResponse.getErrorType(), "The error type is null");
         assertNotNull(tokenResponse.getErrorDescription(), "The error description is null");
     }

◆ tokenEndpointAuthMethodClientSecretPostFail3()

void org.xdi.oxauth.ws.rs.TokenEndpointAuthMethodRestrictionHttpTest.tokenEndpointAuthMethodClientSecretPostFail3	(	final String	redirectUris,
		final String	redirectUri,
		final String	userId,
		final String	userSecret,
		final String	keyId,
		final String	keyStoreFile,
		final String	keyStoreSecret,
		final String	sectorIdentifierUri
	)		throws Exception

inline

Fail 3: Call to Token Endpoint with Auth Method private_key_jwt should fail.

                                                                                                                                            {
         showTitle("tokenEndpointAuthMethodClientSecretPostFail3");
 
         // 1. Register client
         RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
                 StringUtils.spaceSeparatedToList(redirectUris));
         registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.CLIENT_SECRET_POST);
         registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
 
         RegisterClient registerClient = new RegisterClient(registrationEndpoint);
         registerClient.setRequest(registerRequest);
         RegisterResponse registerResponse = registerClient.exec();
 
         showClient(registerClient);
         assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
         assertNotNull(registerResponse.getClientId());
         assertNotNull(registerResponse.getClientSecret());
         assertNotNull(registerResponse.getRegistrationAccessToken());
         assertNotNull(registerResponse.getClientIdIssuedAt());
         assertNotNull(registerResponse.getClientSecretExpiresAt());
 
         String clientId = registerResponse.getClientId();
         String clientSecret = registerResponse.getClientSecret();
         String registrationAccessToken = registerResponse.getRegistrationAccessToken();
         String registrationClientUri = registerResponse.getRegistrationClientUri();
 
         // 2. Client read
         RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
 
         RegisterClient readClient = new RegisterClient(registrationClientUri);
         readClient.setRequest(readClientRequest);
         RegisterResponse readClientResponse = readClient.exec();
 
         showClient(readClient);
         assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
         assertNotNull(readClientResponse.getClientId());
         assertNotNull(readClientResponse.getClientSecret());
         assertNotNull(readClientResponse.getClientIdIssuedAt());
         assertNotNull(readClientResponse.getClientSecretExpiresAt());
 
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_METHOD.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_METHOD.toString()),
                 AuthenticationMethod.CLIENT_SECRET_POST.toString());
         assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
         assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
         assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
         assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
         assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
         assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
 
         // 3. Request authorization
         List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
         List<String> scopes = Arrays.asList(
                 "openid",
                 "profile",
                 "address",
                 "email");
         String state = UUID.randomUUID().toString();
 
         AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
         authorizationRequest.setState(state);
 
         AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
                 authorizationEndpoint, authorizationRequest, userId, userSecret);
 
         assertNotNull(authorizationResponse.getLocation(), "The location is null");
         assertNotNull(authorizationResponse.getCode(), "The authorization code is null");
         assertNotNull(authorizationResponse.getState(), "The state is null");
         assertNotNull(authorizationResponse.getScope(), "The scope is null");
         assertNull(authorizationResponse.getIdToken(), "The id token is not null");
 
         String authorizationCode = authorizationResponse.getCode();
 
         // 4. Get Access Token
         OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, null);
 
         TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
         tokenRequest.setAuthenticationMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
         tokenRequest.setAlgorithm(SignatureAlgorithm.RS256);
         tokenRequest.setKeyId(keyId);
         tokenRequest.setCryptoProvider(cryptoProvider);
         tokenRequest.setAudience(tokenEndpoint);
         tokenRequest.setCode(authorizationCode);
         tokenRequest.setRedirectUri(redirectUri);
         tokenRequest.setAuthUsername(clientId);
         tokenRequest.setAuthPassword(clientSecret);
 
 
         TokenClient tokenClient = new TokenClient(tokenEndpoint);
         tokenClient.setRequest(tokenRequest);
         TokenResponse tokenResponse = tokenClient.exec();
 
         showClient(tokenClient);
         assertEquals(tokenResponse.getStatus(), 401, "Unexpected response code: " + tokenResponse.getStatus());
         assertNotNull(tokenResponse.getErrorType(), "The error type is null");
         assertNotNull(tokenResponse.getErrorDescription(), "The error description is null");
     }

◆ tokenEndpointAuthMethodPrivateKeyJwt()

void org.xdi.oxauth.ws.rs.TokenEndpointAuthMethodRestrictionHttpTest.tokenEndpointAuthMethodPrivateKeyJwt	(	final String	redirectUris,
		final String	redirectUri,
		final String	userId,
		final String	userSecret,
		final String	clientJwksUri,
		final String	keyId,
		final String	dnName,
		final String	keyStoreFile,
		final String	keyStoreSecret,
		final String	sectorIdentifierUri
	)		throws Exception

inline

Register a client with Token Endpoint Auth Method private_key_jwt. Read client to check whether it is using the Token Endpoint Auth Method private_key_jwt. Request authorization code. Call to Token Endpoint with Auth Method private_key_jwt.

                                                                                             {
         showTitle("tokenEndpointAuthMethodPrivateKeyJwt");
 
         // 1. Register client
         RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
                 StringUtils.spaceSeparatedToList(redirectUris));
         registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
         registerRequest.setJwksUri(clientJwksUri);
         registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
 
         RegisterClient registerClient = new RegisterClient(registrationEndpoint);
         registerClient.setRequest(registerRequest);
         RegisterResponse registerResponse = registerClient.exec();
 
         showClient(registerClient);
         assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
         assertNotNull(registerResponse.getClientId());
         assertNotNull(registerResponse.getClientSecret());
         assertNotNull(registerResponse.getRegistrationAccessToken());
         assertNotNull(registerResponse.getClientIdIssuedAt());
         assertNotNull(registerResponse.getClientSecretExpiresAt());
 
         String clientId = registerResponse.getClientId();
         String registrationAccessToken = registerResponse.getRegistrationAccessToken();
         String registrationClientUri = registerResponse.getRegistrationClientUri();
 
         // 2. Client read
         RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
 
         RegisterClient readClient = new RegisterClient(registrationClientUri);
         readClient.setRequest(readClientRequest);
         RegisterResponse readClientResponse = readClient.exec();
 
         showClient(readClient);
         assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
         assertNotNull(readClientResponse.getClientId());
         assertNotNull(readClientResponse.getClientSecret());
         assertNotNull(readClientResponse.getClientIdIssuedAt());
         assertNotNull(readClientResponse.getClientSecretExpiresAt());
 
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_METHOD.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_METHOD.toString()),
                 AuthenticationMethod.PRIVATE_KEY_JWT.toString());
         assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
         assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
         assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
         assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
         assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
         assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
 
         // 3. Request authorization
         List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
         List<String> scopes = Arrays.asList(
                 "openid",
                 "profile",
                 "address",
                 "email");
         String state = UUID.randomUUID().toString();
 
         AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
         authorizationRequest.setState(state);
 
         AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
                 authorizationEndpoint, authorizationRequest, userId, userSecret);
 
         assertNotNull(authorizationResponse.getLocation(), "The location is null");
         assertNotNull(authorizationResponse.getCode(), "The authorization code is null");
         assertNotNull(authorizationResponse.getState(), "The state is null");
         assertNotNull(authorizationResponse.getScope(), "The scope is null");
         assertNull(authorizationResponse.getIdToken(), "The id token is not null");
 
         String authorizationCode = authorizationResponse.getCode();
 
         // 4. Get Access Token
         OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
 
         TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
         tokenRequest.setAuthenticationMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
         tokenRequest.setAlgorithm(SignatureAlgorithm.RS256);
         tokenRequest.setCryptoProvider(cryptoProvider);
         tokenRequest.setKeyId(keyId);
         tokenRequest.setAudience(tokenEndpoint);
         tokenRequest.setCode(authorizationCode);
         tokenRequest.setRedirectUri(redirectUri);
         tokenRequest.setAuthUsername(clientId);
 
         TokenClient tokenClient = new TokenClient(tokenEndpoint);
         tokenClient.setRequest(tokenRequest);
         TokenResponse tokenResponse = tokenClient.exec();
 
         showClient(tokenClient);
         assertEquals(tokenResponse.getStatus(), 200, "Unexpected response code: " + tokenResponse.getStatus());
         assertNotNull(tokenResponse.getEntity(), "The entity is null");
         assertNotNull(tokenResponse.getAccessToken(), "The access token is null");
         assertNotNull(tokenResponse.getExpiresIn(), "The expires in value is null");
         assertNotNull(tokenResponse.getTokenType(), "The token type is null");
         assertNotNull(tokenResponse.getRefreshToken(), "The refresh token is null");
     }

◆ tokenEndpointAuthMethodPrivateKeyJwtES256()

void org.xdi.oxauth.ws.rs.TokenEndpointAuthMethodRestrictionHttpTest.tokenEndpointAuthMethodPrivateKeyJwtES256	(	final String	redirectUris,
		final String	redirectUri,
		final String	userId,
		final String	userSecret,
		final String	clientJwksUri,
		final String	keyId,
		final String	dnName,
		final String	keyStoreFile,
		final String	keyStoreSecret,
		final String	sectorIdentifierUri
	)		throws Exception

inline

                                                                                             {
         showTitle("tokenEndpointAuthMethodPrivateKeyJwtES256");
 
         // 1. Register client
         RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
                 StringUtils.spaceSeparatedToList(redirectUris));
         registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
         registerRequest.setJwksUri(clientJwksUri);
         registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
 
         RegisterClient registerClient = new RegisterClient(registrationEndpoint);
         registerClient.setRequest(registerRequest);
         RegisterResponse registerResponse = registerClient.exec();
 
         showClient(registerClient);
         assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
         assertNotNull(registerResponse.getClientId());
         assertNotNull(registerResponse.getClientSecret());
         assertNotNull(registerResponse.getRegistrationAccessToken());
         assertNotNull(registerResponse.getClientIdIssuedAt());
         assertNotNull(registerResponse.getClientSecretExpiresAt());
 
         String clientId = registerResponse.getClientId();
         String registrationAccessToken = registerResponse.getRegistrationAccessToken();
         String registrationClientUri = registerResponse.getRegistrationClientUri();
 
         // 2. Client read
         RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
 
         RegisterClient readClient = new RegisterClient(registrationClientUri);
         readClient.setRequest(readClientRequest);
         RegisterResponse readClientResponse = readClient.exec();
 
         showClient(readClient);
         assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
         assertNotNull(readClientResponse.getClientId());
         assertNotNull(readClientResponse.getClientSecret());
         assertNotNull(readClientResponse.getClientIdIssuedAt());
         assertNotNull(readClientResponse.getClientSecretExpiresAt());
 
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_METHOD.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_METHOD.toString()),
                 AuthenticationMethod.PRIVATE_KEY_JWT.toString());
         assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
         assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
         assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
         assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
         assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
         assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
 
         // 3. Request authorization
         List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
         List<String> scopes = Arrays.asList(
                 "openid",
                 "profile",
                 "address",
                 "email");
         String state = UUID.randomUUID().toString();
 
         AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
         authorizationRequest.setState(state);
 
         AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
                 authorizationEndpoint, authorizationRequest, userId, userSecret);
 
         assertNotNull(authorizationResponse.getLocation(), "The location is null");
         assertNotNull(authorizationResponse.getCode(), "The authorization code is null");
         assertNotNull(authorizationResponse.getState(), "The state is null");
         assertNotNull(authorizationResponse.getScope(), "The scope is null");
         assertNull(authorizationResponse.getIdToken(), "The id token is not null");
 
         String authorizationCode = authorizationResponse.getCode();
 
         // 4. Get Access Token
         OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
 
         TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
         tokenRequest.setAuthenticationMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
         tokenRequest.setAlgorithm(SignatureAlgorithm.ES256);
         tokenRequest.setCryptoProvider(cryptoProvider);
         tokenRequest.setKeyId(keyId);
         tokenRequest.setAudience(tokenEndpoint);
         tokenRequest.setCode(authorizationCode);
         tokenRequest.setRedirectUri(redirectUri);
         tokenRequest.setAuthUsername(clientId);
 
         TokenClient tokenClient = new TokenClient(tokenEndpoint);
         tokenClient.setRequest(tokenRequest);
         TokenResponse tokenResponse = tokenClient.exec();
 
         showClient(tokenClient);
         assertEquals(tokenResponse.getStatus(), 200, "Unexpected response code: " + tokenResponse.getStatus());
         assertNotNull(tokenResponse.getEntity(), "The entity is null");
         assertNotNull(tokenResponse.getAccessToken(), "The access token is null");
         assertNotNull(tokenResponse.getExpiresIn(), "The expires in value is null");
         assertNotNull(tokenResponse.getTokenType(), "The token type is null");
         assertNotNull(tokenResponse.getRefreshToken(), "The refresh token is null");
     }

◆ tokenEndpointAuthMethodPrivateKeyJwtES384()

void org.xdi.oxauth.ws.rs.TokenEndpointAuthMethodRestrictionHttpTest.tokenEndpointAuthMethodPrivateKeyJwtES384	(	final String	redirectUris,
		final String	redirectUri,
		final String	userId,
		final String	userSecret,
		final String	clientJwksUri,
		final String	keyId,
		final String	dnName,
		final String	keyStoreFile,
		final String	keyStoreSecret,
		final String	sectorIdentifierUri
	)		throws Exception

inline

                                                                                             {
         showTitle("tokenEndpointAuthMethodPrivateKeyJwtES384");
 
         // 1. Register client
         RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
                 StringUtils.spaceSeparatedToList(redirectUris));
         registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
         registerRequest.setJwksUri(clientJwksUri);
         registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
 
         RegisterClient registerClient = new RegisterClient(registrationEndpoint);
         registerClient.setRequest(registerRequest);
         RegisterResponse registerResponse = registerClient.exec();
 
         showClient(registerClient);
         assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
         assertNotNull(registerResponse.getClientId());
         assertNotNull(registerResponse.getClientSecret());
         assertNotNull(registerResponse.getRegistrationAccessToken());
         assertNotNull(registerResponse.getClientIdIssuedAt());
         assertNotNull(registerResponse.getClientSecretExpiresAt());
 
         String clientId = registerResponse.getClientId();
         String registrationAccessToken = registerResponse.getRegistrationAccessToken();
         String registrationClientUri = registerResponse.getRegistrationClientUri();
 
         // 2. Client read
         RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
 
         RegisterClient readClient = new RegisterClient(registrationClientUri);
         readClient.setRequest(readClientRequest);
         RegisterResponse readClientResponse = readClient.exec();
 
         showClient(readClient);
         assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
         assertNotNull(readClientResponse.getClientId());
         assertNotNull(readClientResponse.getClientSecret());
         assertNotNull(readClientResponse.getClientIdIssuedAt());
         assertNotNull(readClientResponse.getClientSecretExpiresAt());
 
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_METHOD.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_METHOD.toString()),
                 AuthenticationMethod.PRIVATE_KEY_JWT.toString());
         assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
         assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
         assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
         assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
         assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
         assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
 
         // 3. Request authorization
         List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
         List<String> scopes = Arrays.asList(
                 "openid",
                 "profile",
                 "address",
                 "email");
         String state = UUID.randomUUID().toString();
 
         AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
         authorizationRequest.setState(state);
 
         AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
                 authorizationEndpoint, authorizationRequest, userId, userSecret);
 
         assertNotNull(authorizationResponse.getLocation(), "The location is null");
         assertNotNull(authorizationResponse.getCode(), "The authorization code is null");
         assertNotNull(authorizationResponse.getState(), "The state is null");
         assertNotNull(authorizationResponse.getScope(), "The scope is null");
         assertNull(authorizationResponse.getIdToken(), "The id token is not null");
 
         String authorizationCode = authorizationResponse.getCode();
 
         // 4. Get Access Token
         OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
 
         TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
         tokenRequest.setAuthenticationMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
         tokenRequest.setAlgorithm(SignatureAlgorithm.ES384);
         tokenRequest.setCryptoProvider(cryptoProvider);
         tokenRequest.setKeyId(keyId);
         tokenRequest.setAudience(tokenEndpoint);
         tokenRequest.setCode(authorizationCode);
         tokenRequest.setRedirectUri(redirectUri);
         tokenRequest.setAuthUsername(clientId);
 
         TokenClient tokenClient = new TokenClient(tokenEndpoint);
         tokenClient.setRequest(tokenRequest);
         TokenResponse tokenResponse = tokenClient.exec();
 
         showClient(tokenClient);
         assertEquals(tokenResponse.getStatus(), 200, "Unexpected response code: " + tokenResponse.getStatus());
         assertNotNull(tokenResponse.getEntity(), "The entity is null");
         assertNotNull(tokenResponse.getAccessToken(), "The access token is null");
         assertNotNull(tokenResponse.getExpiresIn(), "The expires in value is null");
         assertNotNull(tokenResponse.getTokenType(), "The token type is null");
         assertNotNull(tokenResponse.getRefreshToken(), "The refresh token is null");
     }

◆ tokenEndpointAuthMethodPrivateKeyJwtES512()

void org.xdi.oxauth.ws.rs.TokenEndpointAuthMethodRestrictionHttpTest.tokenEndpointAuthMethodPrivateKeyJwtES512	(	final String	redirectUris,
		final String	redirectUri,
		final String	userId,
		final String	userSecret,
		final String	clientJwksUri,
		final String	keyId,
		final String	dnName,
		final String	keyStoreFile,
		final String	keyStoreSecret,
		final String	sectorIdentifierUri
	)		throws Exception

inline

                                                                                             {
         showTitle("tokenEndpointAuthMethodPrivateKeyJwtES512");
 
         // 1. Register client
         RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
                 StringUtils.spaceSeparatedToList(redirectUris));
         registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
         registerRequest.setJwksUri(clientJwksUri);
         registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
 
         RegisterClient registerClient = new RegisterClient(registrationEndpoint);
         registerClient.setRequest(registerRequest);
         RegisterResponse registerResponse = registerClient.exec();
 
         showClient(registerClient);
         assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
         assertNotNull(registerResponse.getClientId());
         assertNotNull(registerResponse.getClientSecret());
         assertNotNull(registerResponse.getRegistrationAccessToken());
         assertNotNull(registerResponse.getClientIdIssuedAt());
         assertNotNull(registerResponse.getClientSecretExpiresAt());
 
         String clientId = registerResponse.getClientId();
         String registrationAccessToken = registerResponse.getRegistrationAccessToken();
         String registrationClientUri = registerResponse.getRegistrationClientUri();
 
         // 2. Client read
         RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
 
         RegisterClient readClient = new RegisterClient(registrationClientUri);
         readClient.setRequest(readClientRequest);
         RegisterResponse readClientResponse = readClient.exec();
 
         showClient(readClient);
         assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
         assertNotNull(readClientResponse.getClientId());
         assertNotNull(readClientResponse.getClientSecret());
         assertNotNull(readClientResponse.getClientIdIssuedAt());
         assertNotNull(readClientResponse.getClientSecretExpiresAt());
 
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_METHOD.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_METHOD.toString()),
                 AuthenticationMethod.PRIVATE_KEY_JWT.toString());
         assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
         assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
         assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
         assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
         assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
         assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
 
         // 3. Request authorization
         List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
         List<String> scopes = Arrays.asList(
                 "openid",
                 "profile",
                 "address",
                 "email");
         String state = UUID.randomUUID().toString();
 
         AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
         authorizationRequest.setState(state);
 
         AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
                 authorizationEndpoint, authorizationRequest, userId, userSecret);
 
         assertNotNull(authorizationResponse.getLocation(), "The location is null");
         assertNotNull(authorizationResponse.getCode(), "The authorization code is null");
         assertNotNull(authorizationResponse.getState(), "The state is null");
         assertNotNull(authorizationResponse.getScope(), "The scope is null");
         assertNull(authorizationResponse.getIdToken(), "The id token is not null");
 
         String authorizationCode = authorizationResponse.getCode();
 
         // 4. Get Access Token
         OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
 
         TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
         tokenRequest.setAuthenticationMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
         tokenRequest.setAlgorithm(SignatureAlgorithm.ES512);
         tokenRequest.setCryptoProvider(cryptoProvider);
         tokenRequest.setKeyId(keyId);
         tokenRequest.setAudience(tokenEndpoint);
         tokenRequest.setCode(authorizationCode);
         tokenRequest.setRedirectUri(redirectUri);
         tokenRequest.setAuthUsername(clientId);
 
         TokenClient tokenClient = new TokenClient(tokenEndpoint);
         tokenClient.setRequest(tokenRequest);
         TokenResponse tokenResponse = tokenClient.exec();
 
         showClient(tokenClient);
         assertEquals(tokenResponse.getStatus(), 200, "Unexpected response code: " + tokenResponse.getStatus());
         assertNotNull(tokenResponse.getEntity(), "The entity is null");
         assertNotNull(tokenResponse.getAccessToken(), "The access token is null");
         assertNotNull(tokenResponse.getExpiresIn(), "The expires in value is null");
         assertNotNull(tokenResponse.getTokenType(), "The token type is null");
         assertNotNull(tokenResponse.getRefreshToken(), "The refresh token is null");
     }

◆ tokenEndpointAuthMethodPrivateKeyJwtFail1()

void org.xdi.oxauth.ws.rs.TokenEndpointAuthMethodRestrictionHttpTest.tokenEndpointAuthMethodPrivateKeyJwtFail1	(	final String	redirectUris,
		final String	redirectUri,
		final String	userId,
		final String	userSecret,
		final String	sectorIdentifierUri
	)		throws Exception

inline

Fail 1: Call to Token Endpoint with Auth Method client_secret_basic should fail.

                                                                {
         showTitle("tokenEndpointAuthMethodPrivateKeyJwtFail1");
 
         // 1. Register client
         RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
                 StringUtils.spaceSeparatedToList(redirectUris));
         registerRequest.setJwksUri(jwksUri);
         registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
         registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
 
         RegisterClient registerClient = new RegisterClient(registrationEndpoint);
         registerClient.setRequest(registerRequest);
         RegisterResponse registerResponse = registerClient.exec();
 
         showClient(registerClient);
         assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
         assertNotNull(registerResponse.getClientId());
         assertNotNull(registerResponse.getClientSecret());
         assertNotNull(registerResponse.getRegistrationAccessToken());
         assertNotNull(registerResponse.getClientIdIssuedAt());
         assertNotNull(registerResponse.getClientSecretExpiresAt());
 
         String clientId = registerResponse.getClientId();
         String clientSecret = registerResponse.getClientSecret();
         String registrationAccessToken = registerResponse.getRegistrationAccessToken();
         String registrationClientUri = registerResponse.getRegistrationClientUri();
 
         // 2. Client read
         RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
 
         RegisterClient readClient = new RegisterClient(registrationClientUri);
         readClient.setRequest(readClientRequest);
         RegisterResponse readClientResponse = readClient.exec();
 
         showClient(readClient);
         assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
         assertNotNull(readClientResponse.getClientId());
         assertNotNull(readClientResponse.getClientSecret());
         assertNotNull(readClientResponse.getClientIdIssuedAt());
         assertNotNull(readClientResponse.getClientSecretExpiresAt());
 
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_METHOD.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_METHOD.toString()),
                 AuthenticationMethod.PRIVATE_KEY_JWT.toString());
         assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
         assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
         assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
         assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
         assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
         assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
 
         // 3. Request authorization
         List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
         List<String> scopes = Arrays.asList(
                 "openid",
                 "profile",
                 "address",
                 "email");
         String state = UUID.randomUUID().toString();
 
         AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
         authorizationRequest.setState(state);
 
         AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
                 authorizationEndpoint, authorizationRequest, userId, userSecret);
 
         assertNotNull(authorizationResponse.getLocation(), "The location is null");
         assertNotNull(authorizationResponse.getCode(), "The authorization code is null");
         assertNotNull(authorizationResponse.getState(), "The state is null");
         assertNotNull(authorizationResponse.getScope(), "The scope is null");
         assertNull(authorizationResponse.getIdToken(), "The id token is not null");
 
         String authorizationCode = authorizationResponse.getCode();
 
         // 4. Get Access Token
         TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
         tokenRequest.setCode(authorizationCode);
         tokenRequest.setRedirectUri(redirectUri);
         tokenRequest.setAuthUsername(clientId);
         tokenRequest.setAuthPassword(clientSecret);
         tokenRequest.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_BASIC);
 
         TokenClient tokenClient = new TokenClient(tokenEndpoint);
         tokenClient.setRequest(tokenRequest);
         TokenResponse tokenResponse = tokenClient.exec();
 
         showClient(tokenClient);
         assertEquals(tokenResponse.getStatus(), 401, "Unexpected response code: " + tokenResponse.getStatus());
         assertNotNull(tokenResponse.getErrorType(), "The error type is null");
         assertNotNull(tokenResponse.getErrorDescription(), "The error description is null");
     }

◆ tokenEndpointAuthMethodPrivateKeyJwtFail2()

void org.xdi.oxauth.ws.rs.TokenEndpointAuthMethodRestrictionHttpTest.tokenEndpointAuthMethodPrivateKeyJwtFail2	(	final String	redirectUris,
		final String	redirectUri,
		final String	userId,
		final String	userSecret,
		final String	sectorIdentifierUri
	)		throws Exception

inline

Fail 2: Call to Token Endpoint with Auth Method client_secret_post should fail.

