Java Code Examples for javax.ws.rs.client.Invocation.Builder#post()

The following examples show how to use javax.ws.rs.client.Invocation.Builder#post() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.

Example 1

Source File: IntrospectionWebServiceEmbeddedTest.java From oxAuth with MIT License

6 votes

@Test(dependsOnMethods = "requestTokenToIntrospect")
@Parameters({ "introspectionPath" })
public void introspection(final String introspectionPath) throws Exception {
	Builder request = ResteasyClientBuilder.newClient().target(url.toString() + introspectionPath).request();

	request.header("Accept", "application/json");
	request.header("Authorization", "Bearer " + authorization.getAccessToken());
	Response response = request.post(Entity.form(new Form("token", tokenToIntrospect.getAccessToken())));

	String entity = response.readEntity(String.class);
	showResponse("introspection", response, entity);

	assertEquals(response.getStatus(), 200);
	try {
		final IntrospectionResponse t = ServerUtil.createJsonMapper().readValue(entity,
				IntrospectionResponse.class);
		assertTrue(t != null && t.isActive());
	} catch (Exception e) {
		e.printStackTrace();
		fail();
	}
}

Example 2

Source File: AzureInteractiveLoginStatusCheckerTask.java From cloudbreak with Apache License 2.0

6 votes

private String createResourceToken(String refreshToken, String tenantId, String resource) throws InteractiveLoginException {
    Form resourceTokenForm = createResourceTokenForm(refreshToken, resource);
    WebTarget webTarget = ClientBuilder.newClient().target(LOGIN_MICROSOFTONLINE);
    Builder request = webTarget.path(tenantId + "/oauth2/token").queryParam("api-version", "1.0").request();
    request.accept(MediaType.APPLICATION_JSON);
    try (Response response = request.post(Entity.entity(resourceTokenForm, MediaType.APPLICATION_FORM_URLENCODED_TYPE))) {
        if (response.getStatusInfo().getFamily() != Family.SUCCESSFUL) {
            throw new InteractiveLoginException("Obtain access token for " + resource + " failed "
                    + "with tenant ID: " + tenantId + ", status code " + response.getStatus()
                    + ", error message: " + response.readEntity(String.class));
        }
        String responseString = response.readEntity(String.class);
        try {
            return new ObjectMapper().readTree(responseString).get("access_token").asText();
        } catch (IOException e) {
            throw new IllegalStateException(e);
        }
    }
}

Example 3

Source File: TokenRestWebServiceEmbeddedTest.java From oxAuth with MIT License

6 votes

@Parameters({"tokenPath", "userId", "userSecret", "audience"})
@Test
public void requestAccessTokenWithClientSecretJwtFail(final String tokenPath, final String userId,
                                                      final String userSecret, final String audience) throws Exception {
    Builder request = ResteasyClientBuilder.newClient().target(url.toString() + tokenPath).request();
    request.header("Content-Type", MediaType.APPLICATION_FORM_URLENCODED);

    TokenRequest tokenRequest = new TokenRequest(GrantType.RESOURCE_OWNER_PASSWORD_CREDENTIALS);
    tokenRequest.setUsername(userId);
    tokenRequest.setPassword(userSecret);
    tokenRequest.setScope("email read_stream manage_pages");

    tokenRequest.setAuthPassword("INVALID_SECRET");
    tokenRequest.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_JWT);
    tokenRequest.setAudience(audience);

    Response response = request
            .post(Entity.form(new MultivaluedHashMap<String, String>(tokenRequest.getParameters())));
    String entity = response.readEntity(String.class);

    showResponse("requestAccessTokenWithClientSecretJwt Fail", response, entity);

    assertEquals(response.getStatus(), 401, "Unexpected response code.");
    assertNotNull(entity, "Unexpected result: " + entity);
    try {
        JSONObject jsonObj = new JSONObject(entity);
        assertTrue(jsonObj.has("error"), "The error type is null");
        assertTrue(jsonObj.has("error_description"), "The error description is null");
    } catch (JSONException e) {
        e.printStackTrace();
        fail(e.getMessage() + "\nResponse was: " + entity);
    }
}

Example 4

Source File: ClientAuthenticationFilterEmbeddedTest.java From oxAuth with MIT License

5 votes

@Parameters({"registerPath", "redirectUris"})
@Test
public void requestClientRegistrationWithCustomAttributes(final String registerPath, final String redirectUris)
		throws Exception {
	Builder request = ResteasyClientBuilder.newClient().target(url.toString() + registerPath).request();

