@Parameters({ "registerPath", "redirectUris" }) @Test public void sectorIdentifierUrlVerificationFail1(final String registerPath, final String redirectUris) throws Exception { Builder request = ResteasyClientBuilder.newClient().target(url.toString() + registerPath).request(); String registerRequestContent = null; try { RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", StringUtils.spaceSeparatedToList(redirectUris)); registerRequest.addCustomAttribute("oxAuthTrustedClient", "true"); registerRequest.setSectorIdentifierUri("https://INVALID_SECTOR_IDENTIFIER_URL"); registerRequestContent = registerRequest.getJSONParameters().toString(4); } catch (JSONException e) { e.printStackTrace(); fail(e.getMessage()); } Response response = request.post(Entity.json(registerRequestContent)); String entity = response.readEntity(String.class); showResponse("sectorIdentifierUrlVerificationFail1", response, entity); assertEquals(response.getStatus(), 400, "Unexpected response code. " + entity); assertNotNull(entity, "Unexpected result: " + entity); try { JSONObject jsonObj = new JSONObject(entity); assertTrue(jsonObj.has("error"), "The error type is null"); assertTrue(jsonObj.has("error_description"), "The error description is null"); } catch (JSONException e) { e.printStackTrace(); fail(e.getMessage() + "\nResponse was: " + entity); } }
@Parameters({"redirectUris", "sectorIdentifierUri"}) @Test public void requestClientAssociate1(final String redirectUris, final String sectorIdentifierUri) throws Exception { showTitle("requestClientAssociate1"); RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", StringUtils.spaceSeparatedToList(redirectUris)); registerRequest.setSectorIdentifierUri(sectorIdentifierUri); RegisterClient registerClient = new RegisterClient(registrationEndpoint); registerClient.setRequest(registerRequest); RegisterResponse response = registerClient.exec(); showClient(registerClient); assertEquals(response.getStatus(), 200, "Unexpected response code: " + response.getEntity()); assertNotNull(response.getClientId()); assertNotNull(response.getClientSecret()); assertNotNull(response.getRegistrationAccessToken()); assertNotNull(response.getClientSecretExpiresAt()); }
@Parameters({"redirectUris", "sectorIdentifierUri"}) @Test public void requestClientAssociate3(final String redirectUris, final String sectorIdentifierUri) throws Exception { showTitle("requestClientAssociate3"); String softwareId = UUID.randomUUID().toString(); String softwareVersion = "version_3.1.5"; RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", StringUtils.spaceSeparatedToList(redirectUris)); registerRequest.setSectorIdentifierUri(sectorIdentifierUri); registerRequest.setSoftwareId(softwareId); registerRequest.setSoftwareVersion(softwareVersion); RegisterClient registerClient = new RegisterClient(registrationEndpoint); registerClient.setRequest(registerRequest); RegisterResponse response = registerClient.exec(); showClient(registerClient); assertEquals(response.getStatus(), 200, "Unexpected response code: " + response.getEntity()); assertNotNull(response.getClientId()); assertNotNull(response.getClientSecret()); assertNotNull(response.getRegistrationAccessToken()); assertNotNull(response.getClientSecretExpiresAt()); assertTrue(response.getClaims().containsKey(SOFTWARE_ID.toString())); assertEquals(response.getClaims().get(SOFTWARE_ID.toString()), softwareId); assertTrue(response.getClaims().containsKey(SOFTWARE_VERSION.toString())); assertEquals(response.getClaims().get(SOFTWARE_VERSION.toString()), softwareVersion); }
@Parameters({"sectorIdentifierUri"}) @Test public void rejectsSectorIdentifierNotContainingRegisteredRedirectUriValues(final String sectorIdentifierUri) throws Exception { showTitle("OC5:FeatureTest-Rejects Sector Identifier Not Containing Registered redirect uri Values"); List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE); RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", StringUtils.spaceSeparatedToList("https://not_registered")); registerRequest.setSectorIdentifierUri(sectorIdentifierUri); registerRequest.setResponseTypes(responseTypes); RegisterClient registerClient = new RegisterClient(registrationEndpoint); registerClient.setRequest(registerRequest); RegisterResponse registerResponse = registerClient.exec(); showClient(registerClient); assertEquals(registerResponse.getStatus(), 400, "Unexpected response code: " + registerResponse.getStatus()); assertNotNull(registerResponse.getErrorType(), "The error type is null"); assertNotNull(registerResponse.getErrorDescription(), "The error description is null"); } }
