Java Code Examples for org.apache.cxf.rs.security.jose.jwt.JwtClaims#setProperty()
The following examples show how to use
org.apache.cxf.rs.security.jose.jwt.JwtClaims#setProperty() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: DefaultJWTClaimsProvider.java From cxf with Apache License 2.0 | 6 votes |
|
protected void handleWSTrustClaims(JWTClaimsProviderParameters jwtClaimsProviderParameters, JwtClaims claims) {
TokenProviderParameters providerParameters = jwtClaimsProviderParameters.getProviderParameters();
// Handle Claims
ProcessedClaimCollection retrievedClaims = ClaimsUtils.processClaims(providerParameters);
if (retrievedClaims != null) {
Iterator<ProcessedClaim> claimIterator = retrievedClaims.iterator();
while (claimIterator.hasNext()) {
ProcessedClaim claim = claimIterator.next();
if (claim.getClaimType() != null && claim.getValues() != null && !claim.getValues().isEmpty()) {
Object claimValues = claim.getValues();
if (claim.getValues().size() == 1) {
claimValues = claim.getValues().get(0);
}
claims.setProperty(translateClaim(claim.getClaimType().toString()), claimValues);
}
}
}
}
Example 2
| Source File: BigQueryServer.java From cxf with Apache License 2.0 | 6 votes |
|
private static ClientAccessToken getAccessToken(PrivateKey privateKey, String issuer) {
JwsHeaders headers = new JwsHeaders(JoseType.JWT, SignatureAlgorithm.RS256);
JwtClaims claims = new JwtClaims();
claims.setIssuer(issuer);
claims.setAudience("https://www.googleapis.com/oauth2/v3/token");
long issuedAt = OAuthUtils.getIssuedAt();
claims.setIssuedAt(issuedAt);
claims.setExpiryTime(issuedAt + 60 * 60);
claims.setProperty("scope", "https://www.googleapis.com/auth/bigquery.readonly");
JwtToken token = new JwtToken(headers, claims);
JwsJwtCompactProducer p = new JwsJwtCompactProducer(token);
String base64UrlAssertion = p.signWith(privateKey);
JwtBearerGrant grant = new JwtBearerGrant(base64UrlAssertion);
WebClient accessTokenService = WebClient.create("https://www.googleapis.com/oauth2/v3/token",
Arrays.asList(new OAuthJSONProvider(),
new AccessTokenGrantWriter()));
WebClient.getConfig(accessTokenService).getInInterceptors().add(new LoggingInInterceptor());
accessTokenService.type(MediaType.APPLICATION_FORM_URLENCODED).accept(MediaType.APPLICATION_JSON);
return accessTokenService.post(grant, ClientAccessToken.class);
}
Example 3
| Source File: TokenCache.java From g-suite-identity-sync with Apache License 2.0 | 5 votes |
|
private ClientAccessToken getAccessToken() throws NoPrivateKeyException {
JwsHeaders headers = new JwsHeaders(JoseType.JWT, SignatureAlgorithm.RS256);
JwtClaims claims = new JwtClaims();
claims.setIssuer(config.getServiceAccountEmail());
claims.setAudience(config.getServiceAccountTokenUri());
claims.setSubject(config.getServiceAccountSubject());
long issuedAt = OAuthUtils.getIssuedAt();
long tokenTimeout = config.getServiceAccountTokenLifetime();
claims.setIssuedAt(issuedAt);
claims.setExpiryTime(issuedAt + tokenTimeout);
String scopes = String.join(" ", config.getServiceAccountScopes());
claims.setProperty("scope", scopes);
JwtToken token = new JwtToken(headers, claims);
JwsJwtCompactProducer p = new JwsJwtCompactProducer(token);
String base64UrlAssertion = p.signWith(config.readServiceAccountKey());
JwtBearerGrant grant = new JwtBearerGrant(base64UrlAssertion);
WebClient accessTokenService = WebClient.create(config.getServiceAccountTokenUri(),
Arrays.asList(new OAuthJSONProvider(), new AccessTokenGrantWriter()));
accessTokenService.type(MediaType.APPLICATION_FORM_URLENCODED).accept(MediaType.APPLICATION_JSON);
return accessTokenService.post(grant, ClientAccessToken.class);
}
Example 4
| Source File: JWTAuthnAuthzTest.java From cxf with Apache License 2.0 | 5 votes |
|
@org.junit.Test