                                                                {
         showTitle("tokenEndpointAuthMethodPrivateKeyJwtFail2");
 
         // 1. Register client
         RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
                 StringUtils.spaceSeparatedToList(redirectUris));
         registerRequest.setJwksUri(jwksUri);
         registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
         registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
 
         RegisterClient registerClient = new RegisterClient(registrationEndpoint);
         registerClient.setRequest(registerRequest);
         RegisterResponse registerResponse = registerClient.exec();
 
         showClient(registerClient);
         assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
         assertNotNull(registerResponse.getClientId());
         assertNotNull(registerResponse.getClientSecret());
         assertNotNull(registerResponse.getRegistrationAccessToken());
         assertNotNull(registerResponse.getClientIdIssuedAt());
         assertNotNull(registerResponse.getClientSecretExpiresAt());
 
         String clientId = registerResponse.getClientId();
         String clientSecret = registerResponse.getClientSecret();
         String registrationAccessToken = registerResponse.getRegistrationAccessToken();
         String registrationClientUri = registerResponse.getRegistrationClientUri();
 
         // 2. Client read
         RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
 
         RegisterClient readClient = new RegisterClient(registrationClientUri);
         readClient.setRequest(readClientRequest);
         RegisterResponse readClientResponse = readClient.exec();
 
         showClient(readClient);
         assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
         assertNotNull(readClientResponse.getClientId());
         assertNotNull(readClientResponse.getClientSecret());
         assertNotNull(readClientResponse.getClientIdIssuedAt());
         assertNotNull(readClientResponse.getClientSecretExpiresAt());
 
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_METHOD.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_METHOD.toString()),
                 AuthenticationMethod.PRIVATE_KEY_JWT.toString());
         assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
         assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
         assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
         assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
         assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
         assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
 
         // 3. Request authorization
         List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
         List<String> scopes = Arrays.asList(
                 "openid",
                 "profile",
                 "address",
                 "email");
         String state = UUID.randomUUID().toString();
 
         AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
         authorizationRequest.setState(state);
 
         AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
                 authorizationEndpoint, authorizationRequest, userId, userSecret);
 
         assertNotNull(authorizationResponse.getLocation(), "The location is null");
         assertNotNull(authorizationResponse.getCode(), "The authorization code is null");
         assertNotNull(authorizationResponse.getState(), "The state is null");
         assertNotNull(authorizationResponse.getScope(), "The scope is null");
         assertNull(authorizationResponse.getIdToken(), "The id token is not null");
 
         String authorizationCode = authorizationResponse.getCode();
 
         // 4. Get Access Token
         TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
         tokenRequest.setCode(authorizationCode);
         tokenRequest.setRedirectUri(redirectUri);
         tokenRequest.setAuthUsername(clientId);
         tokenRequest.setAuthPassword(clientSecret);
         tokenRequest.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_POST);
 
         TokenClient tokenClient = new TokenClient(tokenEndpoint);
         tokenClient.setRequest(tokenRequest);
         TokenResponse tokenResponse = tokenClient.exec();
 
         showClient(tokenClient);
         assertEquals(tokenResponse.getStatus(), 401, "Unexpected response code: " + tokenResponse.getStatus());
         assertNotNull(tokenResponse.getErrorType(), "The error type is null");
         assertNotNull(tokenResponse.getErrorDescription(), "The error description is null");
     }

◆ tokenEndpointAuthMethodPrivateKeyJwtFail3()

void org.xdi.oxauth.ws.rs.TokenEndpointAuthMethodRestrictionHttpTest.tokenEndpointAuthMethodPrivateKeyJwtFail3	(	final String	redirectUris,
		final String	redirectUri,
		final String	userId,
		final String	userSecret,
		final String	sectorIdentifierUri
	)		throws Exception

inline

Fail 3: Call to Token Endpoint with Auth Method client_secret_jwt should fail.

                                                                {
         showTitle("tokenEndpointAuthMethodPrivateKeyJwtFail3");
 
         // 1. Register client
         RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
                 StringUtils.spaceSeparatedToList(redirectUris));
         registerRequest.setJwksUri(jwksUri);
         registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
         registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
 
         RegisterClient registerClient = new RegisterClient(registrationEndpoint);
         registerClient.setRequest(registerRequest);
         RegisterResponse registerResponse = registerClient.exec();
 
         showClient(registerClient);
         assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
         assertNotNull(registerResponse.getClientId());
         assertNotNull(registerResponse.getClientSecret());
         assertNotNull(registerResponse.getRegistrationAccessToken());
         assertNotNull(registerResponse.getClientIdIssuedAt());
         assertNotNull(registerResponse.getClientSecretExpiresAt());
 
         String clientId = registerResponse.getClientId();
         String clientSecret = registerResponse.getClientSecret();
         String registrationAccessToken = registerResponse.getRegistrationAccessToken();
         String registrationClientUri = registerResponse.getRegistrationClientUri();
 
         // 2. Client read
         RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
 
         RegisterClient readClient = new RegisterClient(registrationClientUri);
         readClient.setRequest(readClientRequest);
         RegisterResponse readClientResponse = readClient.exec();
 
         showClient(readClient);
         assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
         assertNotNull(readClientResponse.getClientId());
         assertNotNull(readClientResponse.getClientSecret());
         assertNotNull(readClientResponse.getClientIdIssuedAt());
         assertNotNull(readClientResponse.getClientSecretExpiresAt());
 
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_METHOD.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_METHOD.toString()),
                 AuthenticationMethod.PRIVATE_KEY_JWT.toString());
         assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
         assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
         assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
         assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
         assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
         assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
 
         // 3. Request authorization
         List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
         List<String> scopes = Arrays.asList(
                 "openid",
                 "profile",
                 "address",
                 "email");
         String state = UUID.randomUUID().toString();
 
         AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
         authorizationRequest.setState(state);
 
         AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
                 authorizationEndpoint, authorizationRequest, userId, userSecret);
 
         assertNotNull(authorizationResponse.getLocation(), "The location is null");
         assertNotNull(authorizationResponse.getCode(), "The authorization code is null");
         assertNotNull(authorizationResponse.getState(), "The state is null");
         assertNotNull(authorizationResponse.getScope(), "The scope is null");
         assertNull(authorizationResponse.getIdToken(), "The id token is not null");
 
         String authorizationCode = authorizationResponse.getCode();
 
         // 4. Get Access Token
         TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
         tokenRequest.setAudience(tokenEndpoint);
         tokenRequest.setCode(authorizationCode);
         tokenRequest.setRedirectUri(redirectUri);
         tokenRequest.setAuthUsername(clientId);
         tokenRequest.setAuthPassword(clientSecret);
         tokenRequest.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_JWT);
 
         TokenClient tokenClient = new TokenClient(tokenEndpoint);
         tokenClient.setRequest(tokenRequest);
         TokenResponse tokenResponse = tokenClient.exec();
 
         showClient(tokenClient);
         assertEquals(tokenResponse.getStatus(), 401, "Unexpected response code: " + tokenResponse.getStatus());
         assertNotNull(tokenResponse.getErrorType(), "The error type is null");
         assertNotNull(tokenResponse.getErrorDescription(), "The error description is null");
     }

◆ tokenEndpointAuthMethodPrivateKeyJwtRS256()

void org.xdi.oxauth.ws.rs.TokenEndpointAuthMethodRestrictionHttpTest.tokenEndpointAuthMethodPrivateKeyJwtRS256	(	final String	redirectUris,
		final String	redirectUri,
		final String	userId,
		final String	userSecret,
		final String	clientJwksUri,
		final String	keyId,
		final String	dnName,
		final String	keyStoreFile,
		final String	keyStoreSecret,
		final String	sectorIdentifierUri
	)		throws Exception

inline

                                                                                             {
         showTitle("tokenEndpointAuthMethodPrivateKeyJwtRS256");
 
         // 1. Register client
         RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
                 StringUtils.spaceSeparatedToList(redirectUris));
         registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
         registerRequest.setJwksUri(clientJwksUri);
         registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
 
         RegisterClient registerClient = new RegisterClient(registrationEndpoint);
         registerClient.setRequest(registerRequest);
         RegisterResponse registerResponse = registerClient.exec();
 
         showClient(registerClient);
         assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
         assertNotNull(registerResponse.getClientId());
         assertNotNull(registerResponse.getClientSecret());
         assertNotNull(registerResponse.getRegistrationAccessToken());
         assertNotNull(registerResponse.getClientIdIssuedAt());
         assertNotNull(registerResponse.getClientSecretExpiresAt());
 
         String clientId = registerResponse.getClientId();
         String registrationAccessToken = registerResponse.getRegistrationAccessToken();
         String registrationClientUri = registerResponse.getRegistrationClientUri();
 
         // 2. Client read
         RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
 
         RegisterClient readClient = new RegisterClient(registrationClientUri);
         readClient.setRequest(readClientRequest);
         RegisterResponse readClientResponse = readClient.exec();
 
         showClient(readClient);
         assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
         assertNotNull(readClientResponse.getClientId());
         assertNotNull(readClientResponse.getClientSecret());
         assertNotNull(readClientResponse.getClientIdIssuedAt());
         assertNotNull(readClientResponse.getClientSecretExpiresAt());
 
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_METHOD.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_METHOD.toString()),
                 AuthenticationMethod.PRIVATE_KEY_JWT.toString());
         assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
         assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
         assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
         assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
         assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
         assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
 
         // 3. Request authorization
         List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
         List<String> scopes = Arrays.asList(
                 "openid",
                 "profile",
                 "address",
                 "email");
         String state = UUID.randomUUID().toString();
 
         AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
         authorizationRequest.setState(state);
 
         AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
                 authorizationEndpoint, authorizationRequest, userId, userSecret);
 
         assertNotNull(authorizationResponse.getLocation(), "The location is null");
         assertNotNull(authorizationResponse.getCode(), "The authorization code is null");
         assertNotNull(authorizationResponse.getState(), "The state is null");
         assertNotNull(authorizationResponse.getScope(), "The scope is null");
         assertNull(authorizationResponse.getIdToken(), "The id token is not null");
 
         String authorizationCode = authorizationResponse.getCode();
 
         // 4. Get Access Token
         OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
 
         TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
         tokenRequest.setAuthenticationMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
         tokenRequest.setAlgorithm(SignatureAlgorithm.RS256);
         tokenRequest.setCryptoProvider(cryptoProvider);
         tokenRequest.setKeyId(keyId);
         tokenRequest.setAudience(tokenEndpoint);
         tokenRequest.setCode(authorizationCode);
         tokenRequest.setRedirectUri(redirectUri);
         tokenRequest.setAuthUsername(clientId);
 
         TokenClient tokenClient = new TokenClient(tokenEndpoint);
         tokenClient.setRequest(tokenRequest);
         TokenResponse tokenResponse = tokenClient.exec();
 
         showClient(tokenClient);
         assertEquals(tokenResponse.getStatus(), 200, "Unexpected response code: " + tokenResponse.getStatus());
         assertNotNull(tokenResponse.getEntity(), "The entity is null");
         assertNotNull(tokenResponse.getAccessToken(), "The access token is null");
         assertNotNull(tokenResponse.getExpiresIn(), "The expires in value is null");
         assertNotNull(tokenResponse.getTokenType(), "The token type is null");
         assertNotNull(tokenResponse.getRefreshToken(), "The refresh token is null");
     }

◆ tokenEndpointAuthMethodPrivateKeyJwtRS384()

void org.xdi.oxauth.ws.rs.TokenEndpointAuthMethodRestrictionHttpTest.tokenEndpointAuthMethodPrivateKeyJwtRS384	(	final String	redirectUris,
		final String	redirectUri,
		final String	userId,
		final String	userSecret,
		final String	clientJwksUri,
		final String	keyId,
		final String	dnName,
		final String	keyStoreFile,
		final String	keyStoreSecret,
		final String	sectorIdentifierUri
	)		throws Exception

inline

                                                                                             {
         showTitle("tokenEndpointAuthMethodPrivateKeyJwtRS384");
 
         // 1. Register client
         RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
                 StringUtils.spaceSeparatedToList(redirectUris));
         registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
         registerRequest.setJwksUri(clientJwksUri);
         registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
 
         RegisterClient registerClient = new RegisterClient(registrationEndpoint);
         registerClient.setRequest(registerRequest);
         RegisterResponse registerResponse = registerClient.exec();
 
         showClient(registerClient);
         assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
         assertNotNull(registerResponse.getClientId());
         assertNotNull(registerResponse.getClientSecret());
         assertNotNull(registerResponse.getRegistrationAccessToken());
         assertNotNull(registerResponse.getClientIdIssuedAt());
         assertNotNull(registerResponse.getClientSecretExpiresAt());
 
         String clientId = registerResponse.getClientId();
         String registrationAccessToken = registerResponse.getRegistrationAccessToken();
         String registrationClientUri = registerResponse.getRegistrationClientUri();
 
         // 2. Client read
         RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
 
         RegisterClient readClient = new RegisterClient(registrationClientUri);
         readClient.setRequest(readClientRequest);
         RegisterResponse readClientResponse = readClient.exec();
 
         showClient(readClient);
         assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
         assertNotNull(readClientResponse.getClientId());
         assertNotNull(readClientResponse.getClientSecret());
         assertNotNull(readClientResponse.getClientIdIssuedAt());
         assertNotNull(readClientResponse.getClientSecretExpiresAt());
 
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_METHOD.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_METHOD.toString()),
                 AuthenticationMethod.PRIVATE_KEY_JWT.toString());
         assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
         assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
         assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
         assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
         assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
         assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
 
         // 3. Request authorization
         List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
         List<String> scopes = Arrays.asList(
                 "openid",
                 "profile",
                 "address",
                 "email");
         String state = UUID.randomUUID().toString();
 
         AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
         authorizationRequest.setState(state);
 
         AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
                 authorizationEndpoint, authorizationRequest, userId, userSecret);
 
         assertNotNull(authorizationResponse.getLocation(), "The location is null");
         assertNotNull(authorizationResponse.getCode(), "The authorization code is null");
         assertNotNull(authorizationResponse.getState(), "The state is null");
         assertNotNull(authorizationResponse.getScope(), "The scope is null");
         assertNull(authorizationResponse.getIdToken(), "The id token is not null");
 
         String authorizationCode = authorizationResponse.getCode();
 
         // 4. Get Access Token
         OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
 
         TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
         tokenRequest.setAuthenticationMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
         tokenRequest.setAlgorithm(SignatureAlgorithm.RS384);
         tokenRequest.setCryptoProvider(cryptoProvider);
         tokenRequest.setKeyId(keyId);
         tokenRequest.setAudience(tokenEndpoint);
         tokenRequest.setCode(authorizationCode);
         tokenRequest.setRedirectUri(redirectUri);
         tokenRequest.setAuthUsername(clientId);
 
         TokenClient tokenClient = new TokenClient(tokenEndpoint);
         tokenClient.setRequest(tokenRequest);
         TokenResponse tokenResponse = tokenClient.exec();
 
         showClient(tokenClient);
         assertEquals(tokenResponse.getStatus(), 200, "Unexpected response code: " + tokenResponse.getStatus());
         assertNotNull(tokenResponse.getEntity(), "The entity is null");
         assertNotNull(tokenResponse.getAccessToken(), "The access token is null");
         assertNotNull(tokenResponse.getExpiresIn(), "The expires in value is null");
         assertNotNull(tokenResponse.getTokenType(), "The token type is null");
         assertNotNull(tokenResponse.getRefreshToken(), "The refresh token is null");
     }

◆ tokenEndpointAuthMethodPrivateKeyJwtRS512()

void org.xdi.oxauth.ws.rs.TokenEndpointAuthMethodRestrictionHttpTest.tokenEndpointAuthMethodPrivateKeyJwtRS512	(	final String	redirectUris,
		final String	redirectUri,
		final String	userId,
		final String	userSecret,
		final String	clientJwksUri,
		final String	keyId,
		final String	dnName,
		final String	keyStoreFile,
		final String	keyStoreSecret,
		final String	sectorIdentifierUri
	)		throws Exception

inline

                                                                                             {
         showTitle("tokenEndpointAuthMethodPrivateKeyJwtRS512");
 
         // 1. Register client
         RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
                 StringUtils.spaceSeparatedToList(redirectUris));
         registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
         registerRequest.setJwksUri(clientJwksUri);
         registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
 
         RegisterClient registerClient = new RegisterClient(registrationEndpoint);
         registerClient.setRequest(registerRequest);
         RegisterResponse registerResponse = registerClient.exec();
 
         showClient(registerClient);
         assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
         assertNotNull(registerResponse.getClientId());
         assertNotNull(registerResponse.getClientSecret());
         assertNotNull(registerResponse.getRegistrationAccessToken());
         assertNotNull(registerResponse.getClientIdIssuedAt());
         assertNotNull(registerResponse.getClientSecretExpiresAt());
 
         String clientId = registerResponse.getClientId();
         String registrationAccessToken = registerResponse.getRegistrationAccessToken();
         String registrationClientUri = registerResponse.getRegistrationClientUri();
 
         // 2. Client read
         RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
 
         RegisterClient readClient = new RegisterClient(registrationClientUri);
         readClient.setRequest(readClientRequest);
         RegisterResponse readClientResponse = readClient.exec();
 
         showClient(readClient);
         assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
         assertNotNull(readClientResponse.getClientId());
         assertNotNull(readClientResponse.getClientSecret());
         assertNotNull(readClientResponse.getClientIdIssuedAt());
         assertNotNull(readClientResponse.getClientSecretExpiresAt());
 
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_METHOD.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_METHOD.toString()),
                 AuthenticationMethod.PRIVATE_KEY_JWT.toString());
         assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
         assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
         assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
         assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
         assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
         assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
 
         // 3. Request authorization
         List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
         List<String> scopes = Arrays.asList(
                 "openid",
                 "profile",
                 "address",
                 "email");
         String state = UUID.randomUUID().toString();
 
         AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
         authorizationRequest.setState(state);
 
         AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
                 authorizationEndpoint, authorizationRequest, userId, userSecret);
 
         assertNotNull(authorizationResponse.getLocation(), "The location is null");
         assertNotNull(authorizationResponse.getCode(), "The authorization code is null");
         assertNotNull(authorizationResponse.getState(), "The state is null");
         assertNotNull(authorizationResponse.getScope(), "The scope is null");
         assertNull(authorizationResponse.getIdToken(), "The id token is not null");
 
         String authorizationCode = authorizationResponse.getCode();
 
         // 4. Get Access Token
         OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
 
         TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
         tokenRequest.setAuthenticationMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
         tokenRequest.setAlgorithm(SignatureAlgorithm.RS512);
         tokenRequest.setCryptoProvider(cryptoProvider);
         tokenRequest.setKeyId(keyId);
         tokenRequest.setAudience(tokenEndpoint);
         tokenRequest.setCode(authorizationCode);
         tokenRequest.setRedirectUri(redirectUri);
         tokenRequest.setAuthUsername(clientId);
 
         TokenClient tokenClient = new TokenClient(tokenEndpoint);
         tokenClient.setRequest(tokenRequest);
         TokenResponse tokenResponse = tokenClient.exec();
 
         showClient(tokenClient);
         assertEquals(tokenResponse.getStatus(), 200, "Unexpected response code: " + tokenResponse.getStatus());
         assertNotNull(tokenResponse.getEntity(), "The entity is null");
         assertNotNull(tokenResponse.getAccessToken(), "The access token is null");
         assertNotNull(tokenResponse.getExpiresIn(), "The expires in value is null");
         assertNotNull(tokenResponse.getTokenType(), "The token type is null");
         assertNotNull(tokenResponse.getRefreshToken(), "The refresh token is null");
     }

◆ tokenEndpointAuthMethodPrivateKeyJwtSigningAlgES256()

void org.xdi.oxauth.ws.rs.TokenEndpointAuthMethodRestrictionHttpTest.tokenEndpointAuthMethodPrivateKeyJwtSigningAlgES256	(	final String	redirectUris,
		final String	redirectUri,
		final String	userId,
		final String	userSecret,
		final String	clientJwksUri,
		final String	keyId,
		final String	dnName,
		final String	keyStoreFile,
		final String	keyStoreSecret,
		final String	sectorIdentifierUri
	)		throws Exception

inline

                                                                                             {
         showTitle("tokenEndpointAuthMethodPrivateKeyJwtSigningAlgES256");
 
         // 1. Register client
         RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
                 StringUtils.spaceSeparatedToList(redirectUris));
         registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
         registerRequest.setTokenEndpointAuthSigningAlg(SignatureAlgorithm.ES256);
         registerRequest.setJwksUri(clientJwksUri);
         registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
 
         RegisterClient registerClient = new RegisterClient(registrationEndpoint);
         registerClient.setRequest(registerRequest);
         RegisterResponse registerResponse = registerClient.exec();
 
         showClient(registerClient);
         assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
         assertNotNull(registerResponse.getClientId());
         assertNotNull(registerResponse.getClientSecret());
         assertNotNull(registerResponse.getRegistrationAccessToken());
         assertNotNull(registerResponse.getClientIdIssuedAt());
         assertNotNull(registerResponse.getClientSecretExpiresAt());
 
         String clientId = registerResponse.getClientId();
         String registrationAccessToken = registerResponse.getRegistrationAccessToken();
         String registrationClientUri = registerResponse.getRegistrationClientUri();
 
         // 2. Client read
         RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
 
         RegisterClient readClient = new RegisterClient(registrationClientUri);
         readClient.setRequest(readClientRequest);
         RegisterResponse readClientResponse = readClient.exec();
 
         showClient(readClient);
         assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
         assertNotNull(readClientResponse.getClientId());
         assertNotNull(readClientResponse.getClientSecret());
         assertNotNull(readClientResponse.getClientIdIssuedAt());
         assertNotNull(readClientResponse.getClientSecretExpiresAt());
 
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_METHOD.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_METHOD.toString()),
                 AuthenticationMethod.PRIVATE_KEY_JWT.toString());
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString()),
                 SignatureAlgorithm.ES256.toString());
         assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
         assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
         assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
         assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
         assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
         assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
 
         // 3. Request authorization
         List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
         List<String> scopes = Arrays.asList(
                 "openid",
                 "profile",
                 "address",
                 "email");
         String state = UUID.randomUUID().toString();
 
         AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
         authorizationRequest.setState(state);
 
         AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
                 authorizationEndpoint, authorizationRequest, userId, userSecret);
 
         assertNotNull(authorizationResponse.getLocation(), "The location is null");
         assertNotNull(authorizationResponse.getCode(), "The authorization code is null");
         assertNotNull(authorizationResponse.getState(), "The state is null");
         assertNotNull(authorizationResponse.getScope(), "The scope is null");
         assertNull(authorizationResponse.getIdToken(), "The id token is not null");
 
         String authorizationCode = authorizationResponse.getCode();
 
         // 4. Get Access Token
         OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
 
         TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
         tokenRequest.setAuthenticationMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
         tokenRequest.setAlgorithm(SignatureAlgorithm.ES256);
         tokenRequest.setCryptoProvider(cryptoProvider);
         tokenRequest.setKeyId(keyId);
         tokenRequest.setAudience(tokenEndpoint);
         tokenRequest.setCode(authorizationCode);
         tokenRequest.setRedirectUri(redirectUri);
         tokenRequest.setAuthUsername(clientId);
 
         TokenClient tokenClient = new TokenClient(tokenEndpoint);
         tokenClient.setRequest(tokenRequest);
         TokenResponse tokenResponse = tokenClient.exec();
 
         showClient(tokenClient);
         assertEquals(tokenResponse.getStatus(), 200, "Unexpected response code: " + tokenResponse.getStatus());
         assertNotNull(tokenResponse.getEntity(), "The entity is null");
         assertNotNull(tokenResponse.getAccessToken(), "The access token is null");
         assertNotNull(tokenResponse.getExpiresIn(), "The expires in value is null");
         assertNotNull(tokenResponse.getTokenType(), "The token type is null");
         assertNotNull(tokenResponse.getRefreshToken(), "The refresh token is null");
     }

◆ tokenEndpointAuthMethodPrivateKeyJwtSigningAlgES256Fail1()

void org.xdi.oxauth.ws.rs.TokenEndpointAuthMethodRestrictionHttpTest.tokenEndpointAuthMethodPrivateKeyJwtSigningAlgES256Fail1	(	final String	redirectUris,
		final String	redirectUri,
		final String	userId,
		final String	userSecret,
		final String	clientJwksUri,
		final String	keyId,
		final String	dnName,
		final String	keyStoreFile,
		final String	keyStoreSecret,
		final String	sectorIdentifierUri
	)		throws Exception

inline

                                                                                             {
         showTitle("tokenEndpointAuthMethodPrivateKeyJwtSigningAlgES256Fail1");
 
         // 1. Register client
         RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
                 StringUtils.spaceSeparatedToList(redirectUris));
         registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
         registerRequest.setTokenEndpointAuthSigningAlg(SignatureAlgorithm.ES256);
         registerRequest.setJwksUri(clientJwksUri);
         registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
 
         RegisterClient registerClient = new RegisterClient(registrationEndpoint);
         registerClient.setRequest(registerRequest);
         RegisterResponse registerResponse = registerClient.exec();
 
         showClient(registerClient);
         assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
         assertNotNull(registerResponse.getClientId());
         assertNotNull(registerResponse.getClientSecret());
         assertNotNull(registerResponse.getRegistrationAccessToken());
         assertNotNull(registerResponse.getClientIdIssuedAt());
         assertNotNull(registerResponse.getClientSecretExpiresAt());
 
         String clientId = registerResponse.getClientId();
         String registrationAccessToken = registerResponse.getRegistrationAccessToken();
         String registrationClientUri = registerResponse.getRegistrationClientUri();
 
         // 2. Client read
         RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
 
         RegisterClient readClient = new RegisterClient(registrationClientUri);
         readClient.setRequest(readClientRequest);
         RegisterResponse readClientResponse = readClient.exec();
 
         showClient(readClient);
         assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
         assertNotNull(readClientResponse.getClientId());
         assertNotNull(readClientResponse.getClientSecret());
         assertNotNull(readClientResponse.getClientIdIssuedAt());
         assertNotNull(readClientResponse.getClientSecretExpiresAt());
 
