Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Client-specific access token expiration
- Loading branch information
Showing
10 changed files
with
283 additions
and
78 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
154 changes: 154 additions & 0 deletions
154
Client/src/test/java/org/xdi/oxauth/ws/rs/ClientSpecificAccessTokenExpiration.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,154 @@ | ||
/* | ||
* oxAuth is available under the MIT License (2008). See http://opensource.org/licenses/MIT for full text. | ||
* | ||
* Copyright (c) 2014, Gluu | ||
*/ | ||
|
||
package org.xdi.oxauth.ws.rs; | ||
|
||
import org.testng.annotations.Parameters; | ||
import org.testng.annotations.Test; | ||
import org.xdi.oxauth.BaseTest; | ||
import org.xdi.oxauth.client.*; | ||
import org.xdi.oxauth.model.common.AuthenticationMethod; | ||
import org.xdi.oxauth.model.common.GrantType; | ||
import org.xdi.oxauth.model.common.ResponseType; | ||
import org.xdi.oxauth.model.common.SubjectType; | ||
import org.xdi.oxauth.model.jwt.JwtClaimName; | ||
import org.xdi.oxauth.model.register.ApplicationType; | ||
import org.xdi.oxauth.model.util.StringUtils; | ||
|
||
import java.util.Arrays; | ||
import java.util.List; | ||
import java.util.UUID; | ||
|
||
import static org.testng.Assert.*; | ||
|
||
/** | ||
* @author Javier Rojas Blum | ||
* @version November 28, 2018 | ||
*/ | ||
public class ClientSpecificAccessTokenExpiration extends BaseTest { | ||
|
||
@Parameters({"userId", "userSecret", "redirectUris", "redirectUri", "sectorIdentifierUri"}) | ||
@Test | ||
public void authorizationCodeFlow( | ||
final String userId, final String userSecret, final String redirectUris, final String redirectUri, | ||
final String sectorIdentifierUri) throws Exception { | ||
showTitle("authorizationCodeFlow"); | ||
|
||
List<ResponseType> responseTypes = Arrays.asList( | ||
ResponseType.CODE, | ||
ResponseType.ID_TOKEN); | ||
List<String> scopes = Arrays.asList("openid", "profile", "address", "email", "phone", "user_name"); | ||
|
||
// 1. Register client | ||
RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", | ||
StringUtils.spaceSeparatedToList(redirectUris)); | ||
registerRequest.setResponseTypes(responseTypes); | ||
registerRequest.setScope(scopes); | ||
registerRequest.setSubjectType(SubjectType.PAIRWISE); | ||
registerRequest.setSectorIdentifierUri(sectorIdentifierUri); | ||
registerRequest.setAccessTokenLifetime(3); | ||
|
||
RegisterClient registerClient = new RegisterClient(registrationEndpoint); | ||
registerClient.setRequest(registerRequest); | ||
RegisterResponse registerResponse = registerClient.exec(); | ||
|
||
showClient(registerClient); | ||
assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity()); | ||
assertNotNull(registerResponse.getClientId()); | ||
assertNotNull(registerResponse.getClientSecret()); | ||
assertNotNull(registerResponse.getRegistrationAccessToken()); | ||
assertNotNull(registerResponse.getClientIdIssuedAt()); | ||
assertNotNull(registerResponse.getClientSecretExpiresAt()); | ||
|
||
String clientId = registerResponse.getClientId(); | ||
String clientSecret = registerResponse.getClientSecret(); | ||
|
||
// 2. Request authorization and receive the authorization code. | ||
String nonce = UUID.randomUUID().toString(); | ||
String state = UUID.randomUUID().toString(); | ||
|
||
AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce); | ||
authorizationRequest.setState(state); | ||
|
||
AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess( | ||
authorizationEndpoint, authorizationRequest, userId, userSecret); | ||
|
||
assertNotNull(authorizationResponse.getLocation(), "The location is null"); | ||
assertNotNull(authorizationResponse.getCode(), "The authorization code is null"); | ||
assertNotNull(authorizationResponse.getState(), "The state is null"); | ||
assertNotNull(authorizationResponse.getScope(), "The scope is null"); | ||