public void testClaimsAuthorizationNoClaims() throws Exception {
URL busFile = JWTAuthnAuthzTest.class.getResource("client.xml");
List<Object> providers = new ArrayList<>();
providers.add(new JacksonJsonProvider());
providers.add(new JwtAuthenticationClientFilter());
String address = "https://localhost:" + PORT + "/signedjwtauthz/bookstore/booksclaims";
WebClient client =
WebClient.create(address, providers, busFile.toString());
client.type("application/json").accept("application/json");
// Create the JWT Token
JwtClaims claims = new JwtClaims();
claims.setSubject("alice");
claims.setIssuer("DoubleItSTSIssuer");
claims.setIssuedAt(Instant.now().getEpochSecond());
claims.setAudiences(toList(address));
// The endpoint requires a role of "boss"
claims.setProperty("role", "boss");
JwtToken token = new JwtToken(claims);
Map<String, Object> properties = new HashMap<>();
properties.put("rs.security.keystore.type", "jwk");
properties.put("rs.security.keystore.alias", "2011-04-29");
properties.put("rs.security.keystore.file",
"org/apache/cxf/systest/jaxrs/security/certs/jwkPrivateSet.txt");
properties.put("rs.security.signature.algorithm", "RS256");
properties.put(JwtConstants.JWT_TOKEN, token);
WebClient.getConfig(client).getRequestContext().putAll(properties);
Response response = client.post(new Book("book", 123L));
assertEquals(response.getStatus(), 403);
}
Example 5
| Source File: JWTAuthnAuthzTest.java From cxf with Apache License 2.0 | 5 votes |
|
@org.junit.Test
public void testClaimsAuthorizationWeakClaims() throws Exception {
URL busFile = JWTAuthnAuthzTest.class.getResource("client.xml");
List<Object> providers = new ArrayList<>();
providers.add(new JacksonJsonProvider());
providers.add(new JwtAuthenticationClientFilter());
String address = "https://localhost:" + PORT + "/signedjwtauthz/bookstore/booksclaims";
WebClient client =
WebClient.create(address, providers, busFile.toString());
client.type("application/json").accept("application/json");
// Create the JWT Token
JwtClaims claims = new JwtClaims();
claims.setSubject("alice");
claims.setIssuer("DoubleItSTSIssuer");
claims.setIssuedAt(Instant.now().getEpochSecond());
claims.setAudiences(toList(address));
// The endpoint requires a role of "boss"
claims.setProperty("role", "boss");
claims.setProperty("http://claims/authentication", "password");
JwtToken token = new JwtToken(claims);
Map<String, Object> properties = new HashMap<>();
properties.put("rs.security.keystore.type", "jwk");
properties.put("rs.security.keystore.alias", "2011-04-29");
properties.put("rs.security.keystore.file",
"org/apache/cxf/systest/jaxrs/security/certs/jwkPrivateSet.txt");
properties.put("rs.security.signature.algorithm", "RS256");
properties.put(JwtConstants.JWT_TOKEN, token);
WebClient.getConfig(client).getRequestContext().putAll(properties);
Response response = client.post(new Book("book", 123L));
assertEquals(response.getStatus(), 403);
}
Example 6
| Source File: JWTAuthnAuthzTest.java From cxf with Apache License 2.0 | 5 votes |
|
@org.junit.Test
public void testAuthorizationWrongRolesAllowedAnnotationHEAD() throws Exception {
URL busFile = JWTAuthnAuthzTest.class.getResource("client.xml");
List<Object> providers = new ArrayList<>();
providers.add(new JacksonJsonProvider());
providers.add(new JwtAuthenticationClientFilter());
String address = "https://localhost:" + PORT + "/signedjwtauthzannotations/bookstore/booksrolesallowed";
WebClient client =
WebClient.create(address, providers, busFile.toString());
client.type("application/json").accept("application/json");
// Create the JWT Token
JwtClaims claims = new JwtClaims();
claims.setSubject("alice");
claims.setIssuer("DoubleItSTSIssuer");
claims.setIssuedAt(Instant.now().getEpochSecond());