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_METHOD.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_METHOD.toString()),
                 AuthenticationMethod.PRIVATE_KEY_JWT.toString());
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString()),
                 SignatureAlgorithm.ES256.toString());
         assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
         assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
         assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
         assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
         assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
         assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
 
         // 3. Request authorization
         List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
         List<String> scopes = Arrays.asList(
                 "openid",
                 "profile",
                 "address",
                 "email");
         String state = UUID.randomUUID().toString();
 
         AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
         authorizationRequest.setState(state);
 
         AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
                 authorizationEndpoint, authorizationRequest, userId, userSecret);
 
         assertNotNull(authorizationResponse.getLocation(), "The location is null");
         assertNotNull(authorizationResponse.getCode(), "The authorization code is null");
         assertNotNull(authorizationResponse.getState(), "The state is null");
         assertNotNull(authorizationResponse.getScope(), "The scope is null");
         assertNull(authorizationResponse.getIdToken(), "The id token is not null");
 
         String authorizationCode = authorizationResponse.getCode();
 
         // 4. Get Access Token
         OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
 
         TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
         tokenRequest.setAuthenticationMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
         tokenRequest.setAlgorithm(SignatureAlgorithm.RS256);
         tokenRequest.setCryptoProvider(cryptoProvider);
         tokenRequest.setKeyId(keyId);
         tokenRequest.setAudience(tokenEndpoint);
         tokenRequest.setCode(authorizationCode);
         tokenRequest.setRedirectUri(redirectUri);
         tokenRequest.setAuthUsername(clientId);
 
         TokenClient tokenClient = new TokenClient(tokenEndpoint);
         tokenClient.setRequest(tokenRequest);
         TokenResponse tokenResponse = tokenClient.exec();
 
         showClient(tokenClient);
         assertEquals(tokenResponse.getStatus(), 401, "Unexpected response code: " + tokenResponse.getStatus());
         assertNotNull(tokenResponse.getErrorType(), "The error type is null");
         assertNotNull(tokenResponse.getErrorDescription(), "The error description is null");
     }

◆ tokenEndpointAuthMethodPrivateKeyJwtSigningAlgES256Fail2()

void org.xdi.oxauth.ws.rs.TokenEndpointAuthMethodRestrictionHttpTest.tokenEndpointAuthMethodPrivateKeyJwtSigningAlgES256Fail2	(	final String	redirectUris,
		final String	redirectUri,
		final String	userId,
		final String	userSecret,
		final String	clientJwksUri,
		final String	keyId,
		final String	dnName,
		final String	keyStoreFile,
		final String	keyStoreSecret,
		final String	sectorIdentifierUri
	)		throws Exception

inline

                                                                                             {
         showTitle("tokenEndpointAuthMethodPrivateKeyJwtSigningAlgES256Fail2");
 
         // 1. Register client
         RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
                 StringUtils.spaceSeparatedToList(redirectUris));
         registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
         registerRequest.setTokenEndpointAuthSigningAlg(SignatureAlgorithm.ES256);
         registerRequest.setJwksUri(clientJwksUri);
         registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
 
         RegisterClient registerClient = new RegisterClient(registrationEndpoint);
         registerClient.setRequest(registerRequest);
         RegisterResponse registerResponse = registerClient.exec();
 
         showClient(registerClient);
         assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
         assertNotNull(registerResponse.getClientId());
         assertNotNull(registerResponse.getClientSecret());
         assertNotNull(registerResponse.getRegistrationAccessToken());
         assertNotNull(registerResponse.getClientIdIssuedAt());
         assertNotNull(registerResponse.getClientSecretExpiresAt());
 
         String clientId = registerResponse.getClientId();
         String registrationAccessToken = registerResponse.getRegistrationAccessToken();
         String registrationClientUri = registerResponse.getRegistrationClientUri();
 
         // 2. Client read
         RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
 
         RegisterClient readClient = new RegisterClient(registrationClientUri);
         readClient.setRequest(readClientRequest);
         RegisterResponse readClientResponse = readClient.exec();
 
         showClient(readClient);
         assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
         assertNotNull(readClientResponse.getClientId());
         assertNotNull(readClientResponse.getClientSecret());
         assertNotNull(readClientResponse.getClientIdIssuedAt());
         assertNotNull(readClientResponse.getClientSecretExpiresAt());
 
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_METHOD.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_METHOD.toString()),
                 AuthenticationMethod.PRIVATE_KEY_JWT.toString());
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString()),
                 SignatureAlgorithm.ES256.toString());
         assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
         assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
         assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
         assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
         assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
         assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
 
         // 3. Request authorization
         List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
         List<String> scopes = Arrays.asList(
                 "openid",
                 "profile",
                 "address",
                 "email");
         String state = UUID.randomUUID().toString();
 
         AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
         authorizationRequest.setState(state);
 
         AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
                 authorizationEndpoint, authorizationRequest, userId, userSecret);
 
         assertNotNull(authorizationResponse.getLocation(), "The location is null");
         assertNotNull(authorizationResponse.getCode(), "The authorization code is null");
         assertNotNull(authorizationResponse.getState(), "The state is null");
         assertNotNull(authorizationResponse.getScope(), "The scope is null");
         assertNull(authorizationResponse.getIdToken(), "The id token is not null");
 
         String authorizationCode = authorizationResponse.getCode();
 
         // 4. Get Access Token
         OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
 
         TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
         tokenRequest.setAuthenticationMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
         tokenRequest.setAlgorithm(SignatureAlgorithm.RS384);
         tokenRequest.setCryptoProvider(cryptoProvider);
         tokenRequest.setKeyId(keyId);
         tokenRequest.setAudience(tokenEndpoint);
         tokenRequest.setCode(authorizationCode);
         tokenRequest.setRedirectUri(redirectUri);
         tokenRequest.setAuthUsername(clientId);
 
         TokenClient tokenClient = new TokenClient(tokenEndpoint);
         tokenClient.setRequest(tokenRequest);
         TokenResponse tokenResponse = tokenClient.exec();
 
         showClient(tokenClient);
         assertEquals(tokenResponse.getStatus(), 401, "Unexpected response code: " + tokenResponse.getStatus());
         assertNotNull(tokenResponse.getErrorType(), "The error type is null");
         assertNotNull(tokenResponse.getErrorDescription(), "The error description is null");
     }

◆ tokenEndpointAuthMethodPrivateKeyJwtSigningAlgES256Fail3()

void org.xdi.oxauth.ws.rs.TokenEndpointAuthMethodRestrictionHttpTest.tokenEndpointAuthMethodPrivateKeyJwtSigningAlgES256Fail3	(	final String	redirectUris,
		final String	redirectUri,
		final String	userId,
		final String	userSecret,
		final String	clientJwksUri,
		final String	keyId,
		final String	dnName,
		final String	keyStoreFile,
		final String	keyStoreSecret,
		final String	sectorIdentifierUri
	)		throws Exception

inline

                                                                                             {
         showTitle("tokenEndpointAuthMethodPrivateKeyJwtSigningAlgES256Fail3");
 
         // 1. Register client
         RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
                 StringUtils.spaceSeparatedToList(redirectUris));
         registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
         registerRequest.setTokenEndpointAuthSigningAlg(SignatureAlgorithm.ES256);
         registerRequest.setJwksUri(clientJwksUri);
         registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
 
         RegisterClient registerClient = new RegisterClient(registrationEndpoint);
         registerClient.setRequest(registerRequest);
         RegisterResponse registerResponse = registerClient.exec();
 
         showClient(registerClient);
         assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
         assertNotNull(registerResponse.getClientId());
         assertNotNull(registerResponse.getClientSecret());
         assertNotNull(registerResponse.getRegistrationAccessToken());
         assertNotNull(registerResponse.getClientIdIssuedAt());
         assertNotNull(registerResponse.getClientSecretExpiresAt());
 
         String clientId = registerResponse.getClientId();
         String registrationAccessToken = registerResponse.getRegistrationAccessToken();
         String registrationClientUri = registerResponse.getRegistrationClientUri();
 
         // 2. Client read
         RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
 
         RegisterClient readClient = new RegisterClient(registrationClientUri);
         readClient.setRequest(readClientRequest);
         RegisterResponse readClientResponse = readClient.exec();
 
         showClient(readClient);
         assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
         assertNotNull(readClientResponse.getClientId());
         assertNotNull(readClientResponse.getClientSecret());
         assertNotNull(readClientResponse.getClientIdIssuedAt());
         assertNotNull(readClientResponse.getClientSecretExpiresAt());
 
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_METHOD.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_METHOD.toString()),
                 AuthenticationMethod.PRIVATE_KEY_JWT.toString());
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString()),
                 SignatureAlgorithm.ES256.toString());
         assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
         assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
         assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
         assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
         assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
         assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
 
         // 3. Request authorization
         List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
         List<String> scopes = Arrays.asList(
                 "openid",
                 "profile",
                 "address",
                 "email");
         String state = UUID.randomUUID().toString();
 
         AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
         authorizationRequest.setState(state);
 
         AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
                 authorizationEndpoint, authorizationRequest, userId, userSecret);
 
         assertNotNull(authorizationResponse.getLocation(), "The location is null");
         assertNotNull(authorizationResponse.getCode(), "The authorization code is null");
         assertNotNull(authorizationResponse.getState(), "The state is null");
         assertNotNull(authorizationResponse.getScope(), "The scope is null");
         assertNull(authorizationResponse.getIdToken(), "The id token is not null");
 
         String authorizationCode = authorizationResponse.getCode();
 
         // 4. Get Access Token
         OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
 
         TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
         tokenRequest.setAuthenticationMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
         tokenRequest.setAlgorithm(SignatureAlgorithm.RS512);
         tokenRequest.setCryptoProvider(cryptoProvider);
         tokenRequest.setKeyId(keyId);
         tokenRequest.setAudience(tokenEndpoint);
         tokenRequest.setCode(authorizationCode);
         tokenRequest.setRedirectUri(redirectUri);
         tokenRequest.setAuthUsername(clientId);
 
         TokenClient tokenClient = new TokenClient(tokenEndpoint);
         tokenClient.setRequest(tokenRequest);
         TokenResponse tokenResponse = tokenClient.exec();
 
         showClient(tokenClient);
         assertEquals(tokenResponse.getStatus(), 401, "Unexpected response code: " + tokenResponse.getStatus());
         assertNotNull(tokenResponse.getErrorType(), "The error type is null");
         assertNotNull(tokenResponse.getErrorDescription(), "The error description is null");
     }

◆ tokenEndpointAuthMethodPrivateKeyJwtSigningAlgES256Fail4()

void org.xdi.oxauth.ws.rs.TokenEndpointAuthMethodRestrictionHttpTest.tokenEndpointAuthMethodPrivateKeyJwtSigningAlgES256Fail4	(	final String	redirectUris,
		final String	redirectUri,
		final String	userId,
		final String	userSecret,
		final String	clientJwksUri,
		final String	keyId,
		final String	dnName,
		final String	keyStoreFile,
		final String	keyStoreSecret,
		final String	sectorIdentifierUri
	)		throws Exception

inline

                                                                                             {
         showTitle("tokenEndpointAuthMethodPrivateKeyJwtSigningAlgES256Fail4");
 
         // 1. Register client
         RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
                 StringUtils.spaceSeparatedToList(redirectUris));
         registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
         registerRequest.setTokenEndpointAuthSigningAlg(SignatureAlgorithm.ES256);
         registerRequest.setJwksUri(clientJwksUri);
         registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
 
         RegisterClient registerClient = new RegisterClient(registrationEndpoint);
         registerClient.setRequest(registerRequest);
         RegisterResponse registerResponse = registerClient.exec();
 
         showClient(registerClient);
         assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
         assertNotNull(registerResponse.getClientId());
         assertNotNull(registerResponse.getClientSecret());
         assertNotNull(registerResponse.getRegistrationAccessToken());
         assertNotNull(registerResponse.getClientIdIssuedAt());
         assertNotNull(registerResponse.getClientSecretExpiresAt());
 
         String clientId = registerResponse.getClientId();
         String registrationAccessToken = registerResponse.getRegistrationAccessToken();
         String registrationClientUri = registerResponse.getRegistrationClientUri();
 
         // 2. Client read
         RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
 
         RegisterClient readClient = new RegisterClient(registrationClientUri);
         readClient.setRequest(readClientRequest);
         RegisterResponse readClientResponse = readClient.exec();
 
         showClient(readClient);
         assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
         assertNotNull(readClientResponse.getClientId());
         assertNotNull(readClientResponse.getClientSecret());
         assertNotNull(readClientResponse.getClientIdIssuedAt());
         assertNotNull(readClientResponse.getClientSecretExpiresAt());
 
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_METHOD.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_METHOD.toString()),
                 AuthenticationMethod.PRIVATE_KEY_JWT.toString());
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString()),
                 SignatureAlgorithm.ES256.toString());
         assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
         assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
         assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
         assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
         assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
         assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
 
         // 3. Request authorization
         List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
         List<String> scopes = Arrays.asList(
                 "openid",
                 "profile",
                 "address",
                 "email");
         String state = UUID.randomUUID().toString();
 
         AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
         authorizationRequest.setState(state);
 
         AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
                 authorizationEndpoint, authorizationRequest, userId, userSecret);
 
         assertNotNull(authorizationResponse.getLocation(), "The location is null");
         assertNotNull(authorizationResponse.getCode(), "The authorization code is null");
         assertNotNull(authorizationResponse.getState(), "The state is null");
         assertNotNull(authorizationResponse.getScope(), "The scope is null");
         assertNull(authorizationResponse.getIdToken(), "The id token is not null");
 
         String authorizationCode = authorizationResponse.getCode();
 
         // 4. Get Access Token
         OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
 
         TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
         tokenRequest.setAuthenticationMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
         tokenRequest.setAlgorithm(SignatureAlgorithm.ES384);
         tokenRequest.setCryptoProvider(cryptoProvider);
         tokenRequest.setKeyId(keyId);
         tokenRequest.setAudience(tokenEndpoint);
         tokenRequest.setCode(authorizationCode);
         tokenRequest.setRedirectUri(redirectUri);
         tokenRequest.setAuthUsername(clientId);
 
         TokenClient tokenClient = new TokenClient(tokenEndpoint);
         tokenClient.setRequest(tokenRequest);
         TokenResponse tokenResponse = tokenClient.exec();
 
         showClient(tokenClient);
         assertEquals(tokenResponse.getStatus(), 401, "Unexpected response code: " + tokenResponse.getStatus());
         assertNotNull(tokenResponse.getErrorType(), "The error type is null");
         assertNotNull(tokenResponse.getErrorDescription(), "The error description is null");
     }

◆ tokenEndpointAuthMethodPrivateKeyJwtSigningAlgES256Fail5()

void org.xdi.oxauth.ws.rs.TokenEndpointAuthMethodRestrictionHttpTest.tokenEndpointAuthMethodPrivateKeyJwtSigningAlgES256Fail5	(	final String	redirectUris,
		final String	redirectUri,
		final String	userId,
		final String	userSecret,
		final String	clientJwksUri,
		final String	keyId,
		final String	dnName,
		final String	keyStoreFile,
		final String	keyStoreSecret,
		final String	sectorIdentifierUri
	)		throws Exception

inline

                                                                                             {
         showTitle("tokenEndpointAuthMethodPrivateKeyJwtSigningAlgES256Fail5");
 
         // 1. Register client
         RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
                 StringUtils.spaceSeparatedToList(redirectUris));
         registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
         registerRequest.setTokenEndpointAuthSigningAlg(SignatureAlgorithm.ES256);
         registerRequest.setJwksUri(clientJwksUri);
         registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
 
         RegisterClient registerClient = new RegisterClient(registrationEndpoint);
         registerClient.setRequest(registerRequest);
         RegisterResponse registerResponse = registerClient.exec();
 
         showClient(registerClient);
         assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
         assertNotNull(registerResponse.getClientId());
         assertNotNull(registerResponse.getClientSecret());
         assertNotNull(registerResponse.getRegistrationAccessToken());
         assertNotNull(registerResponse.getClientIdIssuedAt());
         assertNotNull(registerResponse.getClientSecretExpiresAt());
 
         String clientId = registerResponse.getClientId();
         String registrationAccessToken = registerResponse.getRegistrationAccessToken();
         String registrationClientUri = registerResponse.getRegistrationClientUri();
 
         // 2. Client read
         RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
 
         RegisterClient readClient = new RegisterClient(registrationClientUri);
         readClient.setRequest(readClientRequest);
         RegisterResponse readClientResponse = readClient.exec();
 
         showClient(readClient);
         assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
         assertNotNull(readClientResponse.getClientId());
         assertNotNull(readClientResponse.getClientSecret());
         assertNotNull(readClientResponse.getClientIdIssuedAt());
         assertNotNull(readClientResponse.getClientSecretExpiresAt());
 
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_METHOD.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_METHOD.toString()),
                 AuthenticationMethod.PRIVATE_KEY_JWT.toString());
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString()),
                 SignatureAlgorithm.ES256.toString());
         assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
         assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
         assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
         assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
         assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
         assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
 
         // 3. Request authorization
         List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
         List<String> scopes = Arrays.asList(
                 "openid",
                 "profile",
                 "address",
                 "email");
         String state = UUID.randomUUID().toString();
 
         AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
         authorizationRequest.setState(state);
 
         AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
                 authorizationEndpoint, authorizationRequest, userId, userSecret);
 
         assertNotNull(authorizationResponse.getLocation(), "The location is null");
         assertNotNull(authorizationResponse.getCode(), "The authorization code is null");
         assertNotNull(authorizationResponse.getState(), "The state is null");
         assertNotNull(authorizationResponse.getScope(), "The scope is null");
         assertNull(authorizationResponse.getIdToken(), "The id token is not null");
 
         String authorizationCode = authorizationResponse.getCode();
 
         // 4. Get Access Token
         OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
 
         TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
         tokenRequest.setAuthenticationMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
         tokenRequest.setAlgorithm(SignatureAlgorithm.ES512);
         tokenRequest.setCryptoProvider(cryptoProvider);
         tokenRequest.setKeyId(keyId);
         tokenRequest.setAudience(tokenEndpoint);
         tokenRequest.setCode(authorizationCode);
         tokenRequest.setRedirectUri(redirectUri);
         tokenRequest.setAuthUsername(clientId);
 
         TokenClient tokenClient = new TokenClient(tokenEndpoint);
         tokenClient.setRequest(tokenRequest);
         TokenResponse tokenResponse = tokenClient.exec();
 
         showClient(tokenClient);
         assertEquals(tokenResponse.getStatus(), 401, "Unexpected response code: " + tokenResponse.getStatus());
         assertNotNull(tokenResponse.getErrorType(), "The error type is null");
         assertNotNull(tokenResponse.getErrorDescription(), "The error description is null");
     }

◆ tokenEndpointAuthMethodPrivateKeyJwtSigningAlgES384()

void org.xdi.oxauth.ws.rs.TokenEndpointAuthMethodRestrictionHttpTest.tokenEndpointAuthMethodPrivateKeyJwtSigningAlgES384	(	final String	redirectUris,
		final String	redirectUri,
		final String	userId,
		final String	userSecret,
		final String	clientJwksUri,
		final String	keyId,
		final String	dnName,
		final String	keyStoreFile,
		final String	keyStoreSecret,
		final String	sectorIdentifierUri
	)		throws Exception

inline

                                                                                             {
         showTitle("tokenEndpointAuthMethodPrivateKeyJwtSigningAlgES384");
 
         // 1. Register client
         RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
                 StringUtils.spaceSeparatedToList(redirectUris));
         registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
         registerRequest.setTokenEndpointAuthSigningAlg(SignatureAlgorithm.ES384);
         registerRequest.setJwksUri(clientJwksUri);
         registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
 
         RegisterClient registerClient = new RegisterClient(registrationEndpoint);
         registerClient.setRequest(registerRequest);
         RegisterResponse registerResponse = registerClient.exec();
 
         showClient(registerClient);
         assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
         assertNotNull(registerResponse.getClientId());
         assertNotNull(registerResponse.getClientSecret());
         assertNotNull(registerResponse.getRegistrationAccessToken());
         assertNotNull(registerResponse.getClientIdIssuedAt());
         assertNotNull(registerResponse.getClientSecretExpiresAt());
 
         String clientId = registerResponse.getClientId();
         String registrationAccessToken = registerResponse.getRegistrationAccessToken();
         String registrationClientUri = registerResponse.getRegistrationClientUri();
 
         // 2. Client read
         RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
 
         RegisterClient readClient = new RegisterClient(registrationClientUri);
         readClient.setRequest(readClientRequest);
         RegisterResponse readClientResponse = readClient.exec();
 
         showClient(readClient);
         assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
         assertNotNull(readClientResponse.getClientId());
         assertNotNull(readClientResponse.getClientSecret());
         assertNotNull(readClientResponse.getClientIdIssuedAt());
         assertNotNull(readClientResponse.getClientSecretExpiresAt());
 
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_METHOD.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_METHOD.toString()),
                 AuthenticationMethod.PRIVATE_KEY_JWT.toString());
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString()),
                 SignatureAlgorithm.ES384.toString());
         assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
         assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
         assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
         assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
         assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
         assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
 
         // 3. Request authorization
         List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
         List<String> scopes = Arrays.asList(
                 "openid",
                 "profile",
                 "address",
                 "email");
         String state = UUID.randomUUID().toString();
 
         AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
         authorizationRequest.setState(state);
 
         AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
                 authorizationEndpoint, authorizationRequest, userId, userSecret);
 
         assertNotNull(authorizationResponse.getLocation(), "The location is null");
         assertNotNull(authorizationResponse.getCode(), "The authorization code is null");
         assertNotNull(authorizationResponse.getState(), "The state is null");
         assertNotNull(authorizationResponse.getScope(), "The scope is null");
         assertNull(authorizationResponse.getIdToken(), "The id token is not null");
 
         String authorizationCode = authorizationResponse.getCode();
 
         // 4. Get Access Token
         OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
 
         TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
         tokenRequest.setAuthenticationMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
         tokenRequest.setAlgorithm(SignatureAlgorithm.ES384);
         tokenRequest.setCryptoProvider(cryptoProvider);
         tokenRequest.setKeyId(keyId);
         tokenRequest.setAudience(tokenEndpoint);
         tokenRequest.setCode(authorizationCode);
         tokenRequest.setRedirectUri(redirectUri);
         tokenRequest.setAuthUsername(clientId);
 
         TokenClient tokenClient = new TokenClient(tokenEndpoint);
         tokenClient.setRequest(tokenRequest);
         TokenResponse tokenResponse = tokenClient.exec();
 
         showClient(tokenClient);
         assertEquals(tokenResponse.getStatus(), 200, "Unexpected response code: " + tokenResponse.getStatus());
         assertNotNull(tokenResponse.getEntity(), "The entity is null");
         assertNotNull(tokenResponse.getAccessToken(), "The access token is null");
         assertNotNull(tokenResponse.getExpiresIn(), "The expires in value is null");
         assertNotNull(tokenResponse.getTokenType(), "The token type is null");
         assertNotNull(tokenResponse.getRefreshToken(), "The refresh token is null");
     }

◆ tokenEndpointAuthMethodPrivateKeyJwtSigningAlgES384Fail1()

void org.xdi.oxauth.ws.rs.TokenEndpointAuthMethodRestrictionHttpTest.tokenEndpointAuthMethodPrivateKeyJwtSigningAlgES384Fail1	(	final String	redirectUris,
		final String	redirectUri,
		final String	userId,
		final String	userSecret,
		final String	clientJwksUri,
		final String	keyId,
		final String	dnName,
		final String	keyStoreFile,
		final String	keyStoreSecret,
		final String	sectorIdentifierUri
	)		throws Exception

inline

                                                                                             {
         showTitle("tokenEndpointAuthMethodPrivateKeyJwtSigningAlgES384Fail1");
 
         // 1. Register client
         RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
                 StringUtils.spaceSeparatedToList(redirectUris));
         registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
         registerRequest.setTokenEndpointAuthSigningAlg(SignatureAlgorithm.ES384);
         registerRequest.setJwksUri(clientJwksUri);
         registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
 
         RegisterClient registerClient = new RegisterClient(registrationEndpoint);
         registerClient.setRequest(registerRequest);
         RegisterResponse registerResponse = registerClient.exec();
 
         showClient(registerClient);
         assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
         assertNotNull(registerResponse.getClientId());
         assertNotNull(registerResponse.getClientSecret());
         assertNotNull(registerResponse.getRegistrationAccessToken());
         assertNotNull(registerResponse.getClientIdIssuedAt());
         assertNotNull(registerResponse.getClientSecretExpiresAt());
 
         String clientId = registerResponse.getClientId();
         String registrationAccessToken = registerResponse.getRegistrationAccessToken();
         String registrationClientUri = registerResponse.getRegistrationClientUri();
 
         // 2. Client read
         RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
 
         RegisterClient readClient = new RegisterClient(registrationClientUri);
         readClient.setRequest(readClientRequest);
         RegisterResponse readClientResponse = readClient.exec();
 
         showClient(readClient);
         assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
         assertNotNull(readClientResponse.getClientId());
         assertNotNull(readClientResponse.getClientSecret());
         assertNotNull(readClientResponse.getClientIdIssuedAt());
         assertNotNull(readClientResponse.getClientSecretExpiresAt());
 
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_METHOD.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_METHOD.toString()),
                 AuthenticationMethod.PRIVATE_KEY_JWT.toString());
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString()),
                 SignatureAlgorithm.ES384.toString());
         assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
         assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
         assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
         assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
         assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
         assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
 