	String registerRequestContent = null;
	try {
		List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE, ResponseType.TOKEN,
				ResponseType.ID_TOKEN);

		customAttrValue1 = UUID.randomUUID().toString();
		RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
				StringUtils.spaceSeparatedToList(redirectUris));
		registerRequest.setResponseTypes(responseTypes);
		registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");
		registerRequest.addCustomAttribute("myCustomAttr1", customAttrValue1);

		List<GrantType> grantTypes = Arrays.asList(
				GrantType.RESOURCE_OWNER_PASSWORD_CREDENTIALS
		);
		registerRequest.setGrantTypes(grantTypes);

		registerRequestContent = ServerUtil.toPrettyJson(registerRequest.getJSONParameters());
	} catch (JSONException e) {
		e.printStackTrace();
		fail(e.getMessage());
	}

	Response response = request.post(Entity.json(registerRequestContent));
	String entity = response.readEntity(String.class);

	showResponse("requestClientRegistrationWithCustomAttributes", response, entity);

	ResponseAsserter responseAsserter = ResponseAsserter.of(response.getStatus(), entity);
	responseAsserter.assertRegisterResponse();
	clientId = responseAsserter.getJson().getJson().getString(RegisterResponseParam.CLIENT_ID.toString());
}

Example 5

Source File: ClientAuthenticationFilterEmbeddedTest.java From oxAuth with MIT License

5 votes

@Parameters({"tokenPath", "userId", "userSecret"})
@Test(dependsOnMethods = "requestClientRegistrationWithCustomAttributes")
public void requestAccessTokenCustomClientAuth2(final String tokenPath, final String userId,
												final String userSecret) throws Exception {
	Builder request = ResteasyClientBuilder.newClient().target(url.toString() + tokenPath).request();

	TokenRequest tokenRequest = new TokenRequest(GrantType.RESOURCE_OWNER_PASSWORD_CREDENTIALS);
	tokenRequest.setUsername(userId);
	tokenRequest.setPassword(userSecret);
	tokenRequest.setScope("profile email");
	tokenRequest.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_POST);
	tokenRequest.addCustomParameter("myCustomAttr1", customAttrValue1);

	Response response = request
			.post(Entity.form(new MultivaluedHashMap<String, String>(tokenRequest.getParameters())));
	String entity = response.readEntity(String.class);

	showResponse("requestAccessTokenCustomClientAuth2", response, entity);

	assertEquals(response.getStatus(), 200, "Unexpected response code.");
	assertTrue(
			response.getHeaderString("Cache-Control") != null
					&& response.getHeaderString("Cache-Control").equals("no-store"),
			"Unexpected result: " + response.getHeaderString("Cache-Control"));
	assertTrue(response.getHeaderString("Pragma") != null && response.getHeaderString("Pragma").equals("no-cache"),
			"Unexpected result: " + response.getHeaderString("Pragma"));
	assertTrue(!entity.equals(null), "Unexpected result: " + entity);
	try {
		JSONObject jsonObj = new JSONObject(entity);
		assertTrue(jsonObj.has("access_token"), "Unexpected result: access_token not found");
		assertTrue(jsonObj.has("token_type"), "Unexpected result: token_type not found");
		assertTrue(jsonObj.has("refresh_token"), "Unexpected result: refresh_token not found");
		assertTrue(jsonObj.has("scope"), "Unexpected result: scope not found");
	} catch (JSONException e) {
		e.printStackTrace();
		fail(e.getMessage() + "\nResponse was: " + entity);
	}
}

Example 6

Source File: TokenEndpointAuthMethodRestrictionEmbeddedTest.java From oxAuth with MIT License

5 votes

/**
 * Fail 2: Call to Token Endpoint with Auth Method
 * <code>client_secret_jwt</code> should fail.
 */
@Parameters({"tokenPath", "audience", "userId", "userSecret"})
@Test(dependsOnMethods = "tokenEndpointAuthMethodClientSecretBasicStep2")
public void tokenEndpointAuthMethodClientSecretBasicFail2(final String tokenPath, final String audience,
                                                          final String userId, final String userSecret) throws Exception {
    Builder request = ResteasyClientBuilder.newClient().target(url.toString() + tokenPath).request();