claims.setAudiences(toList(address));
// The endpoint requires a role of "boss"
claims.setProperty("role", "manager");
JwtToken token = new JwtToken(claims);
Map<String, Object> properties = new HashMap<>();
properties.put("rs.security.keystore.type", "jwk");
properties.put("rs.security.keystore.alias", "2011-04-29");
properties.put("rs.security.keystore.file",
"org/apache/cxf/systest/jaxrs/security/certs/jwkPrivateSet.txt");
properties.put("rs.security.signature.algorithm", "RS256");
properties.put(JwtConstants.JWT_TOKEN, token);
WebClient.getConfig(client).getRequestContext().putAll(properties);
Response response = client.head();
assertNotEquals(response.getStatus(), 200);
}
Example 7
| Source File: JWTAuthnAuthzTest.java From cxf with Apache License 2.0 | 5 votes |
|
@org.junit.Test
public void testAuthorizationWrongRolesAllowedAnnotationGET() throws Exception {
URL busFile = JWTAuthnAuthzTest.class.getResource("client.xml");
List<Object> providers = new ArrayList<>();
providers.add(new JacksonJsonProvider());
providers.add(new JwtAuthenticationClientFilter());
String address = "https://localhost:" + PORT + "/signedjwtauthzannotations/bookstore/booksrolesallowed";
WebClient client =
WebClient.create(address, providers, busFile.toString());
client.type("application/json").accept("application/json");
// Create the JWT Token
JwtClaims claims = new JwtClaims();
claims.setSubject("alice");
claims.setIssuer("DoubleItSTSIssuer");
claims.setIssuedAt(Instant.now().getEpochSecond());
claims.setAudiences(toList(address));
// The endpoint requires a role of "boss"
claims.setProperty("role", "manager");
JwtToken token = new JwtToken(claims);
Map<String, Object> properties = new HashMap<>();
properties.put("rs.security.keystore.type", "jwk");
properties.put("rs.security.keystore.alias", "2011-04-29");
properties.put("rs.security.keystore.file",
"org/apache/cxf/systest/jaxrs/security/certs/jwkPrivateSet.txt");
properties.put("rs.security.signature.algorithm", "RS256");
properties.put(JwtConstants.JWT_TOKEN, token);
WebClient.getConfig(client).getRequestContext().putAll(properties);
Response response = client.get();
assertNotEquals(response.getStatus(), 200);
}
Example 8
| Source File: JWTAuthnAuthzTest.java From cxf with Apache License 2.0 | 5 votes |
|
@org.junit.Test
public void testAuthorizationWrongRolesAllowedAnnotation() throws Exception {
URL busFile = JWTAuthnAuthzTest.class.getResource("client.xml");
List<Object> providers = new ArrayList<>();
providers.add(new JacksonJsonProvider());
providers.add(new JwtAuthenticationClientFilter());
String address = "https://localhost:" + PORT + "/signedjwtauthzannotations/bookstore/booksrolesallowed";
WebClient client =
WebClient.create(address, providers, busFile.toString());
client.type("application/json").accept("application/json");
// Create the JWT Token
JwtClaims claims = new JwtClaims();
claims.setSubject("alice");
claims.setIssuer("DoubleItSTSIssuer");
claims.setIssuedAt(Instant.now().getEpochSecond());
claims.setAudiences(toList(address));
// The endpoint requires a role of "boss"
claims.setProperty("role", "manager");
JwtToken token = new JwtToken(claims);
Map<String, Object> properties = new HashMap<>();
properties.put("rs.security.keystore.type", "jwk");
properties.put("rs.security.keystore.alias", "2011-04-29");
properties.put("rs.security.keystore.file",
"org/apache/cxf/systest/jaxrs/security/certs/jwkPrivateSet.txt");
properties.put("rs.security.signature.algorithm", "RS256");
properties.put(JwtConstants.JWT_TOKEN, token);
WebClient.getConfig(client).getRequestContext().putAll(properties);
Response response = client.post(new Book("book", 123L));
assertNotEquals(response.getStatus(), 200);
}
Example 9