@Parameters({"redirectUris"}) @Test public void sectorIdentifierUrlVerificationFail1(final String redirectUris) throws Exception { showTitle("sectorIdentifierUrlVerificationFail1"); RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", StringUtils.spaceSeparatedToList(redirectUris)); registerRequest.addCustomAttribute("oxAuthTrustedClient", "true"); registerRequest.setSectorIdentifierUri("https://INVALID_SECTOR_IDENTIFIER_URL"); RegisterClient registerClient = new RegisterClient(registrationEndpoint); registerClient.setRequest(registerRequest); RegisterResponse response = registerClient.exec(); showClient(registerClient); assertEquals(response.getStatus(), 400, "Unexpected response code: " + response.getEntity()); assertNotNull(response.getEntity(), "The entity is null"); assertNotNull(response.getErrorType(), "The error type is null"); assertNotNull(response.getErrorDescription(), "The error description is null"); }
@Parameters({"sectorIdentifierUri"}) @Test public void sectorIdentifierUrlVerificationFail2(final String sectorIdentifierUri) throws Exception { showTitle("sectorIdentifierUrlVerificationFail2"); String redirectUris = "https://INVALID_REDIRECT_URI https://client.example.com/cb https://client.example.com/cb1 https://client.example.com/cb2"; RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", StringUtils.spaceSeparatedToList(redirectUris)); registerRequest.addCustomAttribute("oxAuthTrustedClient", "true"); registerRequest.setSectorIdentifierUri(sectorIdentifierUri); RegisterClient registerClient = new RegisterClient(registrationEndpoint); registerClient.setRequest(registerRequest); RegisterResponse response = registerClient.exec(); showClient(registerClient); assertEquals(response.getStatus(), 400, "Unexpected response code: " + response.getEntity()); assertNotNull(response.getEntity(), "The entity is null"); assertNotNull(response.getErrorType(), "The error type is null"); assertNotNull(response.getErrorDescription(), "The error description is null"); }
private RegisterResponse registerClient(final String redirectUris, final List<ResponseType> responseTypes, final List<GrantType> grantTypes, final String sectorIdentifierUri) { RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", StringUtils.spaceSeparatedToList(redirectUris)); registerRequest.setResponseTypes(responseTypes); registerRequest.setGrantTypes(grantTypes); registerRequest.setSectorIdentifierUri(sectorIdentifierUri); registerRequest.setSubjectType(SubjectType.PAIRWISE); RegisterClient registerClient = new RegisterClient(registrationEndpoint); registerClient.setRequest(registerRequest); RegisterResponse registerResponse = registerClient.exec(); showClient(registerClient); assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity()); assertNotNull(registerResponse.getClientId()); assertNotNull(registerResponse.getClientSecret()); assertNotNull(registerResponse.getRegistrationAccessToken()); assertNotNull(registerResponse.getClientIdIssuedAt()); assertNotNull(registerResponse.getClientSecretExpiresAt()); return registerResponse; }
private RegisterResponse registerClient( final String redirectUris, List<ResponseType> responseTypes, List<String> scopes, String sectorIdentifierUri) { RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", StringUtils.spaceSeparatedToList(redirectUris)); registerRequest.setResponseTypes(responseTypes); registerRequest.setScope(scopes); registerRequest.setSubjectType(SubjectType.PAIRWISE); registerRequest.setSectorIdentifierUri(sectorIdentifierUri); RegisterClient registerClient = new RegisterClient(registrationEndpoint); registerClient.setRequest(registerRequest); RegisterResponse registerResponse = registerClient.exec(); showClient(registerClient); assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity()); assertNotNull(registerResponse.getClientId()); assertNotNull(registerResponse.getClientSecret()); assertNotNull(registerResponse.getRegistrationAccessToken()); assertNotNull(registerResponse.getClientIdIssuedAt()); assertNotNull(registerResponse.getClientSecretExpiresAt()); return registerResponse; }
private RegisterResponse registerClient( final String redirectUris, List<ResponseType> responseTypes, List<String> scopes, String sectorIdentifierUri) { RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", StringUtils.spaceSeparatedToList(redirectUris)); registerRequest.setResponseTypes(responseTypes); registerRequest.setScope(scopes); registerRequest.setSubjectType(SubjectType.PAIRWISE); registerRequest.setSectorIdentifierUri(sectorIdentifierUri); RegisterClient registerClient = new RegisterClient(registrationEndpoint); registerClient.setRequest(registerRequest); RegisterResponse registerResponse = registerClient.exec(); showClient(registerClient); assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity()); assertNotNull(registerResponse.getClientId()); assertNotNull(registerResponse.getClientSecret()); assertNotNull(registerResponse.getRegistrationAccessToken()); assertNotNull(registerResponse.getClientIdIssuedAt()); assertNotNull(registerResponse.getClientSecretExpiresAt()); return registerResponse; }
