List<String> scopes = Arrays.asList("openid", "profile", "address", "email"); AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId1, scopes, redirectUri, null); authorizationRequest.setState(state); authorizationRequest.getPrompts().add(Prompt.LOGIN); authorizationRequest.getPrompts().add(Prompt.CONSENT); authorizationRequest.setAuthUsername(userId); authorizationRequest.setAuthPassword(userSecret); .target(url.toString() + authorizePath + "?" + authorizationRequest.getQueryString()).request(); request.header("Authorization", "Basic " + authorizationRequest.getEncodedCredentials());
public void exec() { try { AuthorizationRequest req = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce); req.setState(state); req.setRequestUri(requestUri); req.setMaxAge(maxAge); req.setUiLocales(StringUtils.spaceSeparatedToList(uiLocales)); req.setClaimsLocales(StringUtils.spaceSeparatedToList(claimsLocales)); req.setIdTokenHint(idTokenHint); req.setLoginHint(loginHint); req.setAcrValues(StringUtils.spaceSeparatedToList(acrValues)); if (org.apache.commons.lang.StringUtils.isNotBlank(claims)) { req.setClaims(new JSONObject(claims)); req.setRegistration(registration); req.setDisplay(display); req.getPrompts().addAll(prompt); req.setRequest(jwtAuthorizationRequest.getEncodedJwt()); } else { if (isKeyIdRequired()) { req.setRequest(jwtAuthorizationRequest.getEncodedJwt(jwks)); } else { jwtAuthorizationRequest = new JwtAuthorizationRequest( req, requestObjectEncryptionAlg, requestObjectEncryptionEnc, clientSecret); req.setRequest(jwtAuthorizationRequest.getEncodedJwt()); String authorizationRequest = authorizationEndpoint + "?" + req.getQueryString();
final AuthorizationRequest authorizationRequest = new AuthorizationRequest(Arrays.asList(ResponseType.CODE), this.clientId, this.appConfiguration.getOpenIdScopes(), this.appConfiguration.getOpenIdRedirectUrl(), null); authorizationRequest.setState(state); authorizationRequest.setNonce(nonce); authorizationRequest.addCustomParameter(entry.getKey(), entry.getValue()); final String redirectionUrl = this.openIdConfiguration.getAuthorizationEndpoint() + "?" + authorizationRequest.getQueryString(); logger.debug("oxAuth redirection Url: '{}'", redirectionUrl);
private void setAuthorizationRequestParams(AuthorizationRequest authorizationRequest) { if (authorizationRequest != null) { this.responseTypes = authorizationRequest.getResponseTypes(); this.clientId = authorizationRequest.getClientId(); this.scopes = authorizationRequest.getScopes(); this.redirectUri = authorizationRequest.getRedirectUri(); this.state = authorizationRequest.getState(); this.nonce = authorizationRequest.getNonce(); this.display = authorizationRequest.getDisplay(); this.prompts = authorizationRequest.getPrompts(); this.maxAge = authorizationRequest.getMaxAge(); this.uiLocales = authorizationRequest.getUiLocales(); this.claimsLocales = authorizationRequest.getClaimsLocales(); this.idTokenHint = authorizationRequest.getIdTokenHint(); this.loginHint = authorizationRequest.getLoginHint(); this.acrValues = authorizationRequest.getAcrValues(); this.registration = authorizationRequest.getRegistration(); this.requestUniqueId = authorizationRequest.isRequestSessionId(); } }
List<ResponseType> responseTypes = new ArrayList<ResponseType>(); responseTypes.add(ResponseType.CODE); setRequest(new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce)); getRequest().setRedirectUri(redirectUri); getRequest().setState(state); getRequest().setRequest(req); getRequest().setRedirectUri(reqUri); getRequest().setDisplay(display); getRequest().getPrompts().addAll(prompt);
private AuthorizationResponse requestAuthorization(final String userId, final String userSecret, final String redirectUri, List<ResponseType> responseTypes, List<String> scopes, String clientId, String nonce, boolean useNewDriver) { String state = UUID.randomUUID().toString(); AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce); authorizationRequest.setState(state); AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess( authorizationEndpoint, authorizationRequest, userId, userSecret, true, useNewDriver); return authorizationResponse; }
@Parameters({"userId", "userSecret", "redirectUri"}) @Test public void requestAuthorizationTokenFail1( final String userId, final String userSecret, final String redirectUri) throws Exception { showTitle("requestAuthorizationTokenFail1"); List<ResponseType> responseTypes = Arrays.asList(ResponseType.TOKEN); String state = UUID.randomUUID().toString(); AuthorizationRequest request = new AuthorizationRequest(responseTypes, null, null, redirectUri, null); request.setState(state); request.setAuthUsername(userId); request.setAuthPassword(userSecret); AuthorizeClient authorizeClient = new AuthorizeClient(authorizationEndpoint); authorizeClient.setRequest(request); AuthorizationResponse response = authorizeClient.exec(); showClient(authorizeClient); assertEquals(response.getStatus(), 400, "Unexpected response code: " + response.getStatus()); assertNotNull(response.getErrorType(), "The error type is null"); assertNotNull(response.getErrorDescription(), "The error description is null"); assertNotNull(response.getState(), "The state is null"); }
List<String> scopes = Arrays.asList("openid", "profile", "address", "email"); AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId1, scopes, redirectUri, null); authorizationRequest.setState(state); authorizationRequest.getPrompts().add(Prompt.NONE); .target(url.toString() + authorizePath + "?" + authorizationRequest.getQueryString()).request();
String nonce = UUID.randomUUID().toString(); AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce); authorizationRequest.setState(state); jwtAuthorizationRequest.addIdTokenClaim(new Claim(JwtClaimName.SUBJECT_IDENTIFIER, ClaimValue.createSingleValue(userId))); String authJwt = jwtAuthorizationRequest.getEncodedJwt(); authorizationRequest.setRequest(authJwt);