| Source File: JWTAuthnAuthzTest.java From cxf with Apache License 2.0 | 5 votes |
|
@org.junit.Test
public void testAuthorizationRolesAllowedAnnotationHEAD() throws Exception {
URL busFile = JWTAuthnAuthzTest.class.getResource("client.xml");
List<Object> providers = new ArrayList<>();
providers.add(new JacksonJsonProvider());
providers.add(new JwtAuthenticationClientFilter());
String address = "https://localhost:" + PORT + "/signedjwtauthzannotations/bookstore/booksrolesallowed";
WebClient client =
WebClient.create(address, providers, busFile.toString());
client.type("application/json").accept("application/json");
// Create the JWT Token
JwtClaims claims = new JwtClaims();
claims.setSubject("alice");
claims.setIssuer("DoubleItSTSIssuer");
claims.setIssuedAt(Instant.now().getEpochSecond());
claims.setAudiences(toList(address));
// The endpoint requires a role of "boss"
claims.setProperty("role", "boss");
JwtToken token = new JwtToken(claims);
Map<String, Object> properties = new HashMap<>();
properties.put("rs.security.keystore.type", "jwk");
properties.put("rs.security.keystore.alias", "2011-04-29");
properties.put("rs.security.keystore.file",
"org/apache/cxf/systest/jaxrs/security/certs/jwkPrivateSet.txt");
properties.put("rs.security.signature.algorithm", "RS256");
properties.put(JwtConstants.JWT_TOKEN, token);
WebClient.getConfig(client).getRequestContext().putAll(properties);
Response response = client.head();
assertEquals(response.getStatus(), 200);
}
Example 10
| Source File: JWTAuthnAuthzTest.java From cxf with Apache License 2.0 | 5 votes |
|
@org.junit.Test
public void testAuthorizationWrongRole() throws Exception {
URL busFile = JWTAuthnAuthzTest.class.getResource("client.xml");
List<Object> providers = new ArrayList<>();
providers.add(new JacksonJsonProvider());
providers.add(new JwtAuthenticationClientFilter());
String address = "https://localhost:" + PORT + "/signedjwtauthz/bookstore/books";
WebClient client =
WebClient.create(address, providers, busFile.toString());
client.type("application/json").accept("application/json");
// Create the JWT Token
JwtClaims claims = new JwtClaims();
claims.setSubject("alice");
claims.setIssuer("DoubleItSTSIssuer");
claims.setIssuedAt(Instant.now().getEpochSecond());
claims.setProperty("role", "manager");
claims.setAudiences(toList(address));
JwtToken token = new JwtToken(claims);
Map<String, Object> properties = new HashMap<>();
properties.put("rs.security.keystore.type", "jwk");
properties.put("rs.security.keystore.alias", "2011-04-29");
properties.put("rs.security.keystore.file",
"org/apache/cxf/systest/jaxrs/security/certs/jwkPrivateSet.txt");
properties.put("rs.security.signature.algorithm", "RS256");
properties.put(JwtConstants.JWT_TOKEN, token);
WebClient.getConfig(client).getRequestContext().putAll(properties);
Response response = client.post(new Book("book", 123L));
assertNotEquals(response.getStatus(), 200);
}
Example 11
| Source File: AuthTokenProcessorHandler.java From deprecated-security-advanced-modules with Apache License 2.0 | 5 votes |
|
private String createJwt(SamlResponse samlResponse) throws Exception {
JwtClaims jwtClaims = new JwtClaims();
JwtToken jwt = new JwtToken(jwtClaims);
jwtClaims.setNotBefore(System.currentTimeMillis() / 1000);
jwtClaims.setExpiryTime(getJwtExpiration(samlResponse));
jwtClaims.setProperty(this.jwtSubjectKey, this.extractSubject(samlResponse));
if (this.samlSubjectKey != null) {
jwtClaims.setProperty("saml_ni", samlResponse.getNameId());
}
if (samlResponse.getNameIdFormat() != null) {
jwtClaims.setProperty("saml_nif", SamlNameIdFormat.getByUri(samlResponse.getNameIdFormat()).getShortName());
}
String sessionIndex = samlResponse.getSessionIndex();
if (sessionIndex != null) {
jwtClaims.setProperty("saml_si", sessionIndex);