@Parameters({"redirectUris", "sectorIdentifierUri"}) @Test public void registerWithApplicationTypeNativeAndSubjectTypePairwise( final String redirectUris, final String sectorIdentifierUri) throws Exception { showTitle("registerWithApplicationTypeNativeAndSubjectTypePairwise"); List<String> redirectUriList = Lists.newArrayList(StringUtils.spaceSeparatedToList(redirectUris)); RegisterRequest registerRequest = new RegisterRequest(ApplicationType.NATIVE, "oxAuth native test app", redirectUriList); registerRequest.setSubjectType(SubjectType.PAIRWISE); registerRequest.setSectorIdentifierUri(sectorIdentifierUri); RegisterClient registerClient = new RegisterClient(registrationEndpoint); registerClient.setExecutor(clientExecutor(true)); registerClient.setRequest(registerRequest); RegisterResponse response = registerClient.exec(); showClient(registerClient); assertEquals(response.getStatus(), 200, "Unexpected response code: " + response.getEntity()); assertNotNull(response.getClientId()); assertNotNull(response.getClientSecret()); assertNotNull(response.getRegistrationAccessToken()); assertNotNull(response.getClientSecretExpiresAt()); }
private RegisterResponse registerClient( final String redirectUris, List<ResponseType> responseTypes, List<String> scopes, String sectorIdentifierUri) { RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", StringUtils.spaceSeparatedToList(redirectUris)); registerRequest.setResponseTypes(responseTypes); registerRequest.setScope(scopes); registerRequest.setSubjectType(SubjectType.PAIRWISE); registerRequest.setSectorIdentifierUri(sectorIdentifierUri); RegisterClient registerClient = new RegisterClient(registrationEndpoint); registerClient.setRequest(registerRequest); RegisterResponse registerResponse = registerClient.exec(); showClient(registerClient); assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity()); assertNotNull(registerResponse.getClientId()); assertNotNull(registerResponse.getClientSecret()); assertNotNull(registerResponse.getRegistrationAccessToken()); assertNotNull(registerResponse.getClientIdIssuedAt()); assertNotNull(registerResponse.getClientSecretExpiresAt()); return registerResponse; } }
registerRequest.setResponseTypes(responseTypes); registerRequest.setGrantTypes(grantTypes); registerRequest.setSectorIdentifierUri(sectorIdentifierUri); registerRequest.addCustomAttribute("oxAuthTrustedClient", "true"); registerRequest.addCustomAttribute("myCustomAttr1", customAttrValue1);
/** * Register with pairwise Subject Type and without Sector Identifier URI must fail because there are multiple * hostnames in the Redirect URI list. */ @Parameters({"redirectUris"}) @Test public void sectorIdentifierUrlVerificationFail3(final String redirectUris) throws Exception { showTitle("sectorIdentifierUrlVerificationFail3"); RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", StringUtils.spaceSeparatedToList(redirectUris)); registerRequest.setSubjectType(SubjectType.PAIRWISE); registerRequest.setSectorIdentifierUri(null); RegisterClient registerClient = new RegisterClient(registrationEndpoint); registerClient.setRequest(registerRequest); RegisterResponse response = registerClient.exec(); showClient(registerClient); assertEquals(response.getStatus(), 400, "Unexpected response code: " + response.getEntity()); assertNotNull(response.getEntity(), "The entity is null"); assertNotNull(response.getErrorType(), "The error type is null"); assertNotNull(response.getErrorDescription(), "The error description is null"); } }
private RegisterResponse registerClient( final String redirectUris, List<ResponseType> responseTypes, List<String> scopes, String sectorIdentifierUri) { RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth benchmark test app", StringUtils.spaceSeparatedToList(redirectUris)); registerRequest.setResponseTypes(responseTypes); registerRequest.setScope(scopes); registerRequest.setSubjectType(SubjectType.PAIRWISE); registerRequest.setSectorIdentifierUri(sectorIdentifierUri); RegisterClient registerClient = new RegisterClient(registrationEndpoint); registerClient.setRequest(registerRequest); RegisterResponse registerResponse = registerClient.exec(); showClient(registerClient); assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity()); assertNotNull(registerResponse.getClientId()); assertNotNull(registerResponse.getClientSecret()); assertNotNull(registerResponse.getRegistrationAccessToken()); assertNotNull(registerResponse.getClientIdIssuedAt()); assertNotNull(registerResponse.getClientSecretExpiresAt()); return registerResponse; }