         // 3. Request authorization
         List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
         List<String> scopes = Arrays.asList(
                 "openid",
                 "profile",
                 "address",
                 "email");
         String state = UUID.randomUUID().toString();
 
         AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
         authorizationRequest.setState(state);
 
         AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
                 authorizationEndpoint, authorizationRequest, userId, userSecret);
 
         assertNotNull(authorizationResponse.getLocation(), "The location is null");
         assertNotNull(authorizationResponse.getCode(), "The authorization code is null");
         assertNotNull(authorizationResponse.getState(), "The state is null");
         assertNotNull(authorizationResponse.getScope(), "The scope is null");
         assertNull(authorizationResponse.getIdToken(), "The id token is not null");
 
         String authorizationCode = authorizationResponse.getCode();
 
         // 4. Get Access Token
         OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
 
         TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
         tokenRequest.setAuthenticationMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
         tokenRequest.setAlgorithm(SignatureAlgorithm.RS256);
         tokenRequest.setCryptoProvider(cryptoProvider);
         tokenRequest.setKeyId(keyId);
         tokenRequest.setAudience(tokenEndpoint);
         tokenRequest.setCode(authorizationCode);
         tokenRequest.setRedirectUri(redirectUri);
         tokenRequest.setAuthUsername(clientId);
 
         TokenClient tokenClient = new TokenClient(tokenEndpoint);
         tokenClient.setRequest(tokenRequest);
         TokenResponse tokenResponse = tokenClient.exec();
 
         showClient(tokenClient);
         assertEquals(tokenResponse.getStatus(), 401, "Unexpected response code: " + tokenResponse.getStatus());
         assertNotNull(tokenResponse.getErrorType(), "The error type is null");
         assertNotNull(tokenResponse.getErrorDescription(), "The error description is null");
     }

◆ tokenEndpointAuthMethodPrivateKeyJwtSigningAlgES384Fail2()

void org.xdi.oxauth.ws.rs.TokenEndpointAuthMethodRestrictionHttpTest.tokenEndpointAuthMethodPrivateKeyJwtSigningAlgES384Fail2	(	final String	redirectUris,
		final String	redirectUri,
		final String	userId,
		final String	userSecret,
		final String	clientJwksUri,
		final String	keyId,
		final String	dnName,
		final String	keyStoreFile,
		final String	keyStoreSecret,
		final String	sectorIdentifierUri
	)		throws Exception

inline

                                                                                             {
         showTitle("tokenEndpointAuthMethodPrivateKeyJwtSigningAlgES384Fail2");
 
         // 1. Register client
         RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
                 StringUtils.spaceSeparatedToList(redirectUris));
         registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
         registerRequest.setTokenEndpointAuthSigningAlg(SignatureAlgorithm.ES384);
         registerRequest.setJwksUri(clientJwksUri);
         registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
 
         RegisterClient registerClient = new RegisterClient(registrationEndpoint);
         registerClient.setRequest(registerRequest);
         RegisterResponse registerResponse = registerClient.exec();
 
         showClient(registerClient);
         assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
         assertNotNull(registerResponse.getClientId());
         assertNotNull(registerResponse.getClientSecret());
         assertNotNull(registerResponse.getRegistrationAccessToken());
         assertNotNull(registerResponse.getClientIdIssuedAt());
         assertNotNull(registerResponse.getClientSecretExpiresAt());
 
         String clientId = registerResponse.getClientId();
         String registrationAccessToken = registerResponse.getRegistrationAccessToken();
         String registrationClientUri = registerResponse.getRegistrationClientUri();
 
         // 2. Client read
         RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
 
         RegisterClient readClient = new RegisterClient(registrationClientUri);
         readClient.setRequest(readClientRequest);
         RegisterResponse readClientResponse = readClient.exec();
 
         showClient(readClient);
         assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
         assertNotNull(readClientResponse.getClientId());
         assertNotNull(readClientResponse.getClientSecret());
         assertNotNull(readClientResponse.getClientIdIssuedAt());
         assertNotNull(readClientResponse.getClientSecretExpiresAt());
 
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_METHOD.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_METHOD.toString()),
                 AuthenticationMethod.PRIVATE_KEY_JWT.toString());
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString()),
                 SignatureAlgorithm.ES384.toString());
         assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
         assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
         assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
         assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
         assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
         assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
 
         // 3. Request authorization
         List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
         List<String> scopes = Arrays.asList(
                 "openid",
                 "profile",
                 "address",
                 "email");
         String state = UUID.randomUUID().toString();
 
         AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
         authorizationRequest.setState(state);
 
         AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
                 authorizationEndpoint, authorizationRequest, userId, userSecret);
 
         assertNotNull(authorizationResponse.getLocation(), "The location is null");
         assertNotNull(authorizationResponse.getCode(), "The authorization code is null");
         assertNotNull(authorizationResponse.getState(), "The state is null");
         assertNotNull(authorizationResponse.getScope(), "The scope is null");
         assertNull(authorizationResponse.getIdToken(), "The id token is not null");
 
         String authorizationCode = authorizationResponse.getCode();
 
         // 4. Get Access Token
         OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
 
         TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
         tokenRequest.setAuthenticationMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
         tokenRequest.setAlgorithm(SignatureAlgorithm.RS384);
         tokenRequest.setCryptoProvider(cryptoProvider);
         tokenRequest.setKeyId(keyId);
         tokenRequest.setAudience(tokenEndpoint);
         tokenRequest.setCode(authorizationCode);
         tokenRequest.setRedirectUri(redirectUri);
         tokenRequest.setAuthUsername(clientId);
 
         TokenClient tokenClient = new TokenClient(tokenEndpoint);
         tokenClient.setRequest(tokenRequest);
         TokenResponse tokenResponse = tokenClient.exec();
 
         showClient(tokenClient);
         assertEquals(tokenResponse.getStatus(), 401, "Unexpected response code: " + tokenResponse.getStatus());
         assertNotNull(tokenResponse.getErrorType(), "The error type is null");
         assertNotNull(tokenResponse.getErrorDescription(), "The error description is null");
     }

◆ tokenEndpointAuthMethodPrivateKeyJwtSigningAlgES384Fail3()

void org.xdi.oxauth.ws.rs.TokenEndpointAuthMethodRestrictionHttpTest.tokenEndpointAuthMethodPrivateKeyJwtSigningAlgES384Fail3	(	final String	redirectUris,
		final String	redirectUri,
		final String	userId,
		final String	userSecret,
		final String	clientJwksUri,
		final String	keyId,
		final String	dnName,
		final String	keyStoreFile,
		final String	keyStoreSecret,
		final String	sectorIdentifierUri
	)		throws Exception

inline

                                                                                             {
         showTitle("tokenEndpointAuthMethodPrivateKeyJwtSigningAlgES384Fail3");
 
         // 1. Register client
         RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
                 StringUtils.spaceSeparatedToList(redirectUris));
         registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
         registerRequest.setTokenEndpointAuthSigningAlg(SignatureAlgorithm.ES384);
         registerRequest.setJwksUri(clientJwksUri);
         registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
 
         RegisterClient registerClient = new RegisterClient(registrationEndpoint);
         registerClient.setRequest(registerRequest);
         RegisterResponse registerResponse = registerClient.exec();
 
         showClient(registerClient);
         assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
         assertNotNull(registerResponse.getClientId());
         assertNotNull(registerResponse.getClientSecret());
         assertNotNull(registerResponse.getRegistrationAccessToken());
         assertNotNull(registerResponse.getClientIdIssuedAt());
         assertNotNull(registerResponse.getClientSecretExpiresAt());
 
         String clientId = registerResponse.getClientId();
         String registrationAccessToken = registerResponse.getRegistrationAccessToken();
         String registrationClientUri = registerResponse.getRegistrationClientUri();
 
         // 2. Client read
         RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
 
         RegisterClient readClient = new RegisterClient(registrationClientUri);
         readClient.setRequest(readClientRequest);
         RegisterResponse readClientResponse = readClient.exec();
 
         showClient(readClient);
         assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
         assertNotNull(readClientResponse.getClientId());
         assertNotNull(readClientResponse.getClientSecret());
         assertNotNull(readClientResponse.getClientIdIssuedAt());
         assertNotNull(readClientResponse.getClientSecretExpiresAt());
 
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_METHOD.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_METHOD.toString()),
                 AuthenticationMethod.PRIVATE_KEY_JWT.toString());
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString()),
                 SignatureAlgorithm.ES384.toString());
         assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
         assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
         assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
         assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
         assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
         assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
 
         // 3. Request authorization
         List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
         List<String> scopes = Arrays.asList(
                 "openid",
                 "profile",
                 "address",
                 "email");
         String state = UUID.randomUUID().toString();
 
         AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
         authorizationRequest.setState(state);
 
         AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
                 authorizationEndpoint, authorizationRequest, userId, userSecret);
 
         assertNotNull(authorizationResponse.getLocation(), "The location is null");
         assertNotNull(authorizationResponse.getCode(), "The authorization code is null");
         assertNotNull(authorizationResponse.getState(), "The state is null");
         assertNotNull(authorizationResponse.getScope(), "The scope is null");
         assertNull(authorizationResponse.getIdToken(), "The id token is not null");
 
         String authorizationCode = authorizationResponse.getCode();
 
         // 4. Get Access Token
         OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
 
         TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
         tokenRequest.setAuthenticationMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
         tokenRequest.setAlgorithm(SignatureAlgorithm.RS512);
         tokenRequest.setCryptoProvider(cryptoProvider);
         tokenRequest.setKeyId(keyId);
         tokenRequest.setAudience(tokenEndpoint);
         tokenRequest.setCode(authorizationCode);
         tokenRequest.setRedirectUri(redirectUri);
         tokenRequest.setAuthUsername(clientId);
 
         TokenClient tokenClient = new TokenClient(tokenEndpoint);
         tokenClient.setRequest(tokenRequest);
         TokenResponse tokenResponse = tokenClient.exec();
 
         showClient(tokenClient);
         assertEquals(tokenResponse.getStatus(), 401, "Unexpected response code: " + tokenResponse.getStatus());
         assertNotNull(tokenResponse.getErrorType(), "The error type is null");
         assertNotNull(tokenResponse.getErrorDescription(), "The error description is null");
     }

◆ tokenEndpointAuthMethodPrivateKeyJwtSigningAlgES384Fail4()

void org.xdi.oxauth.ws.rs.TokenEndpointAuthMethodRestrictionHttpTest.tokenEndpointAuthMethodPrivateKeyJwtSigningAlgES384Fail4	(	final String	redirectUris,
		final String	redirectUri,
		final String	userId,
		final String	userSecret,
		final String	clientJwksUri,
		final String	keyId,
		final String	dnName,
		final String	keyStoreFile,
		final String	keyStoreSecret,
		final String	sectorIdentifierUri
	)		throws Exception

inline

                                                                                             {
         showTitle("tokenEndpointAuthMethodPrivateKeyJwtSigningAlgES384Fail4");
 
         // 1. Register client
         RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
                 StringUtils.spaceSeparatedToList(redirectUris));
         registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
         registerRequest.setTokenEndpointAuthSigningAlg(SignatureAlgorithm.ES384);
         registerRequest.setJwksUri(clientJwksUri);
         registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
 
         RegisterClient registerClient = new RegisterClient(registrationEndpoint);
         registerClient.setRequest(registerRequest);
         RegisterResponse registerResponse = registerClient.exec();
 
         showClient(registerClient);
         assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
         assertNotNull(registerResponse.getClientId());
         assertNotNull(registerResponse.getClientSecret());
         assertNotNull(registerResponse.getRegistrationAccessToken());
         assertNotNull(registerResponse.getClientIdIssuedAt());
         assertNotNull(registerResponse.getClientSecretExpiresAt());
 
         String clientId = registerResponse.getClientId();
         String registrationAccessToken = registerResponse.getRegistrationAccessToken();
         String registrationClientUri = registerResponse.getRegistrationClientUri();
 
         // 2. Client read
         RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
 
         RegisterClient readClient = new RegisterClient(registrationClientUri);
         readClient.setRequest(readClientRequest);
         RegisterResponse readClientResponse = readClient.exec();
 
         showClient(readClient);
         assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
         assertNotNull(readClientResponse.getClientId());
         assertNotNull(readClientResponse.getClientSecret());
         assertNotNull(readClientResponse.getClientIdIssuedAt());
         assertNotNull(readClientResponse.getClientSecretExpiresAt());
 
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_METHOD.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_METHOD.toString()),
                 AuthenticationMethod.PRIVATE_KEY_JWT.toString());
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString()),
                 SignatureAlgorithm.ES384.toString());
         assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
         assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
         assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
         assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
         assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
         assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
 
         // 3. Request authorization
         List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
         List<String> scopes = Arrays.asList(
                 "openid",
                 "profile",
                 "address",
                 "email");
         String state = UUID.randomUUID().toString();
 
         AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
         authorizationRequest.setState(state);
 
         AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
                 authorizationEndpoint, authorizationRequest, userId, userSecret);
 
         assertNotNull(authorizationResponse.getLocation(), "The location is null");
         assertNotNull(authorizationResponse.getCode(), "The authorization code is null");
         assertNotNull(authorizationResponse.getState(), "The state is null");
         assertNotNull(authorizationResponse.getScope(), "The scope is null");
         assertNull(authorizationResponse.getIdToken(), "The id token is not null");
 
         String authorizationCode = authorizationResponse.getCode();
 
         // 4. Get Access Token
         OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
 
         TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
         tokenRequest.setAuthenticationMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
         tokenRequest.setAlgorithm(SignatureAlgorithm.ES256);
         tokenRequest.setCryptoProvider(cryptoProvider);
         tokenRequest.setKeyId(keyId);
         tokenRequest.setAudience(tokenEndpoint);
         tokenRequest.setCode(authorizationCode);
         tokenRequest.setRedirectUri(redirectUri);
         tokenRequest.setAuthUsername(clientId);
 
         TokenClient tokenClient = new TokenClient(tokenEndpoint);
         tokenClient.setRequest(tokenRequest);
         TokenResponse tokenResponse = tokenClient.exec();
 
         showClient(tokenClient);
         assertEquals(tokenResponse.getStatus(), 401, "Unexpected response code: " + tokenResponse.getStatus());
         assertNotNull(tokenResponse.getErrorType(), "The error type is null");
         assertNotNull(tokenResponse.getErrorDescription(), "The error description is null");
     }

◆ tokenEndpointAuthMethodPrivateKeyJwtSigningAlgES384Fail5()

void org.xdi.oxauth.ws.rs.TokenEndpointAuthMethodRestrictionHttpTest.tokenEndpointAuthMethodPrivateKeyJwtSigningAlgES384Fail5	(	final String	redirectUris,
		final String	redirectUri,
		final String	userId,
		final String	userSecret,
		final String	clientJwksUri,
		final String	keyId,
		final String	dnName,
		final String	keyStoreFile,
		final String	keyStoreSecret,
		final String	sectorIdentifierUri
	)		throws Exception

inline

                                                                                             {
         showTitle("tokenEndpointAuthMethodPrivateKeyJwtSigningAlgES384Fail5");
 
         // 1. Register client
         RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
                 StringUtils.spaceSeparatedToList(redirectUris));
         registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
         registerRequest.setTokenEndpointAuthSigningAlg(SignatureAlgorithm.ES384);
         registerRequest.setJwksUri(clientJwksUri);
         registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
 
         RegisterClient registerClient = new RegisterClient(registrationEndpoint);
         registerClient.setRequest(registerRequest);
         RegisterResponse registerResponse = registerClient.exec();
 
         showClient(registerClient);
         assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
         assertNotNull(registerResponse.getClientId());
         assertNotNull(registerResponse.getClientSecret());
         assertNotNull(registerResponse.getRegistrationAccessToken());
         assertNotNull(registerResponse.getClientIdIssuedAt());
         assertNotNull(registerResponse.getClientSecretExpiresAt());
 
         String clientId = registerResponse.getClientId();
         String registrationAccessToken = registerResponse.getRegistrationAccessToken();
         String registrationClientUri = registerResponse.getRegistrationClientUri();
 
         // 2. Client read
         RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
 
         RegisterClient readClient = new RegisterClient(registrationClientUri);
         readClient.setRequest(readClientRequest);
         RegisterResponse readClientResponse = readClient.exec();
 
         showClient(readClient);
         assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
         assertNotNull(readClientResponse.getClientId());
         assertNotNull(readClientResponse.getClientSecret());
         assertNotNull(readClientResponse.getClientIdIssuedAt());
         assertNotNull(readClientResponse.getClientSecretExpiresAt());
 
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_METHOD.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_METHOD.toString()),
                 AuthenticationMethod.PRIVATE_KEY_JWT.toString());
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString()),
                 SignatureAlgorithm.ES384.toString());
         assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
         assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
         assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
         assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
         assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
         assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
 
         // 3. Request authorization
         List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
         List<String> scopes = Arrays.asList(
                 "openid",
                 "profile",
                 "address",
                 "email");
         String state = UUID.randomUUID().toString();
 
         AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
         authorizationRequest.setState(state);
 
         AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
                 authorizationEndpoint, authorizationRequest, userId, userSecret);
 
         assertNotNull(authorizationResponse.getLocation(), "The location is null");
         assertNotNull(authorizationResponse.getCode(), "The authorization code is null");
         assertNotNull(authorizationResponse.getState(), "The state is null");
         assertNotNull(authorizationResponse.getScope(), "The scope is null");
         assertNull(authorizationResponse.getIdToken(), "The id token is not null");
 
         String authorizationCode = authorizationResponse.getCode();
 
         // 4. Get Access Token
         OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
 
         TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
         tokenRequest.setAuthenticationMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
         tokenRequest.setAlgorithm(SignatureAlgorithm.ES512);
         tokenRequest.setCryptoProvider(cryptoProvider);
         tokenRequest.setKeyId(keyId);
         tokenRequest.setAudience(tokenEndpoint);
         tokenRequest.setCode(authorizationCode);
         tokenRequest.setRedirectUri(redirectUri);
         tokenRequest.setAuthUsername(clientId);
 
         TokenClient tokenClient = new TokenClient(tokenEndpoint);
         tokenClient.setRequest(tokenRequest);
         TokenResponse tokenResponse = tokenClient.exec();
 
         showClient(tokenClient);
         assertEquals(tokenResponse.getStatus(), 401, "Unexpected response code: " + tokenResponse.getStatus());
         assertNotNull(tokenResponse.getErrorType(), "The error type is null");
         assertNotNull(tokenResponse.getErrorDescription(), "The error description is null");
     }

◆ tokenEndpointAuthMethodPrivateKeyJwtSigningAlgES512()

void org.xdi.oxauth.ws.rs.TokenEndpointAuthMethodRestrictionHttpTest.tokenEndpointAuthMethodPrivateKeyJwtSigningAlgES512	(	final String	redirectUris,
		final String	redirectUri,
		final String	userId,
		final String	userSecret,
		final String	clientJwksUri,
		final String	keyId,
		final String	dnName,
		final String	keyStoreFile,
		final String	keyStoreSecret,
		final String	sectorIdentifierUri
	)		throws Exception

inline

                                                                                             {
         showTitle("tokenEndpointAuthMethodPrivateKeyJwtSigningAlgES512");
 
         // 1. Register client
         RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
                 StringUtils.spaceSeparatedToList(redirectUris));
         registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
         registerRequest.setTokenEndpointAuthSigningAlg(SignatureAlgorithm.ES512);
         registerRequest.setJwksUri(clientJwksUri);
         registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
 
         RegisterClient registerClient = new RegisterClient(registrationEndpoint);
         registerClient.setRequest(registerRequest);
         RegisterResponse registerResponse = registerClient.exec();
 
         showClient(registerClient);
         assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
         assertNotNull(registerResponse.getClientId());
         assertNotNull(registerResponse.getClientSecret());
         assertNotNull(registerResponse.getRegistrationAccessToken());
         assertNotNull(registerResponse.getClientIdIssuedAt());
         assertNotNull(registerResponse.getClientSecretExpiresAt());
 
         String clientId = registerResponse.getClientId();
         String registrationAccessToken = registerResponse.getRegistrationAccessToken();
         String registrationClientUri = registerResponse.getRegistrationClientUri();
 
         // 2. Client read
         RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
 
         RegisterClient readClient = new RegisterClient(registrationClientUri);
         readClient.setRequest(readClientRequest);
         RegisterResponse readClientResponse = readClient.exec();
 
         showClient(readClient);
         assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
         assertNotNull(readClientResponse.getClientId());
         assertNotNull(readClientResponse.getClientSecret());
         assertNotNull(readClientResponse.getClientIdIssuedAt());
         assertNotNull(readClientResponse.getClientSecretExpiresAt());
 
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_METHOD.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_METHOD.toString()),
                 AuthenticationMethod.PRIVATE_KEY_JWT.toString());
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString()),
                 SignatureAlgorithm.ES512.toString());
         assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
         assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
         assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
         assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
         assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
         assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
 
         // 3. Request authorization
         List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
         List<String> scopes = Arrays.asList(
                 "openid",
                 "profile",
                 "address",
                 "email");
         String state = UUID.randomUUID().toString();
 
         AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
         authorizationRequest.setState(state);
 
         AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
                 authorizationEndpoint, authorizationRequest, userId, userSecret);
 
         assertNotNull(authorizationResponse.getLocation(), "The location is null");
         assertNotNull(authorizationResponse.getCode(), "The authorization code is null");
         assertNotNull(authorizationResponse.getState(), "The state is null");
         assertNotNull(authorizationResponse.getScope(), "The scope is null");
         assertNull(authorizationResponse.getIdToken(), "The id token is not null");
 
         String authorizationCode = authorizationResponse.getCode();
 
         // 4. Get Access Token
         OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
 
         TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
         tokenRequest.setAuthenticationMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
         tokenRequest.setAlgorithm(SignatureAlgorithm.ES512);
         tokenRequest.setCryptoProvider(cryptoProvider);
         tokenRequest.setKeyId(keyId);
         tokenRequest.setAudience(tokenEndpoint);
         tokenRequest.setCode(authorizationCode);
         tokenRequest.setRedirectUri(redirectUri);
         tokenRequest.setAuthUsername(clientId);
 
         TokenClient tokenClient = new TokenClient(tokenEndpoint);
         tokenClient.setRequest(tokenRequest);
         TokenResponse tokenResponse = tokenClient.exec();
 
         showClient(tokenClient);
         assertEquals(tokenResponse.getStatus(), 200, "Unexpected response code: " + tokenResponse.getStatus());
         assertNotNull(tokenResponse.getEntity(), "The entity is null");
         assertNotNull(tokenResponse.getAccessToken(), "The access token is null");
         assertNotNull(tokenResponse.getExpiresIn(), "The expires in value is null");
         assertNotNull(tokenResponse.getTokenType(), "The token type is null");
         assertNotNull(tokenResponse.getRefreshToken(), "The refresh token is null");
     }

◆ tokenEndpointAuthMethodPrivateKeyJwtSigningAlgES512Fail1()

void org.xdi.oxauth.ws.rs.TokenEndpointAuthMethodRestrictionHttpTest.tokenEndpointAuthMethodPrivateKeyJwtSigningAlgES512Fail1	(	final String	redirectUris,
		final String	redirectUri,
		final String	userId,
		final String	userSecret,
		final String	clientJwksUri,
		final String	keyId,
		final String	dnName,
		final String	keyStoreFile,
		final String	keyStoreSecret,
		final String	sectorIdentifierUri
	)		throws Exception

inline

                                                                                             {
         showTitle("tokenEndpointAuthMethodPrivateKeyJwtSigningAlgES512Fail1");
 
         // 1. Register client
         RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
                 StringUtils.spaceSeparatedToList(redirectUris));
         registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
         registerRequest.setTokenEndpointAuthSigningAlg(SignatureAlgorithm.ES512);
         registerRequest.setJwksUri(clientJwksUri);
         registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
 
         RegisterClient registerClient = new RegisterClient(registrationEndpoint);
         registerClient.setRequest(registerRequest);
         RegisterResponse registerResponse = registerClient.exec();
 
         showClient(registerClient);
         assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
         assertNotNull(registerResponse.getClientId());
         assertNotNull(registerResponse.getClientSecret());
         assertNotNull(registerResponse.getRegistrationAccessToken());
         assertNotNull(registerResponse.getClientIdIssuedAt());
         assertNotNull(registerResponse.getClientSecretExpiresAt());
 
         String clientId = registerResponse.getClientId();
         String registrationAccessToken = registerResponse.getRegistrationAccessToken();
         String registrationClientUri = registerResponse.getRegistrationClientUri();
 
         // 2. Client read
         RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
 
         RegisterClient readClient = new RegisterClient(registrationClientUri);
         readClient.setRequest(readClientRequest);
         RegisterResponse readClientResponse = readClient.exec();
 
         showClient(readClient);
         assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
         assertNotNull(readClientResponse.getClientId());
         assertNotNull(readClientResponse.getClientSecret());
         assertNotNull(readClientResponse.getClientIdIssuedAt());
         assertNotNull(readClientResponse.getClientSecretExpiresAt());
 
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_METHOD.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_METHOD.toString()),
                 AuthenticationMethod.PRIVATE_KEY_JWT.toString());
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString()),
                 SignatureAlgorithm.ES512.toString());
         assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
         assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
         assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
         assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
         assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
         assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
 
         // 3. Request authorization
         List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
         List<String> scopes = Arrays.asList(
                 "openid",
                 "profile",
                 "address",
                 "email");
         String state = UUID.randomUUID().toString();
 
         AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
         authorizationRequest.setState(state);
 
         AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
                 authorizationEndpoint, authorizationRequest, userId, userSecret);
 
         assertNotNull(authorizationResponse.getLocation(), "The location is null");
         assertNotNull(authorizationResponse.getCode(), "The authorization code is null");
         assertNotNull(authorizationResponse.getState(), "The state is null");
         assertNotNull(authorizationResponse.getScope(), "The scope is null");
         assertNull(authorizationResponse.getIdToken(), "The id token is not null");
 
         String authorizationCode = authorizationResponse.getCode();
 
         // 4. Get Access Token
         OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
 
         TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
         tokenRequest.setAuthenticationMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
         tokenRequest.setAlgorithm(SignatureAlgorithm.RS256);
         tokenRequest.setCryptoProvider(cryptoProvider);
         tokenRequest.setKeyId(keyId);
         tokenRequest.setAudience(tokenEndpoint);
         tokenRequest.setCode(authorizationCode);
         tokenRequest.setRedirectUri(redirectUri);
         tokenRequest.setAuthUsername(clientId);
 
         TokenClient tokenClient = new TokenClient(tokenEndpoint);
         tokenClient.setRequest(tokenRequest);
         TokenResponse tokenResponse = tokenClient.exec();
 
         showClient(tokenClient);
         assertEquals(tokenResponse.getStatus(), 401, "Unexpected response code: " + tokenResponse.getStatus());
         assertNotNull(tokenResponse.getErrorType(), "The error type is null");
         assertNotNull(tokenResponse.getErrorDescription(), "The error description is null");
     }

◆ tokenEndpointAuthMethodPrivateKeyJwtSigningAlgES512Fail2()

void org.xdi.oxauth.ws.rs.TokenEndpointAuthMethodRestrictionHttpTest.tokenEndpointAuthMethodPrivateKeyJwtSigningAlgES512Fail2	(	final String	redirectUris,
		final String	redirectUri,
		final String	userId,
		final String	userSecret,
		final String	clientJwksUri,
		final String	keyId,
		final String	dnName,
		final String	keyStoreFile,
		final String	keyStoreSecret,
		final String	sectorIdentifierUri
	)		throws Exception

inline

                                                                                             {
         showTitle("tokenEndpointAuthMethodPrivateKeyJwtSigningAlgES512Fail2");
 
         // 1. Register client
         RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
                 StringUtils.spaceSeparatedToList(redirectUris));
         registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
         registerRequest.setTokenEndpointAuthSigningAlg(SignatureAlgorithm.ES512);
         registerRequest.setJwksUri(clientJwksUri);
         registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
 
         RegisterClient registerClient = new RegisterClient(registrationEndpoint);
         registerClient.setRequest(registerRequest);
         RegisterResponse registerResponse = registerClient.exec();
 
         showClient(registerClient);
         assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
         assertNotNull(registerResponse.getClientId());
         assertNotNull(registerResponse.getClientSecret());
         assertNotNull(registerResponse.getRegistrationAccessToken());
         assertNotNull(registerResponse.getClientIdIssuedAt());
         assertNotNull(registerResponse.getClientSecretExpiresAt());
 
         String clientId = registerResponse.getClientId();
         String registrationAccessToken = registerResponse.getRegistrationAccessToken();
         String registrationClientUri = registerResponse.getRegistrationClientUri();
 
         // 2. Client read
         RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
 
         RegisterClient readClient = new RegisterClient(registrationClientUri);
         readClient.setRequest(readClientRequest);
         RegisterResponse readClientResponse = readClient.exec();
 
         showClient(readClient);
         assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
         assertNotNull(readClientResponse.getClientId());
         assertNotNull(readClientResponse.getClientSecret());
         assertNotNull(readClientResponse.getClientIdIssuedAt());
         assertNotNull(readClientResponse.getClientSecretExpiresAt());
 
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_METHOD.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_METHOD.toString()),
                 AuthenticationMethod.PRIVATE_KEY_JWT.toString());
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString()),
                 SignatureAlgorithm.ES512.toString());
         assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
         assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
         assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
         assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
         assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
         assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
 
         // 3. Request authorization
         List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
         List<String> scopes = Arrays.asList(
                 "openid",
                 "profile",
                 "address",
                 "email");
         String state = UUID.randomUUID().toString();
 
         AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
         authorizationRequest.setState(state);
 
         AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
                 authorizationEndpoint, authorizationRequest, userId, userSecret);
 
         assertNotNull(authorizationResponse.getLocation(), "The location is null");
         assertNotNull(authorizationResponse.getCode(), "The authorization code is null");
         assertNotNull(authorizationResponse.getState(), "The state is null");
         assertNotNull(authorizationResponse.getScope(), "The scope is null");
         assertNull(authorizationResponse.getIdToken(), "The id token is not null");
 
         String authorizationCode = authorizationResponse.getCode();
 
         // 4. Get Access Token
         OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
 
         TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
         tokenRequest.setAuthenticationMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
         tokenRequest.setAlgorithm(SignatureAlgorithm.RS384);
         tokenRequest.setCryptoProvider(cryptoProvider);
         tokenRequest.setKeyId(keyId);
         tokenRequest.setAudience(tokenEndpoint);
         tokenRequest.setCode(authorizationCode);
         tokenRequest.setRedirectUri(redirectUri);
         tokenRequest.setAuthUsername(clientId);
 
         TokenClient tokenClient = new TokenClient(tokenEndpoint);
         tokenClient.setRequest(tokenRequest);
         TokenResponse tokenResponse = tokenClient.exec();
 
         showClient(tokenClient);
         assertEquals(tokenResponse.getStatus(), 401, "Unexpected response code: " + tokenResponse.getStatus());
         assertNotNull(tokenResponse.getErrorType(), "The error type is null");
         assertNotNull(tokenResponse.getErrorDescription(), "The error description is null");
     }

◆ tokenEndpointAuthMethodPrivateKeyJwtSigningAlgES512Fail3()

void org.xdi.oxauth.ws.rs.TokenEndpointAuthMethodRestrictionHttpTest.tokenEndpointAuthMethodPrivateKeyJwtSigningAlgES512Fail3	(	final String	redirectUris,
		final String	redirectUri,
		final String	userId,
		final String	userSecret,
		final String	clientJwksUri,
		final String	keyId,
		final String	dnName,
		final String	keyStoreFile,
		final String	keyStoreSecret,
		final String	sectorIdentifierUri
	)		throws Exception

inline

                                                                                             {
         showTitle("tokenEndpointAuthMethodPrivateKeyJwtSigningAlgES512Fail3");
 
         // 1. Register client
         RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
                 StringUtils.spaceSeparatedToList(redirectUris));
         registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
         registerRequest.setTokenEndpointAuthSigningAlg(SignatureAlgorithm.ES512);
         registerRequest.setJwksUri(clientJwksUri);
         registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
 
         RegisterClient registerClient = new RegisterClient(registrationEndpoint);
         registerClient.setRequest(registerRequest);
         RegisterResponse registerResponse = registerClient.exec();
 
         showClient(registerClient);
         assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
         assertNotNull(registerResponse.getClientId());
         assertNotNull(registerResponse.getClientSecret());
         assertNotNull(registerResponse.getRegistrationAccessToken());
         assertNotNull(registerResponse.getClientIdIssuedAt());
         assertNotNull(registerResponse.getClientSecretExpiresAt());
 
         String clientId = registerResponse.getClientId();
         String registrationAccessToken = registerResponse.getRegistrationAccessToken();
         String registrationClientUri = registerResponse.getRegistrationClientUri();
 
         // 2. Client read
         RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
 
         RegisterClient readClient = new RegisterClient(registrationClientUri);
         readClient.setRequest(readClientRequest);
         RegisterResponse readClientResponse = readClient.exec();
 
         showClient(readClient);
         assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
         assertNotNull(readClientResponse.getClientId());
         assertNotNull(readClientResponse.getClientSecret());
         assertNotNull(readClientResponse.getClientIdIssuedAt());
         assertNotNull(readClientResponse.getClientSecretExpiresAt());
 
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_METHOD.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_METHOD.toString()),
                 AuthenticationMethod.PRIVATE_KEY_JWT.toString());
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString()),
                 SignatureAlgorithm.ES512.toString());
         assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
         assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
         assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
         assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
         assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
         assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
 
         // 3. Request authorization
         List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
         List<String> scopes = Arrays.asList(
                 "openid",
                 "profile",
                 "address",
                 "email");
         String state = UUID.randomUUID().toString();
 
         AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
         authorizationRequest.setState(state);
 
         AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
                 authorizationEndpoint, authorizationRequest, userId, userSecret);
 
         assertNotNull(authorizationResponse.getLocation(), "The location is null");
         assertNotNull(authorizationResponse.getCode(), "The authorization code is null");
         assertNotNull(authorizationResponse.getState(), "The state is null");
         assertNotNull(authorizationResponse.getScope(), "The scope is null");
         assertNull(authorizationResponse.getIdToken(), "The id token is not null");
 
         String authorizationCode = authorizationResponse.getCode();
 
         // 4. Get Access Token
         OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
 
         TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
         tokenRequest.setAuthenticationMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
         tokenRequest.setAlgorithm(SignatureAlgorithm.RS512);
         tokenRequest.setCryptoProvider(cryptoProvider);
         tokenRequest.setKeyId(keyId);
         tokenRequest.setAudience(tokenEndpoint);
         tokenRequest.setCode(authorizationCode);
         tokenRequest.setRedirectUri(redirectUri);
         tokenRequest.setAuthUsername(clientId);
 
         TokenClient tokenClient = new TokenClient(tokenEndpoint);
         tokenClient.setRequest(tokenRequest);
         TokenResponse tokenResponse = tokenClient.exec();
 
         showClient(tokenClient);
         assertEquals(tokenResponse.getStatus(), 401, "Unexpected response code: " + tokenResponse.getStatus());
         assertNotNull(tokenResponse.getErrorType(), "The error type is null");
         assertNotNull(tokenResponse.getErrorDescription(), "The error description is null");
     }

◆ tokenEndpointAuthMethodPrivateKeyJwtSigningAlgES512Fail4()

void org.xdi.oxauth.ws.rs.TokenEndpointAuthMethodRestrictionHttpTest.tokenEndpointAuthMethodPrivateKeyJwtSigningAlgES512Fail4	(	final String	redirectUris,
		final String	redirectUri,
		final String	userId,
		final String	userSecret,
		final String	clientJwksUri,
		final String	keyId,
		final String	dnName,
		final String	keyStoreFile,
		final String	keyStoreSecret,
		final String	sectorIdentifierUri
	)		throws Exception

inline

                                                                                             {
         showTitle("tokenEndpointAuthMethodPrivateKeyJwtSigningAlgES512Fail4");
 
         // 1. Register client
         RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
                 StringUtils.spaceSeparatedToList(redirectUris));
         registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
         registerRequest.setTokenEndpointAuthSigningAlg(SignatureAlgorithm.ES512);
         registerRequest.setJwksUri(clientJwksUri);
         registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
 
         RegisterClient registerClient = new RegisterClient(registrationEndpoint);
         registerClient.setRequest(registerRequest);
         RegisterResponse registerResponse = registerClient.exec();
 
         showClient(registerClient);
         assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
         assertNotNull(registerResponse.getClientId());
         assertNotNull(registerResponse.getClientSecret());
         assertNotNull(registerResponse.getRegistrationAccessToken());
         assertNotNull(registerResponse.getClientIdIssuedAt());
         assertNotNull(registerResponse.getClientSecretExpiresAt());
 
         String clientId = registerResponse.getClientId();
         String registrationAccessToken = registerResponse.getRegistrationAccessToken();
         String registrationClientUri = registerResponse.getRegistrationClientUri();
 
         // 2. Client read
         RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
 
         RegisterClient readClient = new RegisterClient(registrationClientUri);
         readClient.setRequest(readClientRequest);
         RegisterResponse readClientResponse = readClient.exec();
 
         showClient(readClient);
         assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
         assertNotNull(readClientResponse.getClientId());
         assertNotNull(readClientResponse.getClientSecret());
         assertNotNull(readClientResponse.getClientIdIssuedAt());
         assertNotNull(readClientResponse.getClientSecretExpiresAt());
 
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_METHOD.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_METHOD.toString()),
                 AuthenticationMethod.PRIVATE_KEY_JWT.toString());
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString()),
                 SignatureAlgorithm.ES512.toString());
         assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
         assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
         assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
         assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
         assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
         assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
 
         // 3. Request authorization
         List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
         List<String> scopes = Arrays.asList(
                 "openid",
                 "profile",
                 "address",
                 "email");
         String state = UUID.randomUUID().toString();
 
         AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
         authorizationRequest.setState(state);
 
         AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
                 authorizationEndpoint, authorizationRequest, userId, userSecret);
 
         assertNotNull(authorizationResponse.getLocation(), "The location is null");
         assertNotNull(authorizationResponse.getCode(), "The authorization code is null");
         assertNotNull(authorizationResponse.getState(), "The state is null");
         assertNotNull(authorizationResponse.getScope(), "The scope is null");
         assertNull(authorizationResponse.getIdToken(), "The id token is not null");
 
         String authorizationCode = authorizationResponse.getCode();
 
         // 4. Get Access Token
         OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
 
         TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
         tokenRequest.setAuthenticationMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
         tokenRequest.setAlgorithm(SignatureAlgorithm.ES256);
         tokenRequest.setCryptoProvider(cryptoProvider);
         tokenRequest.setKeyId(keyId);
         tokenRequest.setAudience(tokenEndpoint);
         tokenRequest.setCode(authorizationCode);
         tokenRequest.setRedirectUri(redirectUri);
         tokenRequest.setAuthUsername(clientId);
 
         TokenClient tokenClient = new TokenClient(tokenEndpoint);
         tokenClient.setRequest(tokenRequest);
         TokenResponse tokenResponse = tokenClient.exec();
 
         showClient(tokenClient);
         assertEquals(tokenResponse.getStatus(), 401, "Unexpected response code: " + tokenResponse.getStatus());
         assertNotNull(tokenResponse.getErrorType(), "The error type is null");
         assertNotNull(tokenResponse.getErrorDescription(), "The error description is null");
     }

◆ tokenEndpointAuthMethodPrivateKeyJwtSigningAlgES512Fail5()

void org.xdi.oxauth.ws.rs.TokenEndpointAuthMethodRestrictionHttpTest.tokenEndpointAuthMethodPrivateKeyJwtSigningAlgES512Fail5	(	final String	redirectUris,
		final String	redirectUri,
		final String	userId,
		final String	userSecret,
		final String	clientJwksUri,
		final String	keyId,
		final String	dnName,
		final String	keyStoreFile,
		final String	keyStoreSecret,
		final String	sectorIdentifierUri
	)		throws Exception

inline

                                                                                             {
         showTitle("tokenEndpointAuthMethodPrivateKeyJwtSigningAlgES512Fail5");
 
         // 1. Register client
         RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
                 StringUtils.spaceSeparatedToList(redirectUris));
         registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
         registerRequest.setTokenEndpointAuthSigningAlg(SignatureAlgorithm.ES512);
         registerRequest.setJwksUri(clientJwksUri);
         registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
 
         RegisterClient registerClient = new RegisterClient(registrationEndpoint);
         registerClient.setRequest(registerRequest);
         RegisterResponse registerResponse = registerClient.exec();
 
         showClient(registerClient);
         assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
         assertNotNull(registerResponse.getClientId());
         assertNotNull(registerResponse.getClientSecret());
         assertNotNull(registerResponse.getRegistrationAccessToken());
         assertNotNull(registerResponse.getClientIdIssuedAt());
         assertNotNull(registerResponse.getClientSecretExpiresAt());
 
         String clientId = registerResponse.getClientId();
         String registrationAccessToken = registerResponse.getRegistrationAccessToken();
         String registrationClientUri = registerResponse.getRegistrationClientUri();
 
         // 2. Client read
         RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
 
         RegisterClient readClient = new RegisterClient(registrationClientUri);
         readClient.setRequest(readClientRequest);
         RegisterResponse readClientResponse = readClient.exec();
 
         showClient(readClient);
         assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
         assertNotNull(readClientResponse.getClientId());
         assertNotNull(readClientResponse.getClientSecret());
         assertNotNull(readClientResponse.getClientIdIssuedAt());
         assertNotNull(readClientResponse.getClientSecretExpiresAt());
 
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_METHOD.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_METHOD.toString()),
                 AuthenticationMethod.PRIVATE_KEY_JWT.toString());
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString()),
                 SignatureAlgorithm.ES512.toString());
         assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
         assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
         assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
         assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
         assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
         assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
 
         // 3. Request authorization
         List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
         List<String> scopes = Arrays.asList(
                 "openid",
                 "profile",
                 "address",
                 "email");
         String state = UUID.randomUUID().toString();
 
         AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
         authorizationRequest.setState(state);
 
         AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
                 authorizationEndpoint, authorizationRequest, userId, userSecret);
 
         assertNotNull(authorizationResponse.getLocation(), "The location is null");
         assertNotNull(authorizationResponse.getCode(), "The authorization code is null");
         assertNotNull(authorizationResponse.getState(), "The state is null");
         assertNotNull(authorizationResponse.getScope(), "The scope is null");
         assertNull(authorizationResponse.getIdToken(), "The id token is not null");
 
         String authorizationCode = authorizationResponse.getCode();
 
         // 4. Get Access Token
         OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
 
         TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
         tokenRequest.setAuthenticationMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
         tokenRequest.setAlgorithm(SignatureAlgorithm.ES384);
         tokenRequest.setCryptoProvider(cryptoProvider);
         tokenRequest.setKeyId(keyId);
         tokenRequest.setAudience(tokenEndpoint);
         tokenRequest.setCode(authorizationCode);
         tokenRequest.setRedirectUri(redirectUri);
         tokenRequest.setAuthUsername(clientId);
 
         TokenClient tokenClient = new TokenClient(tokenEndpoint);
         tokenClient.setRequest(tokenRequest);
         TokenResponse tokenResponse = tokenClient.exec();
 
         showClient(tokenClient);
         assertEquals(tokenResponse.getStatus(), 401, "Unexpected response code: " + tokenResponse.getStatus());
         assertNotNull(tokenResponse.getErrorType(), "The error type is null");
         assertNotNull(tokenResponse.getErrorDescription(), "The error description is null");
     }

◆ tokenEndpointAuthMethodPrivateKeyJwtSigningAlgRS256()

void org.xdi.oxauth.ws.rs.TokenEndpointAuthMethodRestrictionHttpTest.tokenEndpointAuthMethodPrivateKeyJwtSigningAlgRS256	(	final String	redirectUris,
		final String	redirectUri,
		final String	userId,
		final String	userSecret,
		final String	clientJwksUri,
		final String	keyId,
		final String	dnName,
		final String	keyStoreFile,
		final String	keyStoreSecret,
		final String	sectorIdentifierUri
	)		throws Exception

inline

                                                                                             {
         showTitle("tokenEndpointAuthMethodPrivateKeyJwtSigningAlgRS256");
 
         // 1. Register client
         RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
                 StringUtils.spaceSeparatedToList(redirectUris));
         registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
         registerRequest.setTokenEndpointAuthSigningAlg(SignatureAlgorithm.RS256);
         registerRequest.setJwksUri(clientJwksUri);
         registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
 
         RegisterClient registerClient = new RegisterClient(registrationEndpoint);
         registerClient.setRequest(registerRequest);
         RegisterResponse registerResponse = registerClient.exec();
 
         showClient(registerClient);
         assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
         assertNotNull(registerResponse.getClientId());
         assertNotNull(registerResponse.getClientSecret());
         assertNotNull(registerResponse.getRegistrationAccessToken());
         assertNotNull(registerResponse.getClientIdIssuedAt());
         assertNotNull(registerResponse.getClientSecretExpiresAt());
 
         String clientId = registerResponse.getClientId();
         String registrationAccessToken = registerResponse.getRegistrationAccessToken();
         String registrationClientUri = registerResponse.getRegistrationClientUri();
 
         // 2. Client read
         RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
 
         RegisterClient readClient = new RegisterClient(registrationClientUri);
         readClient.setRequest(readClientRequest);
         RegisterResponse readClientResponse = readClient.exec();
 
         showClient(readClient);
         assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
         assertNotNull(readClientResponse.getClientId());
         assertNotNull(readClientResponse.getClientSecret());
         assertNotNull(readClientResponse.getClientIdIssuedAt());
         assertNotNull(readClientResponse.getClientSecretExpiresAt());
 
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_METHOD.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_METHOD.toString()),
                 AuthenticationMethod.PRIVATE_KEY_JWT.toString());
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString()),
                 SignatureAlgorithm.RS256.toString());
         assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
         assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
         assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
         assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
         assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
         assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
 
         // 3. Request authorization
         List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
         List<String> scopes = Arrays.asList(
                 "openid",
                 "profile",
                 "address",
                 "email");
         String state = UUID.randomUUID().toString();
 
         AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
         authorizationRequest.setState(state);
 
         AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
                 authorizationEndpoint, authorizationRequest, userId, userSecret);
 
         assertNotNull(authorizationResponse.getLocation(), "The location is null");
         assertNotNull(authorizationResponse.getCode(), "The authorization code is null");
         assertNotNull(authorizationResponse.getState(), "The state is null");
         assertNotNull(authorizationResponse.getScope(), "The scope is null");
         assertNull(authorizationResponse.getIdToken(), "The id token is not null");
 
         String authorizationCode = authorizationResponse.getCode();
 
         // 4. Get Access Token
         OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
 
         TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
         tokenRequest.setAuthenticationMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
         tokenRequest.setAlgorithm(SignatureAlgorithm.RS256);
         tokenRequest.setCryptoProvider(cryptoProvider);
         tokenRequest.setKeyId(keyId);
         tokenRequest.setAudience(tokenEndpoint);
         tokenRequest.setCode(authorizationCode);
         tokenRequest.setRedirectUri(redirectUri);
         tokenRequest.setAuthUsername(clientId);
 
         TokenClient tokenClient = new TokenClient(tokenEndpoint);
         tokenClient.setRequest(tokenRequest);
         TokenResponse tokenResponse = tokenClient.exec();
 
         showClient(tokenClient);
         assertEquals(tokenResponse.getStatus(), 200, "Unexpected response code: " + tokenResponse.getStatus());
         assertNotNull(tokenResponse.getEntity(), "The entity is null");
         assertNotNull(tokenResponse.getAccessToken(), "The access token is null");
         assertNotNull(tokenResponse.getExpiresIn(), "The expires in value is null");
         assertNotNull(tokenResponse.getTokenType(), "The token type is null");
         assertNotNull(tokenResponse.getRefreshToken(), "The refresh token is null");
     }

◆ tokenEndpointAuthMethodPrivateKeyJwtSigningAlgRS256Fail1()

void org.xdi.oxauth.ws.rs.TokenEndpointAuthMethodRestrictionHttpTest.tokenEndpointAuthMethodPrivateKeyJwtSigningAlgRS256Fail1	(	final String	redirectUris,
		final String	redirectUri,
		final String	userId,
		final String	userSecret,
		final String	clientJwksUri,
		final String	keyId,
		final String	dnName,
		final String	keyStoreFile,
		final String	keyStoreSecret,
		final String	sectorIdentifierUri
	)		throws Exception

inline

                                                                                             {
         showTitle("tokenEndpointAuthMethodPrivateKeyJwtSigningAlgRS256Fail1");
 
         // 1. Register client
         RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
                 StringUtils.spaceSeparatedToList(redirectUris));
         registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
         registerRequest.setTokenEndpointAuthSigningAlg(SignatureAlgorithm.RS256);
         registerRequest.setJwksUri(clientJwksUri);
         registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
 
         RegisterClient registerClient = new RegisterClient(registrationEndpoint);
         registerClient.setRequest(registerRequest);
         RegisterResponse registerResponse = registerClient.exec();
 
         showClient(registerClient);
         assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
         assertNotNull(registerResponse.getClientId());
         assertNotNull(registerResponse.getClientSecret());
         assertNotNull(registerResponse.getRegistrationAccessToken());
         assertNotNull(registerResponse.getClientIdIssuedAt());
         assertNotNull(registerResponse.getClientSecretExpiresAt());
 
         String clientId = registerResponse.getClientId();
         String registrationAccessToken = registerResponse.getRegistrationAccessToken();
         String registrationClientUri = registerResponse.getRegistrationClientUri();
 
         // 2. Client read
         RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
 
         RegisterClient readClient = new RegisterClient(registrationClientUri);
         readClient.setRequest(readClientRequest);
         RegisterResponse readClientResponse = readClient.exec();
 
         showClient(readClient);
         assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
         assertNotNull(readClientResponse.getClientId());
         assertNotNull(readClientResponse.getClientSecret());
         assertNotNull(readClientResponse.getClientIdIssuedAt());
         assertNotNull(readClientResponse.getClientSecretExpiresAt());
 
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_METHOD.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_METHOD.toString()),
                 AuthenticationMethod.PRIVATE_KEY_JWT.toString());
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString()),
                 SignatureAlgorithm.RS256.toString());
         assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
         assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
         assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
         assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
         assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
         assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
 
         // 3. Request authorization
         List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
         List<String> scopes = Arrays.asList(
                 "openid",
                 "profile",
                 "address",
                 "email");
         String state = UUID.randomUUID().toString();
 
         AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
         authorizationRequest.setState(state);
 
         AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
                 authorizationEndpoint, authorizationRequest, userId, userSecret);
 
         assertNotNull(authorizationResponse.getLocation(), "The location is null");
         assertNotNull(authorizationResponse.getCode(), "The authorization code is null");
         assertNotNull(authorizationResponse.getState(), "The state is null");
         assertNotNull(authorizationResponse.getScope(), "The scope is null");
         assertNull(authorizationResponse.getIdToken(), "The id token is not null");
 