}
if (this.samlRolesKey != null && this.jwtRolesKey != null) {
String[] roles = this.extractRoles(samlResponse);
jwtClaims.setProperty(this.jwtRolesKey, roles);
}
String encodedJwt = this.jwtProducer.processJwt(jwt);
if (token_log.isDebugEnabled()) {
token_log.debug("Created JWT: " + encodedJwt + "\n" + jsonMapReaderWriter.toJson(jwt.getJwsHeaders()) + "\n"
+ JwtUtils.claimsToJson(jwt.getClaims()));
}
return encodedJwt;
}
Example 12
| Source File: JWTAuthnAuthzTest.java From cxf with Apache License 2.0 | 4 votes |
|
@org.junit.Test
public void testAuthorizationRolesAllowedAnnotationGET() throws Exception {
URL busFile = JWTAuthnAuthzTest.class.getResource("client.xml");
List<Object> providers = new ArrayList<>();
providers.add(new JacksonJsonProvider());
providers.add(new JwtAuthenticationClientFilter());
String address = "https://localhost:" + PORT + "/signedjwtauthzannotations/bookstore/booksrolesallowed";
WebClient client =
WebClient.create(address, providers, busFile.toString());
client.type("application/json").accept("application/json");
// Create the JWT Token
JwtClaims claims = new JwtClaims();
claims.setSubject("alice");
claims.setIssuer("DoubleItSTSIssuer");
claims.setIssuedAt(Instant.now().getEpochSecond());
claims.setAudiences(toList(address));
// The endpoint requires a role of "boss"
claims.setProperty("role", "boss");
JwtToken token = new JwtToken(claims);
Map<String, Object> properties = new HashMap<>();
properties.put("rs.security.keystore.type", "jwk");
properties.put("rs.security.keystore.alias", "2011-04-29");
properties.put("rs.security.keystore.file",
"org/apache/cxf/systest/jaxrs/security/certs/jwkPrivateSet.txt");
properties.put("rs.security.signature.algorithm", "RS256");
properties.put(JwtConstants.JWT_TOKEN, token);
WebClient.getConfig(client).getRequestContext().putAll(properties);
Response response = client.get();
assertEquals(response.getStatus(), 200);
Book returnedBook = response.readEntity(Book.class);
assertEquals(returnedBook.getName(), "book");
assertEquals(returnedBook.getId(), 123L);
}
Example 13
| Source File: JWTAuthnAuthzTest.java From cxf with Apache License 2.0 | 4 votes |
|
@org.junit.Test
public void testAuthorizationRolesAllowedAnnotation() throws Exception {
URL busFile = JWTAuthnAuthzTest.class.getResource("client.xml");
List<Object> providers = new ArrayList<>();
providers.add(new JacksonJsonProvider());
providers.add(new JwtAuthenticationClientFilter());
String address = "https://localhost:" + PORT + "/signedjwtauthzannotations/bookstore/booksrolesallowed";
WebClient client =
WebClient.create(address, providers, busFile.toString());
client.type("application/json").accept("application/json");
// Create the JWT Token
JwtClaims claims = new JwtClaims();
claims.setSubject("alice");
claims.setIssuer("DoubleItSTSIssuer");
claims.setIssuedAt(Instant.now().getEpochSecond());
claims.setAudiences(toList(address));
// The endpoint requires a role of "boss"
claims.setProperty("role", "boss");
JwtToken token = new JwtToken(claims);
Map<String, Object> properties = new HashMap<>();
properties.put("rs.security.keystore.type", "jwk");
properties.put("rs.security.keystore.alias", "2011-04-29");
properties.put("rs.security.keystore.file",
"org/apache/cxf/systest/jaxrs/security/certs/jwkPrivateSet.txt");
properties.put("rs.security.signature.algorithm", "RS256");
properties.put(JwtConstants.JWT_TOKEN, token);
WebClient.getConfig(client).getRequestContext().putAll(properties);
Response response = client.post(new Book("book", 123L));
assertEquals(response.getStatus(), 200);
Book returnedBook = response.readEntity(Book.class);
assertEquals(returnedBook.getName(), "book");
assertEquals(returnedBook.getId(), 123L);
}
Example 14