private RegisterResponse registerClient( final String redirectUris, List<ResponseType> responseTypes, List<String> scopes, String sectorIdentifierUri) { RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth benchmark test app", StringUtils.spaceSeparatedToList(redirectUris)); registerRequest.setResponseTypes(responseTypes); registerRequest.setScope(scopes); registerRequest.setSubjectType(SubjectType.PAIRWISE); registerRequest.setSectorIdentifierUri(sectorIdentifierUri); RegisterClient registerClient = new RegisterClient(registrationEndpoint); registerClient.setRequest(registerRequest); RegisterResponse registerResponse = registerClient.exec(); showClient(registerClient); assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity()); assertNotNull(registerResponse.getClientId()); assertNotNull(registerResponse.getClientSecret()); assertNotNull(registerResponse.getRegistrationAccessToken()); assertNotNull(registerResponse.getClientIdIssuedAt()); assertNotNull(registerResponse.getClientSecretExpiresAt()); return registerResponse; }
@Parameters({"redirectUris", "sectorIdentifierUri"}) @Test public void requestClientAssociate(final String redirectUris, final String sectorIdentifierUri) throws Exception { showTitle("requestClientAssociate"); RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", StringUtils.spaceSeparatedToList(redirectUris)); registerRequest.setSectorIdentifierUri(sectorIdentifierUri); RegisterClient registerClient = new RegisterClient(registrationEndpoint); registerClient.setRequest(registerRequest); registerClient.setExecutor(clientExecutor(true)); RegisterResponse response = registerClient.exec(); showClient(registerClient); assertEquals(response.getStatus(), 200, "Unexpected response code: " + response.getEntity()); assertNotNull(response.getClientId()); assertNotNull(response.getClientSecret()); assertNotNull(response.getRegistrationAccessToken()); assertNotNull(response.getClientSecretExpiresAt()); assertNotNull(response.getClaims().get(SCOPE.toString())); registrationAccessToken1 = response.getRegistrationAccessToken(); registrationClientUri1 = response.getRegistrationClientUri(); }
@Parameters({"redirectUris", "sectorIdentifierUri"}) @Test // ATTENTION : uncomment test annotation only if 112-customAttributes.ldif (located in server test resources) // is loaded by ldap server. public void requestClientRegistrationWithCustomAttributes( final String redirectUris, final String sectorIdentifierUri) throws Exception { showTitle("requestClientRegistrationWithCustomAttributes"); final RegisterRequest request = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", StringUtils.spaceSeparatedToList(redirectUris)); // custom attribute must be declared in oxauth-config.xml in dynamic-registration-custom-attribute tag request.addCustomAttribute("myCustomAttr1", "customAttrValue1"); request.addCustomAttribute("myCustomAttr2", "customAttrValue2"); request.setSectorIdentifierUri(sectorIdentifierUri); final RegisterClient registerClient = new RegisterClient(registrationEndpoint); registerClient.setRequest(request); final RegisterResponse response = registerClient.exec(); showClient(registerClient); assertEquals(response.getStatus(), 200, "Unexpected response code: " + response.getEntity()); assertNotNull(response.getClientId()); assertNotNull(response.getClientSecret()); assertNotNull(response.getRegistrationAccessToken()); assertNotNull(response.getClientSecretExpiresAt()); }
StringUtils.spaceSeparatedToList(redirectUris)); registerRequest.setResponseTypes(responseTypes); registerRequest.setSectorIdentifierUri(sectorIdentifierUri);
registerRequest.setPolicyUri("http://www.gluu.org/policy"); registerRequest.setJwksUri(clientJwksUri); registerRequest.setSectorIdentifierUri(sectorIdentifierUri); registerRequest.setSubjectType(SubjectType.PUBLIC); registerRequest.setRequestObjectSigningAlg(SignatureAlgorithm.RS256);
registerRequest.setPolicyUri("http://www.gluu.org/policy"); registerRequest.setJwksUri(clientJwksUri); registerRequest.setSectorIdentifierUri(sectorIdentifierUri); registerRequest.setSubjectType(SubjectType.PUBLIC); registerRequest.setRequestObjectSigningAlg(SignatureAlgorithm.RS256);