private AuthorizationResponse requestAuthorization(final String userId, final String userSecret, final String redirectUri, List<ResponseType> responseTypes, List<String> scopes, String clientId, String nonce, boolean useNewDriver) { String state = UUID.randomUUID().toString(); AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce); authorizationRequest.setState(state); AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess( authorizationEndpoint, authorizationRequest, userId, userSecret, true, useNewDriver); return authorizationResponse; }
private AuthorizationResponse requestAuthorization(final String userId, final String userSecret, final String redirectUri, List<ResponseType> responseTypes, List<String> scopes, String clientId, String nonce) { String state = UUID.randomUUID().toString(); AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce); authorizationRequest.setState(state); AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess( authorizationEndpoint, authorizationRequest, userId, userSecret); assertNotNull(authorizationResponse.getLocation(), "The location is null"); assertNotNull(authorizationResponse.getCode(), "The authorization code is null"); assertNotNull(authorizationResponse.getState(), "The state is null"); assertNotNull(authorizationResponse.getScope(), "The scope is null"); return authorizationResponse; }
private AuthorizationResponse requestAuthorization(final String userId, final String userSecret, final String redirectUri, List<ResponseType> responseTypes, List<String> scopes, String clientId, String nonce) { String state = UUID.randomUUID().toString(); AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce); authorizationRequest.setState(state); AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess( authorizationEndpoint, authorizationRequest, userId, userSecret); assertNotNull(authorizationResponse.getLocation(), "The location is null"); assertNotNull(authorizationResponse.getCode(), "The authorization code is null"); assertNotNull(authorizationResponse.getState(), "The state is null"); assertNotNull(authorizationResponse.getScope(), "The scope is null"); return authorizationResponse; }
private AuthorizationResponse requestAuthorization(final String userId, final String userSecret, final String redirectUri, List<ResponseType> responseTypes, List<String> scopes, String clientId, String nonce) { String state = UUID.randomUUID().toString(); AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce); authorizationRequest.setState(state); AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess( authorizationEndpoint, authorizationRequest, userId, userSecret); assertNotNull(authorizationResponse.getLocation(), "The location is null"); assertNotNull(authorizationResponse.getCode(), "The authorization code is null"); assertNotNull(authorizationResponse.getState(), "The state is null"); assertNotNull(authorizationResponse.getScope(), "The scope is null"); return authorizationResponse; } }
private AuthorizationResponse requestAuthorization(final String userId, final String userSecret, final String redirectUri, List<ResponseType> responseTypes, List<String> scopes, String clientId, String nonce, int countAuthzSteps) { String state = UUID.randomUUID().toString(); AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce); authorizationRequest.setState(state); AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess( authorizationEndpoint, authorizationRequest, userId, userSecret, true, false, countAuthzSteps); assertNotNull(authorizationResponse.getLocation(), "The location is null"); assertNotNull(authorizationResponse.getCode(), "The authorization code is null"); assertNotNull(authorizationResponse.getState(), "The state is null"); assertNotNull(authorizationResponse.getScope(), "The scope is null"); return authorizationResponse; }
private AuthorizationResponse requestAuthorization(final String userId, final String userSecret, final String redirectUri, List<ResponseType> responseTypes, List<String> scopes, String clientId, String nonce) { String state = UUID.randomUUID().toString(); AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce); authorizationRequest.setState(state); AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess( authorizationEndpoint, authorizationRequest, userId, userSecret); assertNotNull(authorizationResponse.getLocation(), "The location is null"); assertNotNull(authorizationResponse.getCode(), "The authorization code is null"); assertNotNull(authorizationResponse.getState(), "The state is null"); assertNotNull(authorizationResponse.getScope(), "The scope is null"); return authorizationResponse; } }
authorizationRequest.setState(state); authorizationRequest.getPrompts().add(Prompt.NONE);
private AuthorizationResponse requestAuthorization( final String userId, final String userSecret, final String redirectUri, List<ResponseType> responseTypes, String clientId, List<String> scopes) { String nonce = UUID.randomUUID().toString(); String state = UUID.randomUUID().toString(); AuthorizationRequest authorizationRequest = new AuthorizationRequest( responseTypes, clientId, scopes, redirectUri, nonce); authorizationRequest.setState(state); AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess( authorizationEndpoint, authorizationRequest, userId, userSecret); assertNotNull(authorizationResponse.getLocation(), "The location is null"); assertNotNull(authorizationResponse.getAccessToken(), "The access token is null"); assertNotNull(authorizationResponse.getState(), "The state is null"); assertNotNull(authorizationResponse.getTokenType(), "The token type is null"); assertNotNull(authorizationResponse.getExpiresIn(), "The expires in value is null"); assertNotNull(authorizationResponse.getScope(), "The scope must be null"); assertNotNull(authorizationResponse.getIdToken(), "The id token must be null"); return authorizationResponse; }
authorizationRequest.setState(state); authorizationRequest.getPrompts().add(Prompt.NONE); authorizationRequest.setAccessToken("INVALID_ACCESS_TOKEN");