| Source File: JWTAuthnAuthzTest.java From cxf with Apache License 2.0 | 4 votes |
|
@org.junit.Test
public void testAuthorization() throws Exception {
URL busFile = JWTAuthnAuthzTest.class.getResource("client.xml");
List<Object> providers = new ArrayList<>();
providers.add(new JacksonJsonProvider());
providers.add(new JwtAuthenticationClientFilter());
String address = "https://localhost:" + PORT + "/signedjwtauthz/bookstore/books";
WebClient client =
WebClient.create(address, providers, busFile.toString());
client.type("application/json").accept("application/json");
// Create the JWT Token
JwtClaims claims = new JwtClaims();
claims.setSubject("alice");
claims.setIssuer("DoubleItSTSIssuer");
claims.setIssuedAt(Instant.now().getEpochSecond());
claims.setAudiences(toList(address));
// The endpoint requires a role of "boss"
claims.setProperty("role", "boss");
JwtToken token = new JwtToken(claims);
Map<String, Object> properties = new HashMap<>();
properties.put("rs.security.keystore.type", "jwk");
properties.put("rs.security.keystore.alias", "2011-04-29");
properties.put("rs.security.keystore.file",
"org/apache/cxf/systest/jaxrs/security/certs/jwkPrivateSet.txt");
properties.put("rs.security.signature.algorithm", "RS256");
properties.put(JwtConstants.JWT_TOKEN, token);
WebClient.getConfig(client).getRequestContext().putAll(properties);
Response response = client.post(new Book("book", 123L));
assertEquals(response.getStatus(), 200);
Book returnedBook = response.readEntity(Book.class);
assertEquals(returnedBook.getName(), "book");
assertEquals(returnedBook.getId(), 123L);
}
Example 15
| Source File: JWTAuthnAuthzTest.java From cxf with Apache License 2.0 | 4 votes |
|
@org.junit.Test
public void testClaimsAuthorization() throws Exception {
URL busFile = JWTAuthnAuthzTest.class.getResource("client.xml");
List<Object> providers = new ArrayList<>();
providers.add(new JacksonJsonProvider());
providers.add(new JwtAuthenticationClientFilter());
String address = "https://localhost:" + PORT + "/signedjwtauthz/bookstore/booksclaims";
WebClient client =
WebClient.create(address, providers, busFile.toString());
client.type("application/json").accept("application/json");
// Create the JWT Token
JwtClaims claims = new JwtClaims();
claims.setSubject("alice");
claims.setIssuer("DoubleItSTSIssuer");
claims.setIssuedAt(Instant.now().getEpochSecond());
claims.setAudiences(toList(address));
// The endpoint requires a role of "boss"
claims.setProperty("role", "boss");
// We also require a "smartcard" claim
claims.setProperty("http://claims/authentication", "smartcard");
JwtToken token = new JwtToken(claims);
Map<String, Object> properties = new HashMap<>();
properties.put("rs.security.keystore.type", "jwk");
properties.put("rs.security.keystore.alias", "2011-04-29");
properties.put("rs.security.keystore.file",
"org/apache/cxf/systest/jaxrs/security/certs/jwkPrivateSet.txt");
properties.put("rs.security.signature.algorithm", "RS256");
properties.put(JwtConstants.JWT_TOKEN, token);
WebClient.getConfig(client).getRequestContext().putAll(properties);
Response response = client.post(new Book("book", 123L));
assertEquals(response.getStatus(), 200);
Book returnedBook = response.readEntity(Book.class);
assertEquals(returnedBook.getName(), "book");
assertEquals(returnedBook.getId(), 123L);
}
Example 16
| Source File: OIDCNegativeTest.java From cxf with Apache License 2.0 | 4 votes |
|
@org.junit.Test
public void testJWTRequestNonmatchingClientId() throws Exception {
URL busFile = OIDCNegativeTest.class.getResource("client.xml");
String address = "https://localhost:" + port + "/unsignedjwtservices/";
WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
"alice", "security", busFile.toString());
// Save the Cookie for the second request...