         String authorizationCode = authorizationResponse.getCode();
 
         // 4. Get Access Token
         OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
 
         TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
         tokenRequest.setAuthenticationMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
         tokenRequest.setAlgorithm(SignatureAlgorithm.RS384);
         tokenRequest.setCryptoProvider(cryptoProvider);
         tokenRequest.setKeyId(keyId);
         tokenRequest.setAudience(tokenEndpoint);
         tokenRequest.setCode(authorizationCode);
         tokenRequest.setRedirectUri(redirectUri);
         tokenRequest.setAuthUsername(clientId);
 
         TokenClient tokenClient = new TokenClient(tokenEndpoint);
         tokenClient.setRequest(tokenRequest);
         TokenResponse tokenResponse = tokenClient.exec();
 
         showClient(tokenClient);
         assertEquals(tokenResponse.getStatus(), 401, "Unexpected response code: " + tokenResponse.getStatus());
         assertNotNull(tokenResponse.getErrorType(), "The error type is null");
         assertNotNull(tokenResponse.getErrorDescription(), "The error description is null");
     }

◆ tokenEndpointAuthMethodPrivateKeyJwtSigningAlgRS256Fail2()

void org.xdi.oxauth.ws.rs.TokenEndpointAuthMethodRestrictionHttpTest.tokenEndpointAuthMethodPrivateKeyJwtSigningAlgRS256Fail2	(	final String	redirectUris,
		final String	redirectUri,
		final String	userId,
		final String	userSecret,
		final String	clientJwksUri,
		final String	keyId,
		final String	dnName,
		final String	keyStoreFile,
		final String	keyStoreSecret,
		final String	sectorIdentifierUri
	)		throws Exception

inline

                                                                                             {
         showTitle("tokenEndpointAuthMethodPrivateKeyJwtSigningAlgRS256Fail2");
 
         // 1. Register client
         RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
                 StringUtils.spaceSeparatedToList(redirectUris));
         registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
         registerRequest.setTokenEndpointAuthSigningAlg(SignatureAlgorithm.RS256);
         registerRequest.setJwksUri(clientJwksUri);
         registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
 
         RegisterClient registerClient = new RegisterClient(registrationEndpoint);
         registerClient.setRequest(registerRequest);
         RegisterResponse registerResponse = registerClient.exec();
 
         showClient(registerClient);
         assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
         assertNotNull(registerResponse.getClientId());
         assertNotNull(registerResponse.getClientSecret());
         assertNotNull(registerResponse.getRegistrationAccessToken());
         assertNotNull(registerResponse.getClientIdIssuedAt());
         assertNotNull(registerResponse.getClientSecretExpiresAt());
 
         String clientId = registerResponse.getClientId();
         String registrationAccessToken = registerResponse.getRegistrationAccessToken();
         String registrationClientUri = registerResponse.getRegistrationClientUri();
 
         // 2. Client read
         RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
 
         RegisterClient readClient = new RegisterClient(registrationClientUri);
         readClient.setRequest(readClientRequest);
         RegisterResponse readClientResponse = readClient.exec();
 
         showClient(readClient);
         assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
         assertNotNull(readClientResponse.getClientId());
         assertNotNull(readClientResponse.getClientSecret());
         assertNotNull(readClientResponse.getClientIdIssuedAt());
         assertNotNull(readClientResponse.getClientSecretExpiresAt());
 
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_METHOD.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_METHOD.toString()),
                 AuthenticationMethod.PRIVATE_KEY_JWT.toString());
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString()),
                 SignatureAlgorithm.RS256.toString());
         assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
         assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
         assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
         assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
         assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
         assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
 
         // 3. Request authorization
         List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
         List<String> scopes = Arrays.asList(
                 "openid",
                 "profile",
                 "address",
                 "email");
         String state = UUID.randomUUID().toString();
 
         AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
         authorizationRequest.setState(state);
 
         AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
                 authorizationEndpoint, authorizationRequest, userId, userSecret);
 
         assertNotNull(authorizationResponse.getLocation(), "The location is null");
         assertNotNull(authorizationResponse.getCode(), "The authorization code is null");
         assertNotNull(authorizationResponse.getState(), "The state is null");
         assertNotNull(authorizationResponse.getScope(), "The scope is null");
         assertNull(authorizationResponse.getIdToken(), "The id token is not null");
 
         String authorizationCode = authorizationResponse.getCode();
 
         // 4. Get Access Token
         OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
 
         TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
         tokenRequest.setAuthenticationMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
         tokenRequest.setAlgorithm(SignatureAlgorithm.RS512);
         tokenRequest.setCryptoProvider(cryptoProvider);
         tokenRequest.setKeyId(keyId);
         tokenRequest.setAudience(tokenEndpoint);
         tokenRequest.setCode(authorizationCode);
         tokenRequest.setRedirectUri(redirectUri);
         tokenRequest.setAuthUsername(clientId);
 
         TokenClient tokenClient = new TokenClient(tokenEndpoint);
         tokenClient.setRequest(tokenRequest);
         TokenResponse tokenResponse = tokenClient.exec();
 
         showClient(tokenClient);
         assertEquals(tokenResponse.getStatus(), 401, "Unexpected response code: " + tokenResponse.getStatus());
         assertNotNull(tokenResponse.getErrorType(), "The error type is null");
         assertNotNull(tokenResponse.getErrorDescription(), "The error description is null");
     }

◆ tokenEndpointAuthMethodPrivateKeyJwtSigningAlgRS256Fail3()

void org.xdi.oxauth.ws.rs.TokenEndpointAuthMethodRestrictionHttpTest.tokenEndpointAuthMethodPrivateKeyJwtSigningAlgRS256Fail3	(	final String	redirectUris,
		final String	redirectUri,
		final String	userId,
		final String	userSecret,
		final String	clientJwksUri,
		final String	keyId,
		final String	dnName,
		final String	keyStoreFile,
		final String	keyStoreSecret,
		final String	sectorIdentifierUri
	)		throws Exception

inline

                                                                                             {
         showTitle("tokenEndpointAuthMethodPrivateKeyJwtSigningAlgRS256Fail3");
 
         // 1. Register client
         RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
                 StringUtils.spaceSeparatedToList(redirectUris));
         registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
         registerRequest.setTokenEndpointAuthSigningAlg(SignatureAlgorithm.RS256);
         registerRequest.setJwksUri(clientJwksUri);
         registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
 
         RegisterClient registerClient = new RegisterClient(registrationEndpoint);
         registerClient.setRequest(registerRequest);
         RegisterResponse registerResponse = registerClient.exec();
 
         showClient(registerClient);
         assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
         assertNotNull(registerResponse.getClientId());
         assertNotNull(registerResponse.getClientSecret());
         assertNotNull(registerResponse.getRegistrationAccessToken());
         assertNotNull(registerResponse.getClientIdIssuedAt());
         assertNotNull(registerResponse.getClientSecretExpiresAt());
 
         String clientId = registerResponse.getClientId();
         String registrationAccessToken = registerResponse.getRegistrationAccessToken();
         String registrationClientUri = registerResponse.getRegistrationClientUri();
 
         // 2. Client read
         RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
 
         RegisterClient readClient = new RegisterClient(registrationClientUri);
         readClient.setRequest(readClientRequest);
         RegisterResponse readClientResponse = readClient.exec();
 
         showClient(readClient);
         assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
         assertNotNull(readClientResponse.getClientId());
         assertNotNull(readClientResponse.getClientSecret());
         assertNotNull(readClientResponse.getClientIdIssuedAt());
         assertNotNull(readClientResponse.getClientSecretExpiresAt());
 
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_METHOD.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_METHOD.toString()),
                 AuthenticationMethod.PRIVATE_KEY_JWT.toString());
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString()),
                 SignatureAlgorithm.RS256.toString());
         assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
         assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
         assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
         assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
         assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
         assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
 
         // 3. Request authorization
         List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
         List<String> scopes = Arrays.asList(
                 "openid",
                 "profile",
                 "address",
                 "email");
         String state = UUID.randomUUID().toString();
 
         AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
         authorizationRequest.setState(state);
 
         AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
                 authorizationEndpoint, authorizationRequest, userId, userSecret);
 
         assertNotNull(authorizationResponse.getLocation(), "The location is null");
         assertNotNull(authorizationResponse.getCode(), "The authorization code is null");
         assertNotNull(authorizationResponse.getState(), "The state is null");
         assertNotNull(authorizationResponse.getScope(), "The scope is null");
         assertNull(authorizationResponse.getIdToken(), "The id token is not null");
 
         String authorizationCode = authorizationResponse.getCode();
 
         // 4. Get Access Token
         OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
 
         TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
         tokenRequest.setAuthenticationMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
         tokenRequest.setAlgorithm(SignatureAlgorithm.ES256);
         tokenRequest.setCryptoProvider(cryptoProvider);
         tokenRequest.setKeyId(keyId);
         tokenRequest.setAudience(tokenEndpoint);
         tokenRequest.setCode(authorizationCode);
         tokenRequest.setRedirectUri(redirectUri);
         tokenRequest.setAuthUsername(clientId);
 
         TokenClient tokenClient = new TokenClient(tokenEndpoint);
         tokenClient.setRequest(tokenRequest);
         TokenResponse tokenResponse = tokenClient.exec();
 
         showClient(tokenClient);
         assertEquals(tokenResponse.getStatus(), 401, "Unexpected response code: " + tokenResponse.getStatus());
         assertNotNull(tokenResponse.getErrorType(), "The error type is null");
         assertNotNull(tokenResponse.getErrorDescription(), "The error description is null");
     }

◆ tokenEndpointAuthMethodPrivateKeyJwtSigningAlgRS256Fail4()

void org.xdi.oxauth.ws.rs.TokenEndpointAuthMethodRestrictionHttpTest.tokenEndpointAuthMethodPrivateKeyJwtSigningAlgRS256Fail4	(	final String	redirectUris,
		final String	redirectUri,
		final String	userId,
		final String	userSecret,
		final String	clientJwksUri,
		final String	keyId,
		final String	dnName,
		final String	keyStoreFile,
		final String	keyStoreSecret,
		final String	sectorIdentifierUri
	)		throws Exception

inline

                                                                                             {
         showTitle("tokenEndpointAuthMethodPrivateKeyJwtSigningAlgRS256Fail4");
 
         // 1. Register client
         RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
                 StringUtils.spaceSeparatedToList(redirectUris));
         registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
         registerRequest.setTokenEndpointAuthSigningAlg(SignatureAlgorithm.RS256);
         registerRequest.setJwksUri(clientJwksUri);
         registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
 
         RegisterClient registerClient = new RegisterClient(registrationEndpoint);
         registerClient.setRequest(registerRequest);
         RegisterResponse registerResponse = registerClient.exec();
 
         showClient(registerClient);
         assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
         assertNotNull(registerResponse.getClientId());
         assertNotNull(registerResponse.getClientSecret());
         assertNotNull(registerResponse.getRegistrationAccessToken());
         assertNotNull(registerResponse.getClientIdIssuedAt());
         assertNotNull(registerResponse.getClientSecretExpiresAt());
 
         String clientId = registerResponse.getClientId();
         String registrationAccessToken = registerResponse.getRegistrationAccessToken();
         String registrationClientUri = registerResponse.getRegistrationClientUri();
 
         // 2. Client read
         RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
 
         RegisterClient readClient = new RegisterClient(registrationClientUri);
         readClient.setRequest(readClientRequest);
         RegisterResponse readClientResponse = readClient.exec();
 
         showClient(readClient);
         assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
         assertNotNull(readClientResponse.getClientId());
         assertNotNull(readClientResponse.getClientSecret());
         assertNotNull(readClientResponse.getClientIdIssuedAt());
         assertNotNull(readClientResponse.getClientSecretExpiresAt());
 
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_METHOD.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_METHOD.toString()),
                 AuthenticationMethod.PRIVATE_KEY_JWT.toString());
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString()),
                 SignatureAlgorithm.RS256.toString());
         assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
         assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
         assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
         assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
         assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
         assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
 
         // 3. Request authorization
         List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
         List<String> scopes = Arrays.asList(
                 "openid",
                 "profile",
                 "address",
                 "email");
         String state = UUID.randomUUID().toString();
 
         AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
         authorizationRequest.setState(state);
 
         AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
                 authorizationEndpoint, authorizationRequest, userId, userSecret);
 
         assertNotNull(authorizationResponse.getLocation(), "The location is null");
         assertNotNull(authorizationResponse.getCode(), "The authorization code is null");
         assertNotNull(authorizationResponse.getState(), "The state is null");
         assertNotNull(authorizationResponse.getScope(), "The scope is null");
         assertNull(authorizationResponse.getIdToken(), "The id token is not null");
 
         String authorizationCode = authorizationResponse.getCode();
 
         // 4. Get Access Token
         OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
 
         TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
         tokenRequest.setAuthenticationMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
         tokenRequest.setAlgorithm(SignatureAlgorithm.ES384);
         tokenRequest.setCryptoProvider(cryptoProvider);
         tokenRequest.setKeyId(keyId);
         tokenRequest.setAudience(tokenEndpoint);
         tokenRequest.setCode(authorizationCode);
         tokenRequest.setRedirectUri(redirectUri);
         tokenRequest.setAuthUsername(clientId);
 
         TokenClient tokenClient = new TokenClient(tokenEndpoint);
         tokenClient.setRequest(tokenRequest);
         TokenResponse tokenResponse = tokenClient.exec();
 
         showClient(tokenClient);
         assertEquals(tokenResponse.getStatus(), 401, "Unexpected response code: " + tokenResponse.getStatus());
         assertNotNull(tokenResponse.getErrorType(), "The error type is null");
         assertNotNull(tokenResponse.getErrorDescription(), "The error description is null");
     }

◆ tokenEndpointAuthMethodPrivateKeyJwtSigningAlgRS256Fail5()

void org.xdi.oxauth.ws.rs.TokenEndpointAuthMethodRestrictionHttpTest.tokenEndpointAuthMethodPrivateKeyJwtSigningAlgRS256Fail5	(	final String	redirectUris,
		final String	redirectUri,
		final String	userId,
		final String	userSecret,
		final String	clientJwksUri,
		final String	keyId,
		final String	dnName,
		final String	keyStoreFile,
		final String	keyStoreSecret,
		final String	sectorIdentifierUri
	)		throws Exception

inline

                                                                                             {
         showTitle("tokenEndpointAuthMethodPrivateKeyJwtSigningAlgRS256Fail5");
 
         // 1. Register client
         RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
                 StringUtils.spaceSeparatedToList(redirectUris));
         registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
         registerRequest.setTokenEndpointAuthSigningAlg(SignatureAlgorithm.RS256);
         registerRequest.setJwksUri(clientJwksUri);
         registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
 
         RegisterClient registerClient = new RegisterClient(registrationEndpoint);
         registerClient.setRequest(registerRequest);
         RegisterResponse registerResponse = registerClient.exec();
 
         showClient(registerClient);
         assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
         assertNotNull(registerResponse.getClientId());
         assertNotNull(registerResponse.getClientSecret());
         assertNotNull(registerResponse.getRegistrationAccessToken());
         assertNotNull(registerResponse.getClientIdIssuedAt());
         assertNotNull(registerResponse.getClientSecretExpiresAt());
 
         String clientId = registerResponse.getClientId();
         String registrationAccessToken = registerResponse.getRegistrationAccessToken();
         String registrationClientUri = registerResponse.getRegistrationClientUri();
 
         // 2. Client read
         RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
 
         RegisterClient readClient = new RegisterClient(registrationClientUri);
         readClient.setRequest(readClientRequest);
         RegisterResponse readClientResponse = readClient.exec();
 
         showClient(readClient);
         assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
         assertNotNull(readClientResponse.getClientId());
         assertNotNull(readClientResponse.getClientSecret());
         assertNotNull(readClientResponse.getClientIdIssuedAt());
         assertNotNull(readClientResponse.getClientSecretExpiresAt());
 
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_METHOD.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_METHOD.toString()),
                 AuthenticationMethod.PRIVATE_KEY_JWT.toString());
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString()),
                 SignatureAlgorithm.RS256.toString());
         assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
         assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
         assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
         assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
         assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
         assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
 
         // 3. Request authorization
         List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
         List<String> scopes = Arrays.asList(
                 "openid",
                 "profile",
                 "address",
                 "email");
         String state = UUID.randomUUID().toString();
 
         AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
         authorizationRequest.setState(state);
 
         AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
                 authorizationEndpoint, authorizationRequest, userId, userSecret);
 
         assertNotNull(authorizationResponse.getLocation(), "The location is null");
         assertNotNull(authorizationResponse.getCode(), "The authorization code is null");
         assertNotNull(authorizationResponse.getState(), "The state is null");
         assertNotNull(authorizationResponse.getScope(), "The scope is null");
         assertNull(authorizationResponse.getIdToken(), "The id token is not null");
 
         String authorizationCode = authorizationResponse.getCode();
 
         // 4. Get Access Token
         OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
 
         TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
         tokenRequest.setAuthenticationMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
         tokenRequest.setAlgorithm(SignatureAlgorithm.ES512);
         tokenRequest.setCryptoProvider(cryptoProvider);
         tokenRequest.setKeyId(keyId);
         tokenRequest.setAudience(tokenEndpoint);
         tokenRequest.setCode(authorizationCode);
         tokenRequest.setRedirectUri(redirectUri);
         tokenRequest.setAuthUsername(clientId);
 
         TokenClient tokenClient = new TokenClient(tokenEndpoint);
         tokenClient.setRequest(tokenRequest);
         TokenResponse tokenResponse = tokenClient.exec();
 
         showClient(tokenClient);
         assertEquals(tokenResponse.getStatus(), 401, "Unexpected response code: " + tokenResponse.getStatus());
         assertNotNull(tokenResponse.getErrorType(), "The error type is null");
         assertNotNull(tokenResponse.getErrorDescription(), "The error description is null");
     }

◆ tokenEndpointAuthMethodPrivateKeyJwtSigningAlgRS384()

void org.xdi.oxauth.ws.rs.TokenEndpointAuthMethodRestrictionHttpTest.tokenEndpointAuthMethodPrivateKeyJwtSigningAlgRS384	(	final String	redirectUris,
		final String	redirectUri,
		final String	userId,
		final String	userSecret,
		final String	clientJwksUri,
		final String	keyId,
		final String	dnName,
		final String	keyStoreFile,
		final String	keyStoreSecret,
		final String	sectorIdentifierUri
	)		throws Exception

inline

                                                                                             {
         showTitle("tokenEndpointAuthMethodPrivateKeyJwtSigningAlgRS384");
 
         // 1. Register client
         RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
                 StringUtils.spaceSeparatedToList(redirectUris));
         registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
         registerRequest.setTokenEndpointAuthSigningAlg(SignatureAlgorithm.RS384);
         registerRequest.setJwksUri(clientJwksUri);
         registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
 
         RegisterClient registerClient = new RegisterClient(registrationEndpoint);
         registerClient.setRequest(registerRequest);
         RegisterResponse registerResponse = registerClient.exec();
 
         showClient(registerClient);
         assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
         assertNotNull(registerResponse.getClientId());
         assertNotNull(registerResponse.getClientSecret());
         assertNotNull(registerResponse.getRegistrationAccessToken());
         assertNotNull(registerResponse.getClientIdIssuedAt());
         assertNotNull(registerResponse.getClientSecretExpiresAt());
 
         String clientId = registerResponse.getClientId();
         String registrationAccessToken = registerResponse.getRegistrationAccessToken();
         String registrationClientUri = registerResponse.getRegistrationClientUri();
 
         // 2. Client read
         RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
 
         RegisterClient readClient = new RegisterClient(registrationClientUri);
         readClient.setRequest(readClientRequest);
         RegisterResponse readClientResponse = readClient.exec();
 
         showClient(readClient);
         assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
         assertNotNull(readClientResponse.getClientId());
         assertNotNull(readClientResponse.getClientSecret());
         assertNotNull(readClientResponse.getClientIdIssuedAt());
         assertNotNull(readClientResponse.getClientSecretExpiresAt());
 
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_METHOD.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_METHOD.toString()),
                 AuthenticationMethod.PRIVATE_KEY_JWT.toString());
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString()),
                 SignatureAlgorithm.RS384.toString());
         assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
         assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
         assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
         assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
         assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
         assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
 
         // 3. Request authorization
         List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
         List<String> scopes = Arrays.asList(
                 "openid",
                 "profile",
                 "address",
                 "email");
         String state = UUID.randomUUID().toString();
 
         AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
         authorizationRequest.setState(state);
 
         AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
                 authorizationEndpoint, authorizationRequest, userId, userSecret);
 
         assertNotNull(authorizationResponse.getLocation(), "The location is null");
         assertNotNull(authorizationResponse.getCode(), "The authorization code is null");
         assertNotNull(authorizationResponse.getState(), "The state is null");
         assertNotNull(authorizationResponse.getScope(), "The scope is null");
         assertNull(authorizationResponse.getIdToken(), "The id token is not null");
 
         String authorizationCode = authorizationResponse.getCode();
 
         // 4. Get Access Token
         OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
 
         TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
         tokenRequest.setAuthenticationMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
         tokenRequest.setAlgorithm(SignatureAlgorithm.RS384);
         tokenRequest.setCryptoProvider(cryptoProvider);
         tokenRequest.setKeyId(keyId);
         tokenRequest.setAudience(tokenEndpoint);
         tokenRequest.setCode(authorizationCode);
         tokenRequest.setRedirectUri(redirectUri);
         tokenRequest.setAuthUsername(clientId);
 
         TokenClient tokenClient = new TokenClient(tokenEndpoint);
         tokenClient.setRequest(tokenRequest);
         TokenResponse tokenResponse = tokenClient.exec();
 
         showClient(tokenClient);
         assertEquals(tokenResponse.getStatus(), 200, "Unexpected response code: " + tokenResponse.getStatus());
         assertNotNull(tokenResponse.getEntity(), "The entity is null");
         assertNotNull(tokenResponse.getAccessToken(), "The access token is null");
         assertNotNull(tokenResponse.getExpiresIn(), "The expires in value is null");
         assertNotNull(tokenResponse.getTokenType(), "The token type is null");
         assertNotNull(tokenResponse.getRefreshToken(), "The refresh token is null");
     }

◆ tokenEndpointAuthMethodPrivateKeyJwtSigningAlgRS384Fail1()

void org.xdi.oxauth.ws.rs.TokenEndpointAuthMethodRestrictionHttpTest.tokenEndpointAuthMethodPrivateKeyJwtSigningAlgRS384Fail1	(	final String	redirectUris,
		final String	redirectUri,
		final String	userId,
		final String	userSecret,
		final String	clientJwksUri,
		final String	keyId,
		final String	dnName,
		final String	keyStoreFile,
		final String	keyStoreSecret,
		final String	sectorIdentifierUri
	)		throws Exception

inline

                                                                                             {
         showTitle("tokenEndpointAuthMethodPrivateKeyJwtSigningAlgRS384Fail1");
 
         // 1. Register client
         RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
                 StringUtils.spaceSeparatedToList(redirectUris));
         registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
         registerRequest.setTokenEndpointAuthSigningAlg(SignatureAlgorithm.RS384);
         registerRequest.setJwksUri(clientJwksUri);
         registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
 
         RegisterClient registerClient = new RegisterClient(registrationEndpoint);
         registerClient.setRequest(registerRequest);
         RegisterResponse registerResponse = registerClient.exec();
 
         showClient(registerClient);
         assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
         assertNotNull(registerResponse.getClientId());
         assertNotNull(registerResponse.getClientSecret());
         assertNotNull(registerResponse.getRegistrationAccessToken());
         assertNotNull(registerResponse.getClientIdIssuedAt());
         assertNotNull(registerResponse.getClientSecretExpiresAt());
 
         String clientId = registerResponse.getClientId();
         String registrationAccessToken = registerResponse.getRegistrationAccessToken();
         String registrationClientUri = registerResponse.getRegistrationClientUri();
 
         // 2. Client read
         RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
 
         RegisterClient readClient = new RegisterClient(registrationClientUri);
         readClient.setRequest(readClientRequest);
         RegisterResponse readClientResponse = readClient.exec();
 
         showClient(readClient);
         assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
         assertNotNull(readClientResponse.getClientId());
         assertNotNull(readClientResponse.getClientSecret());
         assertNotNull(readClientResponse.getClientIdIssuedAt());
         assertNotNull(readClientResponse.getClientSecretExpiresAt());
 
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_METHOD.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_METHOD.toString()),
                 AuthenticationMethod.PRIVATE_KEY_JWT.toString());
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString()),
                 SignatureAlgorithm.RS384.toString());
         assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
         assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
         assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
         assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
         assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
         assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
 
         // 3. Request authorization
         List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
         List<String> scopes = Arrays.asList(
                 "openid",
                 "profile",
                 "address",
                 "email");
         String state = UUID.randomUUID().toString();
 
         AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
         authorizationRequest.setState(state);
 
         AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
                 authorizationEndpoint, authorizationRequest, userId, userSecret);
 
         assertNotNull(authorizationResponse.getLocation(), "The location is null");
         assertNotNull(authorizationResponse.getCode(), "The authorization code is null");
         assertNotNull(authorizationResponse.getState(), "The state is null");
         assertNotNull(authorizationResponse.getScope(), "The scope is null");
         assertNull(authorizationResponse.getIdToken(), "The id token is not null");
 
         String authorizationCode = authorizationResponse.getCode();
 
         // 4. Get Access Token
         OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
 
         TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
         tokenRequest.setAuthenticationMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
         tokenRequest.setAlgorithm(SignatureAlgorithm.RS256);
         tokenRequest.setCryptoProvider(cryptoProvider);
         tokenRequest.setKeyId(keyId);
         tokenRequest.setAudience(tokenEndpoint);
         tokenRequest.setCode(authorizationCode);
         tokenRequest.setRedirectUri(redirectUri);
         tokenRequest.setAuthUsername(clientId);
 
         TokenClient tokenClient = new TokenClient(tokenEndpoint);
         tokenClient.setRequest(tokenRequest);
         TokenResponse tokenResponse = tokenClient.exec();
 
         showClient(tokenClient);
         assertEquals(tokenResponse.getStatus(), 401, "Unexpected response code: " + tokenResponse.getStatus());
         assertNotNull(tokenResponse.getErrorType(), "The error type is null");
         assertNotNull(tokenResponse.getErrorDescription(), "The error description is null");
     }

◆ tokenEndpointAuthMethodPrivateKeyJwtSigningAlgRS384Fail2()

void org.xdi.oxauth.ws.rs.TokenEndpointAuthMethodRestrictionHttpTest.tokenEndpointAuthMethodPrivateKeyJwtSigningAlgRS384Fail2	(	final String	redirectUris,
		final String	redirectUri,
		final String	userId,
		final String	userSecret,
		final String	clientJwksUri,
		final String	keyId,
		final String	dnName,
		final String	keyStoreFile,
		final String	keyStoreSecret,
		final String	sectorIdentifierUri
	)		throws Exception

inline

                                                                                             {
         showTitle("tokenEndpointAuthMethodPrivateKeyJwtSigningAlgRS384Fail2");
 
         // 1. Register client
         RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
                 StringUtils.spaceSeparatedToList(redirectUris));
         registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
         registerRequest.setTokenEndpointAuthSigningAlg(SignatureAlgorithm.RS384);
         registerRequest.setJwksUri(clientJwksUri);
         registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
 
         RegisterClient registerClient = new RegisterClient(registrationEndpoint);
         registerClient.setRequest(registerRequest);
         RegisterResponse registerResponse = registerClient.exec();
 
         showClient(registerClient);
         assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
         assertNotNull(registerResponse.getClientId());
         assertNotNull(registerResponse.getClientSecret());
         assertNotNull(registerResponse.getRegistrationAccessToken());
         assertNotNull(registerResponse.getClientIdIssuedAt());
         assertNotNull(registerResponse.getClientSecretExpiresAt());
 
         String clientId = registerResponse.getClientId();
         String registrationAccessToken = registerResponse.getRegistrationAccessToken();
         String registrationClientUri = registerResponse.getRegistrationClientUri();
 
         // 2. Client read
         RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
 
         RegisterClient readClient = new RegisterClient(registrationClientUri);
         readClient.setRequest(readClientRequest);
         RegisterResponse readClientResponse = readClient.exec();
 
         showClient(readClient);
         assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
         assertNotNull(readClientResponse.getClientId());
         assertNotNull(readClientResponse.getClientSecret());
         assertNotNull(readClientResponse.getClientIdIssuedAt());
         assertNotNull(readClientResponse.getClientSecretExpiresAt());
 
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_METHOD.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_METHOD.toString()),
                 AuthenticationMethod.PRIVATE_KEY_JWT.toString());
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString()),
                 SignatureAlgorithm.RS384.toString());
         assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
         assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
         assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
         assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
         assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
         assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
 
         // 3. Request authorization
         List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
         List<String> scopes = Arrays.asList(
                 "openid",
                 "profile",
                 "address",
                 "email");
         String state = UUID.randomUUID().toString();
 
         AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
         authorizationRequest.setState(state);
 
         AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
                 authorizationEndpoint, authorizationRequest, userId, userSecret);
 
         assertNotNull(authorizationResponse.getLocation(), "The location is null");
         assertNotNull(authorizationResponse.getCode(), "The authorization code is null");
         assertNotNull(authorizationResponse.getState(), "The state is null");
         assertNotNull(authorizationResponse.getScope(), "The scope is null");
         assertNull(authorizationResponse.getIdToken(), "The id token is not null");
 
         String authorizationCode = authorizationResponse.getCode();
 
         // 4. Get Access Token
         OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
 
         TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
         tokenRequest.setAuthenticationMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
         tokenRequest.setAlgorithm(SignatureAlgorithm.RS512);
         tokenRequest.setCryptoProvider(cryptoProvider);
         tokenRequest.setKeyId(keyId);
         tokenRequest.setAudience(tokenEndpoint);
         tokenRequest.setCode(authorizationCode);
         tokenRequest.setRedirectUri(redirectUri);
         tokenRequest.setAuthUsername(clientId);
 
         TokenClient tokenClient = new TokenClient(tokenEndpoint);
         tokenClient.setRequest(tokenRequest);
         TokenResponse tokenResponse = tokenClient.exec();
 
         showClient(tokenClient);
         assertEquals(tokenResponse.getStatus(), 401, "Unexpected response code: " + tokenResponse.getStatus());
         assertNotNull(tokenResponse.getErrorType(), "The error type is null");
         assertNotNull(tokenResponse.getErrorDescription(), "The error description is null");
     }

◆ tokenEndpointAuthMethodPrivateKeyJwtSigningAlgRS384Fail3()

void org.xdi.oxauth.ws.rs.TokenEndpointAuthMethodRestrictionHttpTest.tokenEndpointAuthMethodPrivateKeyJwtSigningAlgRS384Fail3	(	final String	redirectUris,
		final String	redirectUri,
		final String	userId,
		final String	userSecret,
		final String	clientJwksUri,
		final String	keyId,
		final String	dnName,
		final String	keyStoreFile,
		final String	keyStoreSecret,
		final String	sectorIdentifierUri
	)		throws Exception

inline

                                                                                             {
         showTitle("tokenEndpointAuthMethodPrivateKeyJwtSigningAlgRS384Fail3");
 
         // 1. Register client
         RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
                 StringUtils.spaceSeparatedToList(redirectUris));
         registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
         registerRequest.setTokenEndpointAuthSigningAlg(SignatureAlgorithm.RS384);
         registerRequest.setJwksUri(clientJwksUri);
         registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
 
         RegisterClient registerClient = new RegisterClient(registrationEndpoint);
         registerClient.setRequest(registerRequest);
         RegisterResponse registerResponse = registerClient.exec();
 
         showClient(registerClient);
         assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
         assertNotNull(registerResponse.getClientId());
         assertNotNull(registerResponse.getClientSecret());
         assertNotNull(registerResponse.getRegistrationAccessToken());
         assertNotNull(registerResponse.getClientIdIssuedAt());
         assertNotNull(registerResponse.getClientSecretExpiresAt());
 
         String clientId = registerResponse.getClientId();
         String registrationAccessToken = registerResponse.getRegistrationAccessToken();
         String registrationClientUri = registerResponse.getRegistrationClientUri();
 
         // 2. Client read
         RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
 
         RegisterClient readClient = new RegisterClient(registrationClientUri);
         readClient.setRequest(readClientRequest);
         RegisterResponse readClientResponse = readClient.exec();
 
         showClient(readClient);
         assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
         assertNotNull(readClientResponse.getClientId());
         assertNotNull(readClientResponse.getClientSecret());
         assertNotNull(readClientResponse.getClientIdIssuedAt());
         assertNotNull(readClientResponse.getClientSecretExpiresAt());
 
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_METHOD.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_METHOD.toString()),
                 AuthenticationMethod.PRIVATE_KEY_JWT.toString());
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString()),
                 SignatureAlgorithm.RS384.toString());
         assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
         assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
         assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
         assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
         assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
         assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
 
         // 3. Request authorization
         List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
         List<String> scopes = Arrays.asList(
                 "openid",
                 "profile",
                 "address",
                 "email");
         String state = UUID.randomUUID().toString();
 
         AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
         authorizationRequest.setState(state);
 
         AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
                 authorizationEndpoint, authorizationRequest, userId, userSecret);
 
         assertNotNull(authorizationResponse.getLocation(), "The location is null");
         assertNotNull(authorizationResponse.getCode(), "The authorization code is null");
         assertNotNull(authorizationResponse.getState(), "The state is null");
         assertNotNull(authorizationResponse.getScope(), "The scope is null");
         assertNull(authorizationResponse.getIdToken(), "The id token is not null");
 
         String authorizationCode = authorizationResponse.getCode();
 
         // 4. Get Access Token
         OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
 
         TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
         tokenRequest.setAuthenticationMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
         tokenRequest.setAlgorithm(SignatureAlgorithm.ES256);
         tokenRequest.setCryptoProvider(cryptoProvider);
         tokenRequest.setKeyId(keyId);
         tokenRequest.setAudience(tokenEndpoint);
         tokenRequest.setCode(authorizationCode);
         tokenRequest.setRedirectUri(redirectUri);
         tokenRequest.setAuthUsername(clientId);
 
         TokenClient tokenClient = new TokenClient(tokenEndpoint);
         tokenClient.setRequest(tokenRequest);
         TokenResponse tokenResponse = tokenClient.exec();
 
         showClient(tokenClient);
         assertEquals(tokenResponse.getStatus(), 401, "Unexpected response code: " + tokenResponse.getStatus());
         assertNotNull(tokenResponse.getErrorType(), "The error type is null");
         assertNotNull(tokenResponse.getErrorDescription(), "The error description is null");
     }

◆ tokenEndpointAuthMethodPrivateKeyJwtSigningAlgRS384Fail4()

void org.xdi.oxauth.ws.rs.TokenEndpointAuthMethodRestrictionHttpTest.tokenEndpointAuthMethodPrivateKeyJwtSigningAlgRS384Fail4	(	final String	redirectUris,
		final String	redirectUri,
		final String	userId,
		final String	userSecret,
		final String	clientJwksUri,
		final String	keyId,
		final String	dnName,
		final String	keyStoreFile,
		final String	keyStoreSecret,
		final String	sectorIdentifierUri
	)		throws Exception

inline

                                                                                             {
         showTitle("tokenEndpointAuthMethodPrivateKeyJwtSigningAlgRS384Fail4");
 
         // 1. Register client
         RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
                 StringUtils.spaceSeparatedToList(redirectUris));
         registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
         registerRequest.setTokenEndpointAuthSigningAlg(SignatureAlgorithm.RS384);
         registerRequest.setJwksUri(clientJwksUri);
         registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
 
         RegisterClient registerClient = new RegisterClient(registrationEndpoint);
         registerClient.setRequest(registerRequest);
         RegisterResponse registerResponse = registerClient.exec();
 
         showClient(registerClient);
         assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
         assertNotNull(registerResponse.getClientId());
         assertNotNull(registerResponse.getClientSecret());
         assertNotNull(registerResponse.getRegistrationAccessToken());
         assertNotNull(registerResponse.getClientIdIssuedAt());
         assertNotNull(registerResponse.getClientSecretExpiresAt());
 
         String clientId = registerResponse.getClientId();
         String registrationAccessToken = registerResponse.getRegistrationAccessToken();
         String registrationClientUri = registerResponse.getRegistrationClientUri();
 
         // 2. Client read
         RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
 
         RegisterClient readClient = new RegisterClient(registrationClientUri);
         readClient.setRequest(readClientRequest);
         RegisterResponse readClientResponse = readClient.exec();
 
         showClient(readClient);
         assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
         assertNotNull(readClientResponse.getClientId());
         assertNotNull(readClientResponse.getClientSecret());
         assertNotNull(readClientResponse.getClientIdIssuedAt());
         assertNotNull(readClientResponse.getClientSecretExpiresAt());
 
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_METHOD.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_METHOD.toString()),
                 AuthenticationMethod.PRIVATE_KEY_JWT.toString());
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString()),
                 SignatureAlgorithm.RS384.toString());
         assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
         assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
         assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
         assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
         assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
         assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
 
         // 3. Request authorization
         List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
         List<String> scopes = Arrays.asList(
                 "openid",
                 "profile",
                 "address",
                 "email");
         String state = UUID.randomUUID().toString();
 
         AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
         authorizationRequest.setState(state);
 
         AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
                 authorizationEndpoint, authorizationRequest, userId, userSecret);
 
         assertNotNull(authorizationResponse.getLocation(), "The location is null");
         assertNotNull(authorizationResponse.getCode(), "The authorization code is null");
         assertNotNull(authorizationResponse.getState(), "The state is null");
         assertNotNull(authorizationResponse.getScope(), "The scope is null");
         assertNull(authorizationResponse.getIdToken(), "The id token is not null");
 
         String authorizationCode = authorizationResponse.getCode();
 
         // 4. Get Access Token
         OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
 
         TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
         tokenRequest.setAuthenticationMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
         tokenRequest.setAlgorithm(SignatureAlgorithm.ES384);
         tokenRequest.setCryptoProvider(cryptoProvider);
         tokenRequest.setKeyId(keyId);
         tokenRequest.setAudience(tokenEndpoint);
         tokenRequest.setCode(authorizationCode);
         tokenRequest.setRedirectUri(redirectUri);
         tokenRequest.setAuthUsername(clientId);
 
         TokenClient tokenClient = new TokenClient(tokenEndpoint);
         tokenClient.setRequest(tokenRequest);
         TokenResponse tokenResponse = tokenClient.exec();
 
         showClient(tokenClient);
         assertEquals(tokenResponse.getStatus(), 401, "Unexpected response code: " + tokenResponse.getStatus());
         assertNotNull(tokenResponse.getErrorType(), "The error type is null");
         assertNotNull(tokenResponse.getErrorDescription(), "The error description is null");
     }

◆ tokenEndpointAuthMethodPrivateKeyJwtSigningAlgRS384Fail5()

void org.xdi.oxauth.ws.rs.TokenEndpointAuthMethodRestrictionHttpTest.tokenEndpointAuthMethodPrivateKeyJwtSigningAlgRS384Fail5	(	final String	redirectUris,
		final String	redirectUri,
		final String	userId,
		final String	userSecret,
		final String	clientJwksUri,
		final String	keyId,
		final String	dnName,
		final String	keyStoreFile,
		final String	keyStoreSecret,
		final String	sectorIdentifierUri
	)		throws Exception

inline

                                                                                             {
         showTitle("tokenEndpointAuthMethodPrivateKeyJwtSigningAlgRS384Fail5");
 
         // 1. Register client
         RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
                 StringUtils.spaceSeparatedToList(redirectUris));
         registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
         registerRequest.setTokenEndpointAuthSigningAlg(SignatureAlgorithm.RS384);
         registerRequest.setJwksUri(clientJwksUri);
         registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
 
         RegisterClient registerClient = new RegisterClient(registrationEndpoint);
         registerClient.setRequest(registerRequest);
         RegisterResponse registerResponse = registerClient.exec();
 
         showClient(registerClient);
         assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
         assertNotNull(registerResponse.getClientId());
         assertNotNull(registerResponse.getClientSecret());
         assertNotNull(registerResponse.getRegistrationAccessToken());
         assertNotNull(registerResponse.getClientIdIssuedAt());
         assertNotNull(registerResponse.getClientSecretExpiresAt());
 
         String clientId = registerResponse.getClientId();
         String registrationAccessToken = registerResponse.getRegistrationAccessToken();
         String registrationClientUri = registerResponse.getRegistrationClientUri();
 
         // 2. Client read
         RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
 
         RegisterClient readClient = new RegisterClient(registrationClientUri);
         readClient.setRequest(readClientRequest);
         RegisterResponse readClientResponse = readClient.exec();
 
         showClient(readClient);
         assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
         assertNotNull(readClientResponse.getClientId());
         assertNotNull(readClientResponse.getClientSecret());
         assertNotNull(readClientResponse.getClientIdIssuedAt());
         assertNotNull(readClientResponse.getClientSecretExpiresAt());
 
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_METHOD.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_METHOD.toString()),
                 AuthenticationMethod.PRIVATE_KEY_JWT.toString());
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString()),
                 SignatureAlgorithm.RS384.toString());
         assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
         assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
         assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
         assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
         assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
         assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
 
         // 3. Request authorization
         List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
         List<String> scopes = Arrays.asList(
                 "openid",
                 "profile",
                 "address",
                 "email");
         String state = UUID.randomUUID().toString();
 
         AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
         authorizationRequest.setState(state);
 
         AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
                 authorizationEndpoint, authorizationRequest, userId, userSecret);
 
         assertNotNull(authorizationResponse.getLocation(), "The location is null");
         assertNotNull(authorizationResponse.getCode(), "The authorization code is null");
         assertNotNull(authorizationResponse.getState(), "The state is null");
         assertNotNull(authorizationResponse.getScope(), "The scope is null");
         assertNull(authorizationResponse.getIdToken(), "The id token is not null");
 
         String authorizationCode = authorizationResponse.getCode();
 
         // 4. Get Access Token
         OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
 
         TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
         tokenRequest.setAuthenticationMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
         tokenRequest.setAlgorithm(SignatureAlgorithm.ES512);
         tokenRequest.setCryptoProvider(cryptoProvider);
         tokenRequest.setKeyId(keyId);
         tokenRequest.setAudience(tokenEndpoint);
         tokenRequest.setCode(authorizationCode);
         tokenRequest.setRedirectUri(redirectUri);
         tokenRequest.setAuthUsername(clientId);
 
         TokenClient tokenClient = new TokenClient(tokenEndpoint);
         tokenClient.setRequest(tokenRequest);
         TokenResponse tokenResponse = tokenClient.exec();
 
         showClient(tokenClient);
         assertEquals(tokenResponse.getStatus(), 401, "Unexpected response code: " + tokenResponse.getStatus());
         assertNotNull(tokenResponse.getErrorType(), "The error type is null");
         assertNotNull(tokenResponse.getErrorDescription(), "The error description is null");
     }

◆ tokenEndpointAuthMethodPrivateKeyJwtSigningAlgRS512()

void org.xdi.oxauth.ws.rs.TokenEndpointAuthMethodRestrictionHttpTest.tokenEndpointAuthMethodPrivateKeyJwtSigningAlgRS512	(	final String	redirectUris,
		final String	redirectUri,
		final String	userId,
		final String	userSecret,
		final String	clientJwksUri,
		final String	keyId,
		final String	dnName,
		final String	keyStoreFile,
		final String	keyStoreSecret,
		final String	sectorIdentifierUri
	)		throws Exception

inline

                                                                                             {
         showTitle("tokenEndpointAuthMethodPrivateKeyJwtSigningAlgRS512");
 
         // 1. Register client
         RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
                 StringUtils.spaceSeparatedToList(redirectUris));
         registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
         registerRequest.setTokenEndpointAuthSigningAlg(SignatureAlgorithm.RS512);
         registerRequest.setJwksUri(clientJwksUri);
         registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
 
         RegisterClient registerClient = new RegisterClient(registrationEndpoint);
         registerClient.setRequest(registerRequest);
         RegisterResponse registerResponse = registerClient.exec();
 
         showClient(registerClient);
         assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
         assertNotNull(registerResponse.getClientId());
         assertNotNull(registerResponse.getClientSecret());
         assertNotNull(registerResponse.getRegistrationAccessToken());
         assertNotNull(registerResponse.getClientIdIssuedAt());
         assertNotNull(registerResponse.getClientSecretExpiresAt());
 
         String clientId = registerResponse.getClientId();
         String registrationAccessToken = registerResponse.getRegistrationAccessToken();
         String registrationClientUri = registerResponse.getRegistrationClientUri();
 
         // 2. Client read
         RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
 
         RegisterClient readClient = new RegisterClient(registrationClientUri);
         readClient.setRequest(readClientRequest);
         RegisterResponse readClientResponse = readClient.exec();
 
         showClient(readClient);
         assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
         assertNotNull(readClientResponse.getClientId());
         assertNotNull(readClientResponse.getClientSecret());
         assertNotNull(readClientResponse.getClientIdIssuedAt());
         assertNotNull(readClientResponse.getClientSecretExpiresAt());
 
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_METHOD.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_METHOD.toString()),
                 AuthenticationMethod.PRIVATE_KEY_JWT.toString());
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString()),
                 SignatureAlgorithm.RS512.toString());
         assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
         assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
         assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
         assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
         assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
         assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
 
         // 3. Request authorization
         List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
         List<String> scopes = Arrays.asList(
                 "openid",
                 "profile",
                 "address",
                 "email");
         String state = UUID.randomUUID().toString();
 
         AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
         authorizationRequest.setState(state);
 
         AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
                 authorizationEndpoint, authorizationRequest, userId, userSecret);
 
         assertNotNull(authorizationResponse.getLocation(), "The location is null");
         assertNotNull(authorizationResponse.getCode(), "The authorization code is null");
         assertNotNull(authorizationResponse.getState(), "The state is null");
         assertNotNull(authorizationResponse.getScope(), "The scope is null");
         assertNull(authorizationResponse.getIdToken(), "The id token is not null");
 
         String authorizationCode = authorizationResponse.getCode();
 
         // 4. Get Access Token
         OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
 
         TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
         tokenRequest.setAuthenticationMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
         tokenRequest.setAlgorithm(SignatureAlgorithm.RS512);
         tokenRequest.setCryptoProvider(cryptoProvider);
         tokenRequest.setKeyId(keyId);
         tokenRequest.setAudience(tokenEndpoint);
         tokenRequest.setCode(authorizationCode);
         tokenRequest.setRedirectUri(redirectUri);
         tokenRequest.setAuthUsername(clientId);
 
         TokenClient tokenClient = new TokenClient(tokenEndpoint);
         tokenClient.setRequest(tokenRequest);
         TokenResponse tokenResponse = tokenClient.exec();
 
         showClient(tokenClient);
         assertEquals(tokenResponse.getStatus(), 200, "Unexpected response code: " + tokenResponse.getStatus());
         assertNotNull(tokenResponse.getEntity(), "The entity is null");
         assertNotNull(tokenResponse.getAccessToken(), "The access token is null");
         assertNotNull(tokenResponse.getExpiresIn(), "The expires in value is null");
         assertNotNull(tokenResponse.getTokenType(), "The token type is null");
         assertNotNull(tokenResponse.getRefreshToken(), "The refresh token is null");
     }

◆ tokenEndpointAuthMethodPrivateKeyJwtSigningAlgRS512Fail1()

void org.xdi.oxauth.ws.rs.TokenEndpointAuthMethodRestrictionHttpTest.tokenEndpointAuthMethodPrivateKeyJwtSigningAlgRS512Fail1	(	final String	redirectUris,
		final String	redirectUri,
		final String	userId,
		final String	userSecret,
		final String	clientJwksUri,
		final String	keyId,
		final String	dnName,
		final String	keyStoreFile,
		final String	keyStoreSecret,
		final String	sectorIdentifierUri
	)		throws Exception

inline

                                                                                             {
         showTitle("tokenEndpointAuthMethodPrivateKeyJwtSigningAlgRS512Fail1");
 
         // 1. Register client
         RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
                 StringUtils.spaceSeparatedToList(redirectUris));
         registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
         registerRequest.setTokenEndpointAuthSigningAlg(SignatureAlgorithm.RS512);
         registerRequest.setJwksUri(clientJwksUri);
         registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
 
         RegisterClient registerClient = new RegisterClient(registrationEndpoint);
         registerClient.setRequest(registerRequest);
         RegisterResponse registerResponse = registerClient.exec();
 
         showClient(registerClient);
         assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
         assertNotNull(registerResponse.getClientId());
         assertNotNull(registerResponse.getClientSecret());
         assertNotNull(registerResponse.getRegistrationAccessToken());
         assertNotNull(registerResponse.getClientIdIssuedAt());
         assertNotNull(registerResponse.getClientSecretExpiresAt());
 
         String clientId = registerResponse.getClientId();
         String registrationAccessToken = registerResponse.getRegistrationAccessToken();
         String registrationClientUri = registerResponse.getRegistrationClientUri();
 
         // 2. Client read
         RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
 
         RegisterClient readClient = new RegisterClient(registrationClientUri);
         readClient.setRequest(readClientRequest);
         RegisterResponse readClientResponse = readClient.exec();
 
         showClient(readClient);
         assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
         assertNotNull(readClientResponse.getClientId());
         assertNotNull(readClientResponse.getClientSecret());
         assertNotNull(readClientResponse.getClientIdIssuedAt());
         assertNotNull(readClientResponse.getClientSecretExpiresAt());
 
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_METHOD.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_METHOD.toString()),
                 AuthenticationMethod.PRIVATE_KEY_JWT.toString());
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString()),
                 SignatureAlgorithm.RS512.toString());
         assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
         assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
         assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
         assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
         assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
         assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
 
         // 3. Request authorization
         List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
         List<String> scopes = Arrays.asList(
                 "openid",
                 "profile",
                 "address",
                 "email");
         String state = UUID.randomUUID().toString();
 
         AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
         authorizationRequest.setState(state);
 
         AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
                 authorizationEndpoint, authorizationRequest, userId, userSecret);
 
         assertNotNull(authorizationResponse.getLocation(), "The location is null");
         assertNotNull(authorizationResponse.getCode(), "The authorization code is null");
         assertNotNull(authorizationResponse.getState(), "The state is null");
         assertNotNull(authorizationResponse.getScope(), "The scope is null");
         assertNull(authorizationResponse.getIdToken(), "The id token is not null");
 
         String authorizationCode = authorizationResponse.getCode();
 
         // 4. Get Access Token
         OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
 
         TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
         tokenRequest.setAuthenticationMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
         tokenRequest.setAlgorithm(SignatureAlgorithm.RS256);
         tokenRequest.setCryptoProvider(cryptoProvider);
         tokenRequest.setKeyId(keyId);
         tokenRequest.setAudience(tokenEndpoint);
         tokenRequest.setCode(authorizationCode);
         tokenRequest.setRedirectUri(redirectUri);
         tokenRequest.setAuthUsername(clientId);
 