@Parameters({"redirectUri"}) @Test public void requestAuthorizationCodeFail3(final String redirectUri) throws Exception { showTitle("requestAuthorizationCodeFail3"); List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE); // 1. Request authorization with an invalid Client ID. String clientId = "@!1111!0008!INVALID_VALUE"; List<String> scopes = Arrays.asList("openid", "profile", "address", "email"); String state = UUID.randomUUID().toString(); AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null); authorizationRequest.setState(state); AuthorizeClient authorizeClient = new AuthorizeClient(authorizationEndpoint); authorizeClient.setRequest(authorizationRequest); AuthorizationResponse authorizationResponse = authorizeClient.exec(); showClient(authorizeClient); assertEquals(authorizationResponse.getStatus(), 401, "Unexpected response code: " + authorizationResponse.getStatus()); assertEquals(authorizationResponse.getErrorType(), AuthorizeErrorResponseType.UNAUTHORIZED_CLIENT); assertNotNull(authorizationResponse.getErrorType(), "The error type is null"); assertNotNull(authorizationResponse.getErrorDescription(), "The error description is null"); }
authorizationRequest.setState(state); authorizationRequest.setAuthUsername(userId); authorizationRequest.setAuthPassword(userSecret);
authorizationRequest.setState(state); authorizationRequest.getPrompts().add(Prompt.NONE); authorizationRequest.setAuthUsername(userId);
authorizationRequest.setState(state); authorizationRequest.getPrompts().add(Prompt.NONE); authorizationRequest.setAuthUsername(userId);
@Parameters({"userId", "userSecret", "redirectUri"}) @Test public void requestAuthorizationTokenFail1( final String userId, final String userSecret, final String redirectUri) throws Exception { showTitle("requestAuthorizationTokenFail1"); List<ResponseType> responseTypes = Arrays.asList(ResponseType.TOKEN); String state = UUID.randomUUID().toString(); AuthorizationRequest request = new AuthorizationRequest(responseTypes, null, null, redirectUri, null); request.setState(state); request.setAuthUsername(userId); request.setAuthPassword(userSecret); AuthorizeClient authorizeClient = new AuthorizeClient(authorizationEndpoint); authorizeClient.setRequest(request); AuthorizationResponse response = authorizeClient.exec(); showClient(authorizeClient); assertEquals(response.getStatus(), 400, "Unexpected response code: " + response.getStatus()); assertNotNull(response.getErrorType(), "The error type is null"); assertNotNull(response.getErrorDescription(), "The error description is null"); assertNotNull(response.getState(), "The state is null"); }
@Parameters({"redirectUri", "userId", "userSecret"}) @Test public void requestAuthorizationCodeWithoutRedirectUri( final String redirectUri, final String userId, final String userSecret) throws Exception { showTitle("requestAuthorizationCodeWithoutRedirectUri"); List<String> redirectUriList = Arrays.asList(redirectUri.split(StringUtils.SPACE)); RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", redirectUriList); RegisterClient registerClient = new RegisterClient(registrationEndpoint); registerClient.setRequest(registerRequest); RegisterResponse registerResponse = registerClient.exec(); showClient(registerClient); assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity()); assertNotNull(registerResponse.getClientId()); assertNotNull(registerResponse.getClientSecret()); assertNotNull(registerResponse.getRegistrationAccessToken()); assertNotNull(registerResponse.getClientSecretExpiresAt()); String clientId = registerResponse.getClientId(); List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE); List<String> scopes = Arrays.asList("openid", "profile", "address", "email"); String state = UUID.randomUUID().toString(); AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, null); authorizationRequest.setState(state); AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess( authorizationEndpoint, authorizationRequest, userId, userSecret); assertNotNull(authorizationResponse.getLocation(), "The location is null"); assertNotNull(authorizationResponse.getCode(), "The authorization code is null"); assertNotNull(authorizationResponse.getState(), "The state is null"); assertNotNull(authorizationResponse.getScope(), "The scope is null"); }
private AuthorizationResponse requestAuthorization( final String userId, final String userSecret, final String redirectUri, List<ResponseType> responseTypes, String clientId, List<String> scopes) throws UnrecoverableKeyException, NoSuchAlgorithmException, KeyStoreException, KeyManagementException { String nonce = UUID.randomUUID().toString(); String state = UUID.randomUUID().toString(); AuthorizationRequest authorizationRequest = new AuthorizationRequest( responseTypes, clientId, scopes, redirectUri, nonce); authorizationRequest.setState(state); authorizationRequest.setAuthUsername(userId); authorizationRequest.setAuthPassword(userSecret); authorizationRequest.getPrompts().add(Prompt.NONE); AuthorizeClient authorizeClient = new AuthorizeClient(authorizationEndpoint); authorizeClient.setExecutor(new ApacheHttpClient4Executor(createHttpClientTrustAll())); authorizeClient.setRequest(authorizationRequest); authorizeClient.getHeaders().put("Sec-Token-Binding", ENCODED_TOKEN_BINDING_MESSAGE); AuthorizationResponse authorizationResponse = authorizeClient.exec(); showClient(authorizeClient); assertNotNull(authorizationResponse.getLocation(), "The location is null"); assertNotNull(authorizationResponse.getAccessToken(), "The access token is null"); assertNotNull(authorizationResponse.getState(), "The state is null"); assertNotNull(authorizationResponse.getTokenType(), "The token type is null"); assertNotNull(authorizationResponse.getExpiresIn(), "The expires in value is null"); assertNotNull(authorizationResponse.getScope(), "The scope must be null"); assertNotNull(authorizationResponse.getIdToken(), "The id token must be null"); return authorizationResponse; }
authorizationRequest.setState(state);
authorizationRequest.setState(state);
authorizationRequest.setState(state);
if (useOpenIdRequestObject) { AuthorizationRequest req = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce); req.setState(state); req.setRequestUri(requestUri); req.setMaxAge(maxAge);