WebClient.getConfig(client).getRequestContext().put(
org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
JwtClaims claims = new JwtClaims();
claims.setIssuer("consumer-id");
claims.setIssuedAt(Instant.now().getEpochSecond());
claims.setAudiences(
Collections.singletonList("https://localhost:" + port + "/unsignedjwtservices/"));
claims.setProperty("client_id", "consumer-id2");
JwsHeaders headers = new JwsHeaders();
headers.setAlgorithm("none");
JwtToken token = new JwtToken(headers, claims);
JwsJwtCompactProducer jws = new JwsJwtCompactProducer(token);
String request = jws.getSignedEncodedJws();
AuthorizationCodeParameters parameters = new AuthorizationCodeParameters();
parameters.setConsumerId("consumer-id");
parameters.setScope("openid");
parameters.setResponseType("code");
parameters.setPath("authorize/");
parameters.setRequest(request);
// Get Authorization Code
try {
OAuth2TestUtils.getLocation(client, parameters);
fail("Failure expected on a non-matching client id");
} catch (ResponseProcessingException ex) {
// expected
}
}
Example 17
| Source File: OIDCNegativeTest.java From cxf with Apache License 2.0 | 4 votes |
|
@org.junit.Test
public void testJWTRequestNonmatchingResponseType() throws Exception {
URL busFile = OIDCNegativeTest.class.getResource("client.xml");
String address = "https://localhost:" + port + "/unsignedjwtservices/";
WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(),
"alice", "security", busFile.toString());
// Save the Cookie for the second request...
WebClient.getConfig(client).getRequestContext().put(
org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
JwtClaims claims = new JwtClaims();
claims.setIssuer("consumer-id");
claims.setIssuedAt(Instant.now().getEpochSecond());
claims.setAudiences(
Collections.singletonList("https://localhost:" + port + "/unsignedjwtservices/"));
claims.setProperty("response_type", "token");
JwsHeaders headers = new JwsHeaders();
headers.setAlgorithm("none");
JwtToken token = new JwtToken(headers, claims);
JwsJwtCompactProducer jws = new JwsJwtCompactProducer(token);
String request = jws.getSignedEncodedJws();
AuthorizationCodeParameters parameters = new AuthorizationCodeParameters();
parameters.setConsumerId("consumer-id");
parameters.setScope("openid");
parameters.setResponseType("code");
parameters.setPath("authorize/");
parameters.setRequest(request);
// Get Authorization Code
try {
OAuth2TestUtils.getLocation(client, parameters);
fail("Failure expected on a non-matching response_type");
} catch (ResponseProcessingException ex) {
// expected
}
}
Example 18
| Source File: JWTTokenValidatorTest.java From cxf with Apache License 2.0 | 4 votes |
|
@Override
public JwtClaims getJwtClaims(JWTClaimsProviderParameters jwtClaimsProviderParameters) {
JwtClaims claims = super.getJwtClaims(jwtClaimsProviderParameters);
claims.setProperty("role", role);
return claims;
}