AuthorizationRequest authorizationRequest1 = new AuthorizationRequest( Arrays.asList(ResponseType.CODE), clientId, authorizationRequest1.addCustomParameter("mail", userEmail); authorizationRequest1.addCustomParameter("inum", userInum); authorizationRequest1.getPrompts().add(Prompt.NONE); authorizationRequest1.setState(state1); authorizationRequest1.setAuthorizationMethod(AuthorizationMethod.FORM_ENCODED_BODY_PARAMETER); authorizationRequest1.setRequestSessionId(true); assertNotNull(authorizationResponse1.getScope(), "The scope is null"); assertNotNull(authorizationResponse1.getState(), "The state is null"); assertEquals(authorizationRequest1.getState(), state1); AuthorizationRequest authorizationRequest2 = new AuthorizationRequest( Arrays.asList(ResponseType.CODE), clientId, authorizationRequest2.getPrompts().add(Prompt.NONE); authorizationRequest2.setState(state2); authorizationRequest2.setSessionId(sessionId); AuthorizationRequest authorizationRequest3 = new AuthorizationRequest( Arrays.asList(ResponseType.CODE), clientId, authorizationRequest3.getPrompts().add(Prompt.NONE); authorizationRequest3.setState(state3);
String encodedState = jwtState.getEncodedJwt(); AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce); authorizationRequest.setState(encodedState); authorizationRequest.setAcrValues(Arrays.asList(authenticationMode)); updateShibstateCookie(response, currentShibstateCookie, requestUri, "/" + Configuration.OXAUTH_ACR_VALUES + "/" + authenticationMode); session.setAttribute(Configuration.SESSION_AUTH_NONCE, nonce); return authorizeUrl + "?" + authorizationRequest.getQueryString();
List<String> scopes = Arrays.asList("openid", "profile", "address", "email"); AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null); authorizationRequest.setState(state); authorizationRequest.getPrompts().add(Prompt.NONE); authorizationRequest.addCustomParameter("uid", userId); authorizationRequest.addCustomParameter("pwd", userSecret); .post(Entity.form(new MultivaluedHashMap<String, String>(authorizationRequest.getParameters()))); String entity = response.readEntity(String.class);
String state = UUID.randomUUID().toString(); AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce); authorizationRequest.setDisplay(Display.PAGE); authorizationRequest.setState(state);
String nonce = UUID.randomUUID().toString(); AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce); authorizationRequest.setState(state); authorizationRequest.getPrompts().add(Prompt.NONE); authorizationRequest.addCustomParameter("mail", userEmail); authorizationRequest.addCustomParameter("inum", userInum); authorizationRequest.setAuthorizationMethod(AuthorizationMethod.FORM_ENCODED_BODY_PARAMETER);
@Parameters({"userId", "userSecret"}) @Test public void requestAuthorizationCodeFail1(final String userId, final String userSecret) throws Exception { showTitle("requestAuthorizationCodeFail1"); List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE); AuthorizationRequest request = new AuthorizationRequest(responseTypes, null, null, null, null); request.setAuthUsername(userId); request.setAuthPassword(userSecret); AuthorizeClient authorizeClient = new AuthorizeClient(authorizationEndpoint); authorizeClient.setRequest(request); AuthorizationResponse response = authorizeClient.exec(); showClient(authorizeClient); assertEquals(response.getStatus(), 400, "Unexpected response code: " + response.getStatus()); assertNotNull(response.getErrorType(), "The error type is null"); assertNotNull(response.getErrorDescription(), "The error description is null"); }
String state = UUID.randomUUID().toString(); AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce); authorizationRequest.setState(state); authorizationRequest.addCustomParameter("customParam1", "value1"); authorizationRequest.addCustomParameter("customParam2", "value2"); authorizationRequest.addCustomParameter("customParam3", "value3");
String state = UUID.randomUUID().toString(); AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce); authorizationRequest.setState(state); authorizationRequest.setAcrValues(acrValues);
String state = UUID.randomUUID().toString(); AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce); authorizationRequest.setResponseMode(ResponseMode.FORM_POST); authorizationRequest.setState(state);
public AuthorizationResponse authorizationRequestAndDenyAccess( String authorizeUrl, AuthorizationRequest authorizationRequest) { String authorizationRequestUrl = authorizeUrl + "?" + authorizationRequest.getQueryString(); if (authorizationRequest.getRedirectUri() != null && authorizationRequest.getRedirectUri().equals(authorizationResponseStr)) { authorizationResponse.setResponseMode(ResponseMode.FORM_POST);
private AuthorizeClient processAuthentication(WebDriver currentDriver, String authorizeUrl, AuthorizationRequest authorizationRequest, String userId, String userSecret) { String authorizationRequestUrl = authorizeUrl + "?" + authorizationRequest.getQueryString(); AuthorizeClient authorizeClient = new AuthorizeClient(authorizeUrl); authorizeClient.setRequest(authorizationRequest); System.out.println("authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:" + authorizationRequestUrl); currentDriver.navigate().to(authorizationRequestUrl); if (userSecret != null) { if (userId != null) { WebElement usernameElement = currentDriver.findElement(By.name(loginFormUsername)); usernameElement.sendKeys(userId); } WebElement passwordElement = currentDriver.findElement(By.name(loginFormPassword)); passwordElement.sendKeys(userSecret); WebElement loginButton = currentDriver.findElement(By.name(loginFormLoginButton)); loginButton.click(); } return authorizeClient; }