|
||
String scope = authorizationResponse.getScope(); | ||
String authorizationCode = authorizationResponse.getCode(); | ||
String idToken = authorizationResponse.getIdToken(); | ||
|
||
// 3. Request access token using the authorization code. | ||
TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE); | ||
tokenRequest.setCode(authorizationCode); | ||
tokenRequest.setRedirectUri(redirectUri); | ||
tokenRequest.setAuthUsername(clientId); | ||
tokenRequest.setAuthPassword(clientSecret); | ||
tokenRequest.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_BASIC); | ||
|
||
TokenClient tokenClient = new TokenClient(tokenEndpoint); | ||
tokenClient.setRequest(tokenRequest); | ||
TokenResponse tokenResponse = tokenClient.exec(); | ||
|
||
showClient(tokenClient); | ||
assertEquals(tokenResponse.getStatus(), 200, "Unexpected response code: " + tokenResponse.getStatus()); | ||
assertNotNull(tokenResponse.getEntity(), "The entity is null"); | ||
assertNotNull(tokenResponse.getAccessToken(), "The access token is null"); | ||
assertNotNull(tokenResponse.getExpiresIn(), "The expires in value is null"); | ||
assertNotNull(tokenResponse.getTokenType(), "The token type is null"); | ||
assertNotNull(tokenResponse.getRefreshToken(), "The refresh token is null"); | ||
|
||
String accessToken = tokenResponse.getAccessToken(); | ||
|
||
// 4. Request user info | ||
{ | ||
UserInfoClient userInfoClient = new UserInfoClient(userInfoEndpoint); | ||
UserInfoResponse userInfoResponse = userInfoClient.execUserInfo(accessToken); | ||
|
||
showClient(userInfoClient); | ||
assertEquals(userInfoResponse.getStatus(), 200, "Unexpected response code: " + userInfoResponse.getStatus()); | ||
assertNotNull(userInfoResponse.getClaim(JwtClaimName.SUBJECT_IDENTIFIER)); | ||
assertNotNull(userInfoResponse.getClaim(JwtClaimName.NAME)); | ||
assertNotNull(userInfoResponse.getClaim(JwtClaimName.BIRTHDATE)); | ||
assertNotNull(userInfoResponse.getClaim(JwtClaimName.FAMILY_NAME)); | ||
assertNotNull(userInfoResponse.getClaim(JwtClaimName.GENDER)); | ||
assertNotNull(userInfoResponse.getClaim(JwtClaimName.GIVEN_NAME)); | ||
assertNotNull(userInfoResponse.getClaim(JwtClaimName.MIDDLE_NAME)); | ||
assertNotNull(userInfoResponse.getClaim(JwtClaimName.NICKNAME)); | ||
assertNotNull(userInfoResponse.getClaim(JwtClaimName.PICTURE)); | ||
assertNotNull(userInfoResponse.getClaim(JwtClaimName.PREFERRED_USERNAME)); | ||
assertNotNull(userInfoResponse.getClaim(JwtClaimName.PROFILE)); | ||
assertNotNull(userInfoResponse.getClaim(JwtClaimName.WEBSITE)); | ||
assertNotNull(userInfoResponse.getClaim(JwtClaimName.EMAIL)); | ||
assertNotNull(userInfoResponse.getClaim(JwtClaimName.EMAIL_VERIFIED)); | ||
assertNotNull(userInfoResponse.getClaim(JwtClaimName.PHONE_NUMBER)); | ||
assertNotNull(userInfoResponse.getClaim(JwtClaimName.PHONE_NUMBER_VERIFIED)); | ||
assertNotNull(userInfoResponse.getClaim(JwtClaimName.ADDRESS)); | ||
assertNotNull(userInfoResponse.getClaim(JwtClaimName.LOCALE)); | ||
assertNotNull(userInfoResponse.getClaim(JwtClaimName.ZONEINFO)); | ||
assertNotNull(userInfoResponse.getClaim(JwtClaimName.USER_NAME)); | ||
assertNull(userInfoResponse.getClaim("org_name")); | ||
assertNull(userInfoResponse.getClaim("work_phone")); | ||
} | ||
|
||
Thread.sleep(5000); | ||
|
||
// 5. Request user info | ||
{ | ||
UserInfoClient userInfoClient = new UserInfoClient(userInfoEndpoint); | ||
UserInfoResponse userInfoResponse = userInfoClient.execUserInfo(accessToken); | ||
|
||
showClient(userInfoClient); | ||
assertEquals(userInfoResponse.getStatus(), 400, "Unexpected response code: " + userInfoResponse.getStatus()); | ||
assertNotNull(userInfoResponse.getErrorType(), "Unexpected result: errorType not found"); | ||
assertNotNull(userInfoResponse.getErrorDescription(), "Unexpected result: errorDescription not found"); | ||
} | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.