         TokenClient tokenClient = new TokenClient(tokenEndpoint);
         tokenClient.setRequest(tokenRequest);
         TokenResponse tokenResponse = tokenClient.exec();
 
         showClient(tokenClient);
         assertEquals(tokenResponse.getStatus(), 401, "Unexpected response code: " + tokenResponse.getStatus());
         assertNotNull(tokenResponse.getErrorType(), "The error type is null");
         assertNotNull(tokenResponse.getErrorDescription(), "The error description is null");
     }

◆ tokenEndpointAuthMethodPrivateKeyJwtSigningAlgRS512Fail2()

void org.xdi.oxauth.ws.rs.TokenEndpointAuthMethodRestrictionHttpTest.tokenEndpointAuthMethodPrivateKeyJwtSigningAlgRS512Fail2	(	final String	redirectUris,
		final String	redirectUri,
		final String	userId,
		final String	userSecret,
		final String	clientJwksUri,
		final String	keyId,
		final String	dnName,
		final String	keyStoreFile,
		final String	keyStoreSecret,
		final String	sectorIdentifierUri
	)		throws Exception

inline

                                                                                             {
         showTitle("tokenEndpointAuthMethodPrivateKeyJwtSigningAlgRS512Fail2");
 
         // 1. Register client
         RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
                 StringUtils.spaceSeparatedToList(redirectUris));
         registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
         registerRequest.setTokenEndpointAuthSigningAlg(SignatureAlgorithm.RS512);
         registerRequest.setJwksUri(clientJwksUri);
         registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
 
         RegisterClient registerClient = new RegisterClient(registrationEndpoint);
         registerClient.setRequest(registerRequest);
         RegisterResponse registerResponse = registerClient.exec();
 
         showClient(registerClient);
         assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
         assertNotNull(registerResponse.getClientId());
         assertNotNull(registerResponse.getClientSecret());
         assertNotNull(registerResponse.getRegistrationAccessToken());
         assertNotNull(registerResponse.getClientIdIssuedAt());
         assertNotNull(registerResponse.getClientSecretExpiresAt());
 
         String clientId = registerResponse.getClientId();
         String registrationAccessToken = registerResponse.getRegistrationAccessToken();
         String registrationClientUri = registerResponse.getRegistrationClientUri();
 
         // 2. Client read
         RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
 
         RegisterClient readClient = new RegisterClient(registrationClientUri);
         readClient.setRequest(readClientRequest);
         RegisterResponse readClientResponse = readClient.exec();
 
         showClient(readClient);
         assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
         assertNotNull(readClientResponse.getClientId());
         assertNotNull(readClientResponse.getClientSecret());
         assertNotNull(readClientResponse.getClientIdIssuedAt());
         assertNotNull(readClientResponse.getClientSecretExpiresAt());
 
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_METHOD.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_METHOD.toString()),
                 AuthenticationMethod.PRIVATE_KEY_JWT.toString());
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString()),
                 SignatureAlgorithm.RS512.toString());
         assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
         assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
         assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
         assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
         assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
         assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
 
         // 3. Request authorization
         List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
         List<String> scopes = Arrays.asList(
                 "openid",
                 "profile",
                 "address",
                 "email");
         String state = UUID.randomUUID().toString();
 
         AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
         authorizationRequest.setState(state);
 
         AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
                 authorizationEndpoint, authorizationRequest, userId, userSecret);
 
         assertNotNull(authorizationResponse.getLocation(), "The location is null");
         assertNotNull(authorizationResponse.getCode(), "The authorization code is null");
         assertNotNull(authorizationResponse.getState(), "The state is null");
         assertNotNull(authorizationResponse.getScope(), "The scope is null");
         assertNull(authorizationResponse.getIdToken(), "The id token is not null");
 
         String authorizationCode = authorizationResponse.getCode();
 
         // 4. Get Access Token
         OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
 
         TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
         tokenRequest.setAuthenticationMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
         tokenRequest.setAlgorithm(SignatureAlgorithm.RS384);
         tokenRequest.setCryptoProvider(cryptoProvider);
         tokenRequest.setKeyId(keyId);
         tokenRequest.setAudience(tokenEndpoint);
         tokenRequest.setCode(authorizationCode);
         tokenRequest.setRedirectUri(redirectUri);
         tokenRequest.setAuthUsername(clientId);
 
         TokenClient tokenClient = new TokenClient(tokenEndpoint);
         tokenClient.setRequest(tokenRequest);
         TokenResponse tokenResponse = tokenClient.exec();
 
         showClient(tokenClient);
         assertEquals(tokenResponse.getStatus(), 401, "Unexpected response code: " + tokenResponse.getStatus());
         assertNotNull(tokenResponse.getErrorType(), "The error type is null");
         assertNotNull(tokenResponse.getErrorDescription(), "The error description is null");
     }

◆ tokenEndpointAuthMethodPrivateKeyJwtSigningAlgRS512Fail3()

void org.xdi.oxauth.ws.rs.TokenEndpointAuthMethodRestrictionHttpTest.tokenEndpointAuthMethodPrivateKeyJwtSigningAlgRS512Fail3	(	final String	redirectUris,
		final String	redirectUri,
		final String	userId,
		final String	userSecret,
		final String	clientJwksUri,
		final String	keyId,
		final String	dnName,
		final String	keyStoreFile,
		final String	keyStoreSecret,
		final String	sectorIdentifierUri
	)		throws Exception

inline

                                                                                             {
         showTitle("tokenEndpointAuthMethodPrivateKeyJwtSigningAlgRS512Fail3");
 
         // 1. Register client
         RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
                 StringUtils.spaceSeparatedToList(redirectUris));
         registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
         registerRequest.setTokenEndpointAuthSigningAlg(SignatureAlgorithm.RS512);
         registerRequest.setJwksUri(clientJwksUri);
         registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
 
         RegisterClient registerClient = new RegisterClient(registrationEndpoint);
         registerClient.setRequest(registerRequest);
         RegisterResponse registerResponse = registerClient.exec();
 
         showClient(registerClient);
         assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
         assertNotNull(registerResponse.getClientId());
         assertNotNull(registerResponse.getClientSecret());
         assertNotNull(registerResponse.getRegistrationAccessToken());
         assertNotNull(registerResponse.getClientIdIssuedAt());
         assertNotNull(registerResponse.getClientSecretExpiresAt());
 
         String clientId = registerResponse.getClientId();
         String registrationAccessToken = registerResponse.getRegistrationAccessToken();
         String registrationClientUri = registerResponse.getRegistrationClientUri();
 
         // 2. Client read
         RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
 
         RegisterClient readClient = new RegisterClient(registrationClientUri);
         readClient.setRequest(readClientRequest);
         RegisterResponse readClientResponse = readClient.exec();
 
         showClient(readClient);
         assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
         assertNotNull(readClientResponse.getClientId());
         assertNotNull(readClientResponse.getClientSecret());
         assertNotNull(readClientResponse.getClientIdIssuedAt());
         assertNotNull(readClientResponse.getClientSecretExpiresAt());
 
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_METHOD.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_METHOD.toString()),
                 AuthenticationMethod.PRIVATE_KEY_JWT.toString());
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString()),
                 SignatureAlgorithm.RS512.toString());
         assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
         assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
         assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
         assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
         assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
         assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
 
         // 3. Request authorization
         List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
         List<String> scopes = Arrays.asList(
                 "openid",
                 "profile",
                 "address",
                 "email");
         String state = UUID.randomUUID().toString();
 
         AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
         authorizationRequest.setState(state);
 
         AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
                 authorizationEndpoint, authorizationRequest, userId, userSecret);
 
         assertNotNull(authorizationResponse.getLocation(), "The location is null");
         assertNotNull(authorizationResponse.getCode(), "The authorization code is null");
         assertNotNull(authorizationResponse.getState(), "The state is null");
         assertNotNull(authorizationResponse.getScope(), "The scope is null");
         assertNull(authorizationResponse.getIdToken(), "The id token is not null");
 
         String authorizationCode = authorizationResponse.getCode();
 
         // 4. Get Access Token
         OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
 
         TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
         tokenRequest.setAuthenticationMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
         tokenRequest.setAlgorithm(SignatureAlgorithm.ES256);
         tokenRequest.setCryptoProvider(cryptoProvider);
         tokenRequest.setKeyId(keyId);
         tokenRequest.setAudience(tokenEndpoint);
         tokenRequest.setCode(authorizationCode);
         tokenRequest.setRedirectUri(redirectUri);
         tokenRequest.setAuthUsername(clientId);
 
         TokenClient tokenClient = new TokenClient(tokenEndpoint);
         tokenClient.setRequest(tokenRequest);
         TokenResponse tokenResponse = tokenClient.exec();
 
         showClient(tokenClient);
         assertEquals(tokenResponse.getStatus(), 401, "Unexpected response code: " + tokenResponse.getStatus());
         assertNotNull(tokenResponse.getErrorType(), "The error type is null");
         assertNotNull(tokenResponse.getErrorDescription(), "The error description is null");
     }

◆ tokenEndpointAuthMethodPrivateKeyJwtSigningAlgRS512Fail4()

void org.xdi.oxauth.ws.rs.TokenEndpointAuthMethodRestrictionHttpTest.tokenEndpointAuthMethodPrivateKeyJwtSigningAlgRS512Fail4	(	final String	redirectUris,
		final String	redirectUri,
		final String	userId,
		final String	userSecret,
		final String	clientJwksUri,
		final String	keyId,
		final String	dnName,
		final String	keyStoreFile,
		final String	keyStoreSecret,
		final String	sectorIdentifierUri
	)		throws Exception

inline

                                                                                             {
         showTitle("tokenEndpointAuthMethodPrivateKeyJwtSigningAlgRS512Fail4");
 
         // 1. Register client
         RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
                 StringUtils.spaceSeparatedToList(redirectUris));
         registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
         registerRequest.setTokenEndpointAuthSigningAlg(SignatureAlgorithm.RS512);
         registerRequest.setJwksUri(clientJwksUri);
         registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
 
         RegisterClient registerClient = new RegisterClient(registrationEndpoint);
         registerClient.setRequest(registerRequest);
         RegisterResponse registerResponse = registerClient.exec();
 
         showClient(registerClient);
         assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
         assertNotNull(registerResponse.getClientId());
         assertNotNull(registerResponse.getClientSecret());
         assertNotNull(registerResponse.getRegistrationAccessToken());
         assertNotNull(registerResponse.getClientIdIssuedAt());
         assertNotNull(registerResponse.getClientSecretExpiresAt());
 
         String clientId = registerResponse.getClientId();
         String registrationAccessToken = registerResponse.getRegistrationAccessToken();
         String registrationClientUri = registerResponse.getRegistrationClientUri();
 
         // 2. Client read
         RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
 
         RegisterClient readClient = new RegisterClient(registrationClientUri);
         readClient.setRequest(readClientRequest);
         RegisterResponse readClientResponse = readClient.exec();
 
         showClient(readClient);
         assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
         assertNotNull(readClientResponse.getClientId());
         assertNotNull(readClientResponse.getClientSecret());
         assertNotNull(readClientResponse.getClientIdIssuedAt());
         assertNotNull(readClientResponse.getClientSecretExpiresAt());
 
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_METHOD.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_METHOD.toString()),
                 AuthenticationMethod.PRIVATE_KEY_JWT.toString());
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString()),
                 SignatureAlgorithm.RS512.toString());
         assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
         assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
         assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
         assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
         assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
         assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
 
         // 3. Request authorization
         List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
         List<String> scopes = Arrays.asList(
                 "openid",
                 "profile",
                 "address",
                 "email");
         String state = UUID.randomUUID().toString();
 
         AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
         authorizationRequest.setState(state);
 
         AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
                 authorizationEndpoint, authorizationRequest, userId, userSecret);
 
         assertNotNull(authorizationResponse.getLocation(), "The location is null");
         assertNotNull(authorizationResponse.getCode(), "The authorization code is null");
         assertNotNull(authorizationResponse.getState(), "The state is null");
         assertNotNull(authorizationResponse.getScope(), "The scope is null");
         assertNull(authorizationResponse.getIdToken(), "The id token is not null");
 
         String authorizationCode = authorizationResponse.getCode();
 
         // 4. Get Access Token
         OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
 
         TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
         tokenRequest.setAuthenticationMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
         tokenRequest.setAlgorithm(SignatureAlgorithm.ES384);
         tokenRequest.setCryptoProvider(cryptoProvider);
         tokenRequest.setKeyId(keyId);
         tokenRequest.setAudience(tokenEndpoint);
         tokenRequest.setCode(authorizationCode);
         tokenRequest.setRedirectUri(redirectUri);
         tokenRequest.setAuthUsername(clientId);
 
         TokenClient tokenClient = new TokenClient(tokenEndpoint);
         tokenClient.setRequest(tokenRequest);
         TokenResponse tokenResponse = tokenClient.exec();
 
         showClient(tokenClient);
         assertEquals(tokenResponse.getStatus(), 401, "Unexpected response code: " + tokenResponse.getStatus());
         assertNotNull(tokenResponse.getErrorType(), "The error type is null");
         assertNotNull(tokenResponse.getErrorDescription(), "The error description is null");
     }

◆ tokenEndpointAuthMethodPrivateKeyJwtSigningAlgRS512Fail5()

void org.xdi.oxauth.ws.rs.TokenEndpointAuthMethodRestrictionHttpTest.tokenEndpointAuthMethodPrivateKeyJwtSigningAlgRS512Fail5	(	final String	redirectUris,
		final String	redirectUri,
		final String	userId,
		final String	userSecret,
		final String	clientJwksUri,
		final String	keyId,
		final String	dnName,
		final String	keyStoreFile,
		final String	keyStoreSecret,
		final String	sectorIdentifierUri
	)		throws Exception

inline

                                                                                             {
         showTitle("tokenEndpointAuthMethodPrivateKeyJwtSigningAlgRS512Fail5");
 
         // 1. Register client
         RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
                 StringUtils.spaceSeparatedToList(redirectUris));
         registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
         registerRequest.setTokenEndpointAuthSigningAlg(SignatureAlgorithm.RS512);
         registerRequest.setJwksUri(clientJwksUri);
         registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
 
         RegisterClient registerClient = new RegisterClient(registrationEndpoint);
         registerClient.setRequest(registerRequest);
         RegisterResponse registerResponse = registerClient.exec();
 
         showClient(registerClient);
         assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
         assertNotNull(registerResponse.getClientId());
         assertNotNull(registerResponse.getClientSecret());
         assertNotNull(registerResponse.getRegistrationAccessToken());
         assertNotNull(registerResponse.getClientIdIssuedAt());
         assertNotNull(registerResponse.getClientSecretExpiresAt());
 
         String clientId = registerResponse.getClientId();
         String registrationAccessToken = registerResponse.getRegistrationAccessToken();
         String registrationClientUri = registerResponse.getRegistrationClientUri();
 
         // 2. Client read
         RegisterRequest readClientRequest = new RegisterRequest(registrationAccessToken);
 
         RegisterClient readClient = new RegisterClient(registrationClientUri);
         readClient.setRequest(readClientRequest);
         RegisterResponse readClientResponse = readClient.exec();
 
         showClient(readClient);
         assertEquals(readClientResponse.getStatus(), 200, "Unexpected response code: " + readClientResponse.getEntity());
         assertNotNull(readClientResponse.getClientId());
         assertNotNull(readClientResponse.getClientSecret());
         assertNotNull(readClientResponse.getClientIdIssuedAt());
         assertNotNull(readClientResponse.getClientSecretExpiresAt());
 
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_METHOD.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_METHOD.toString()),
                 AuthenticationMethod.PRIVATE_KEY_JWT.toString());
         assertTrue(readClientResponse.getClaims().containsKey(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString()));
         assertEquals(readClientResponse.getClaims().get(TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString()),
                 SignatureAlgorithm.RS512.toString());
         assertNotNull(readClientResponse.getClaims().get(RESPONSE_TYPES.toString()));
         assertNotNull(readClientResponse.getClaims().get(REDIRECT_URIS.toString()));
         assertNotNull(readClientResponse.getClaims().get(APPLICATION_TYPE.toString()));
         assertNotNull(readClientResponse.getClaims().get(CLIENT_NAME.toString()));
         assertNotNull(readClientResponse.getClaims().get(ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
         assertNotNull(readClientResponse.getClaims().get(SCOPE.toString()));
 
         // 3. Request authorization
         List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
         List<String> scopes = Arrays.asList(
                 "openid",
                 "profile",
                 "address",
                 "email");
         String state = UUID.randomUUID().toString();
 
         AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null);
         authorizationRequest.setState(state);
 
         AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
                 authorizationEndpoint, authorizationRequest, userId, userSecret);
 
         assertNotNull(authorizationResponse.getLocation(), "The location is null");
         assertNotNull(authorizationResponse.getCode(), "The authorization code is null");
         assertNotNull(authorizationResponse.getState(), "The state is null");
         assertNotNull(authorizationResponse.getScope(), "The scope is null");
         assertNull(authorizationResponse.getIdToken(), "The id token is not null");
 
         String authorizationCode = authorizationResponse.getCode();
 
         // 4. Get Access Token
         OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
 
         TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
         tokenRequest.setAuthenticationMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
         tokenRequest.setAlgorithm(SignatureAlgorithm.ES512);
         tokenRequest.setCryptoProvider(cryptoProvider);
         tokenRequest.setKeyId(keyId);
         tokenRequest.setAudience(tokenEndpoint);
         tokenRequest.setCode(authorizationCode);
         tokenRequest.setRedirectUri(redirectUri);
         tokenRequest.setAuthUsername(clientId);
 
         TokenClient tokenClient = new TokenClient(tokenEndpoint);
         tokenClient.setRequest(tokenRequest);
         TokenResponse tokenResponse = tokenClient.exec();
 
         showClient(tokenClient);
         assertEquals(tokenResponse.getStatus(), 401, "Unexpected response code: " + tokenResponse.getStatus());
         assertNotNull(tokenResponse.getErrorType(), "The error type is null");
         assertNotNull(tokenResponse.getErrorDescription(), "The error description is null");
     }

◆ waitForResourceOwnerAndGrantLoginForm() [1/2]

String org.xdi.oxauth.BaseTest.waitForResourceOwnerAndGrantLoginForm	(	String	authorizeUrl,
		AuthorizationRequest	authorizationRequest,
		boolean	cleanupCookies
	)

inlineinherited

Try to open login form (via the user-agent)

                                                                                                     {
         String authorizationRequestUrl = authorizeUrl + "?" + authorizationRequest.getQueryString();
 
         AuthorizeClient authorizeClient = new AuthorizeClient(authorizeUrl);
         authorizeClient.setRequest(authorizationRequest);
 
         System.out.println("waitForResourceOwnerAndGrantLoginForm: authorizationRequestUrl:" + authorizationRequestUrl);
         startSelenium();
         if (cleanupCookies) {
             System.out.println("waitForResourceOwnerAndGrantLoginForm: Cleaning cookies");
             deleteAllCookies();
         }
         driver.navigate().to(authorizationRequestUrl);
 
         WebElement usernameElement = driver.findElement(By.name(loginFormUsername));
         WebElement passwordElement = driver.findElement(By.name(loginFormPassword));
         WebElement loginButton = driver.findElement(By.name(loginFormLoginButton));
 
         if ((usernameElement == null) || (passwordElement == null) || (loginButton == null)) {
             return null;
         }
 
         Cookie sessionStateCookie = driver.manage().getCookieNamed("session_state");
         String sessionState = null;
         if (sessionStateCookie != null) {
             sessionState = sessionStateCookie.getValue();
         }
         System.out.println("waitForResourceOwnerAndGrantLoginForm: sessionState:" + sessionState);
 
         stopSelenium();
 
         showClientUserAgent(authorizeClient);
 
         return sessionState;
     }

◆ waitForResourceOwnerAndGrantLoginForm() [2/2]

String org.xdi.oxauth.BaseTest.waitForResourceOwnerAndGrantLoginForm	(	String	authorizeUrl,
		AuthorizationRequest	authorizationRequest
	)

inlineinherited

Try to open login form (via the user-agent)

                                                                             {
         return waitForResourceOwnerAndGrantLoginForm(authorizeUrl, authorizationRequest, true);
     }

メンバ詳解

◆ authorizationEndpoint

String org.xdi.oxauth.BaseTest.authorizationEndpoint

protectedinherited

◆ authorizationPageEndpoint

String org.xdi.oxauth.BaseTest.authorizationPageEndpoint

protectedinherited

◆ checkSessionIFrame

String org.xdi.oxauth.BaseTest.checkSessionIFrame

protectedinherited

◆ clientInfoEndpoint

String org.xdi.oxauth.BaseTest.clientInfoEndpoint

protectedinherited

◆ configurationEndpoint

String org.xdi.oxauth.BaseTest.configurationEndpoint

protectedinherited

◆ driver

WebDriver org.xdi.oxauth.BaseTest.driver

protectedinherited

◆ endSessionEndpoint

String org.xdi.oxauth.BaseTest.endSessionEndpoint

protectedinherited

◆ gluuConfigurationEndpoint

String org.xdi.oxauth.BaseTest.gluuConfigurationEndpoint

protectedinherited

◆ idGenEndpoint

String org.xdi.oxauth.BaseTest.idGenEndpoint

protectedinherited

◆ introspectionEndpoint

String org.xdi.oxauth.BaseTest.introspectionEndpoint

protectedinherited

◆ jwksUri

String org.xdi.oxauth.BaseTest.jwksUri

protectedinherited

◆ registrationEndpoint

String org.xdi.oxauth.BaseTest.registrationEndpoint

protectedinherited

◆ scopeToClaimsMapping

Map<String, List<String> > org.xdi.oxauth.BaseTest.scopeToClaimsMapping

protectedinherited

◆ testData

FileConfiguration org.xdi.oxauth.ConfigurableTest.testData

staticinherited

◆ tokenEndpoint

String org.xdi.oxauth.BaseTest.tokenEndpoint

protectedinherited

◆ userInfoEndpoint

String org.xdi.oxauth.BaseTest.userInfoEndpoint

protectedinherited

このクラス詳解は次のファイルから抽出されました:

D:/AppData/OpenId/gluu/src/oxAuth/Client/src/test/java/org/xdi/oxauth/ws/rs/TokenEndpointAuthMethodRestrictionHttpTest.java

公開メンバ関数

静的公開メンバ関数

静的公開変数類

限定公開変数類

詳解

関数詳解

◆ assertErrorResponse()

◆ authenticateResourceOwner()

◆ authenticateResourceOwnerAndDenyAccess()

◆ authenticateResourceOwnerAndGrantAccess() [1/4]

◆ authenticateResourceOwnerAndGrantAccess() [2/4]

◆ authenticateResourceOwnerAndGrantAccess() [3/4]

◆ authenticateResourceOwnerAndGrantAccess() [4/4]

◆ authorizationRequestAndDenyAccess()

◆ authorizationRequestAndGrantAccess()

◆ clientExecutor() [1/2]

◆ clientExecutor() [2/2]

◆ createDeployment()

◆ createHttpClient() [1/2]

◆ createHttpClient() [2/2]

◆ createHttpClientTrustAll()

◆ discovery()

◆ fails()

◆ getAuthorizationEndpoint()

◆ getCheckSessionIFrame()

◆ getClientInfoEndpoint()

◆ getConfigurationEndpoint()

◆ getDriver()

◆ getEndSessionEndpoint()

◆ getIdGenEndpoint()

◆ getIntrospectionEndpoint()

◆ getJwksUri()

◆ getRegistrationEndpoint()

◆ getScopeToClaimsMapping()

◆ getTokenEndpoint()

◆ getUserInfoEndpoint()

◆ initTestSuite()

◆ omittedTokenEndpointAuthMethod()

◆ output()

◆ setAuthorizationEndpoint()

◆ setCheckSessionIFrame()

◆ setClientInfoEndpoint()

◆ setConfigurationEndpoint()

◆ setDriver()

◆ setEndSessionEndpoint()

◆ setIdGenEndpoint()

◆ setIntrospectionEndpoint()

◆ setJwksUri()

◆ setRegistrationEndpoint()

◆ setScopeToClaimsMapping()

◆ setTokenEndpoint()

◆ setUserInfoEndpoint()

◆ showClient() [1/2]

◆ showClient() [2/2]

◆ showClientUserAgent()

◆ showEntity()

◆ showResponse() [1/2]

◆ showResponse() [2/2]

◆ showTitle() [1/2]

◆ showTitle() [2/2]

◆ startSelenium()

◆ stopSelenium()

◆ tokenEndpointAuthMethodClientSecretBasic()

◆ tokenEndpointAuthMethodClientSecretBasicFail1()

◆ tokenEndpointAuthMethodClientSecretBasicFail2()

◆ tokenEndpointAuthMethodClientSecretBasicFail3()

◆ tokenEndpointAuthMethodClientSecretJwt()

◆ tokenEndpointAuthMethodClientSecretJwtES256Fail()

◆ tokenEndpointAuthMethodClientSecretJwtES384Fail()

◆ tokenEndpointAuthMethodClientSecretJwtES512Fail()

◆ tokenEndpointAuthMethodClientSecretJwtFail1()

◆ tokenEndpointAuthMethodClientSecretJwtFail2()

◆ tokenEndpointAuthMethodClientSecretJwtFail3()

◆ tokenEndpointAuthMethodClientSecretJwtHS256()

◆ tokenEndpointAuthMethodClientSecretJwtHS384()

◆ tokenEndpointAuthMethodClientSecretJwtHS512()

◆ tokenEndpointAuthMethodClientSecretJwtRS256Fail()

◆ tokenEndpointAuthMethodClientSecretJwtRS384Fail()

◆ tokenEndpointAuthMethodClientSecretJwtRS512Fail()

◆ tokenEndpointAuthMethodClientSecretJwtSigningAlgHS256()