    TokenRequest tokenRequest = new TokenRequest(GrantType.RESOURCE_OWNER_PASSWORD_CREDENTIALS);
    tokenRequest.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_JWT);
    tokenRequest.setAudience(audience);
    tokenRequest.setUsername(userId);
    tokenRequest.setPassword(userSecret);
    tokenRequest.setScope("email read_stream manage_pages");
    tokenRequest.setAuthUsername(clientId2);
    tokenRequest.setAuthPassword(clientSecret2);

    request.header("Content-Type", MediaType.APPLICATION_FORM_URLENCODED);

    Response response = request
            .post(Entity.form(new MultivaluedHashMap<String, String>(tokenRequest.getParameters())));
    String entity = response.readEntity(String.class);

    showResponse("tokenEndpointAuthMethodClientSecretBasicFail2", response, entity);

    assertEquals(response.getStatus(), 401, "Unexpected response code.");
    assertNotNull(entity, "Unexpected result: " + entity);
    try {
        JSONObject jsonObj = new JSONObject(entity);
        assertTrue(jsonObj.has("error"), "The error type is null");
        assertTrue(jsonObj.has("error_description"), "The error description is null");
    } catch (JSONException e) {
        e.printStackTrace();
        fail(e.getMessage() + "\nResponse was: " + entity);
    }
}

Example 7

Source File: TokenEndpointAuthMethodRestrictionEmbeddedTest.java From oxAuth with MIT License

5 votes

/**
 * Fail 2: Call to Token Endpoint with Auth Method
 * <code>client_secret_post</code> should fail.
 */
@Parameters({"tokenPath", "userId", "userSecret"})
@Test(dependsOnMethods = "tokenEndpointAuthMethodClientSecretJwtStep2")
public void tokenEndpointAuthMethodClientSecretJwtFail2(final String tokenPath, final String userId,
                                                        final String userSecret) throws Exception {
    Builder request = ResteasyClientBuilder.newClient().target(url.toString() + tokenPath).request();

    TokenRequest tokenRequest = new TokenRequest(GrantType.RESOURCE_OWNER_PASSWORD_CREDENTIALS);
    tokenRequest.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_POST);
    tokenRequest.setUsername(userId);
    tokenRequest.setPassword(userSecret);
    tokenRequest.setScope("email read_stream manage_pages");
    tokenRequest.setAuthUsername(clientId4);
    tokenRequest.setAuthPassword(clientSecret4);

    request.header("Content-Type", MediaType.APPLICATION_FORM_URLENCODED);

    Response response = request
            .post(Entity.form(new MultivaluedHashMap<String, String>(tokenRequest.getParameters())));
    String entity = response.readEntity(String.class);

    showResponse("tokenEndpointAuthMethodClientSecretJwtFail2", response, entity);

    assertEquals(response.getStatus(), 401, "Unexpected response code.");
    assertNotNull(entity, "Unexpected result: " + entity);
    try {
        JSONObject jsonObj = new JSONObject(entity);
        assertTrue(jsonObj.has("error"), "The error type is null");
        assertTrue(jsonObj.has("error_description"), "The error description is null");
    } catch (JSONException e) {
        e.printStackTrace();
        fail(e.getMessage() + "\nResponse was: " + entity);
    }
}

Example 8

Source File: TokenRestWebServiceEmbeddedTest.java From oxAuth with MIT License

5 votes

@Parameters({"tokenPath", "redirectUri"})
@Test(dependsOnMethods = "dynamicClientRegistration")
public void requestAccessToken(final String tokenPath, final String redirectUri) throws Exception {
    Builder request = ResteasyClientBuilder.newClient().target(url.toString() + tokenPath).request();

    TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
    tokenRequest.setCode("6f6f3f01-a034-4336-bf31-2e74868e5838");
    tokenRequest.setRedirectUri(redirectUri);
    tokenRequest.setAuthUsername(clientId);
    tokenRequest.setAuthPassword(clientSecret);

    request.header("Authorization", "Basic " + tokenRequest.getEncodedCredentials());
    request.header("Content-Type", MediaType.APPLICATION_FORM_URLENCODED);

    Response response = request
            .post(Entity.form(new MultivaluedHashMap<String, String>(tokenRequest.getParameters())));
    String entity = response.readEntity(String.class);

    showResponse("requestAccessToken", response, entity);

    assertEquals(response.getStatus(), 400, "Unexpected response code.");
    assertNotNull(entity, "Unexpected result: " + entity);
    try {
        JSONObject jsonObj = new JSONObject(entity);
        assertTrue(jsonObj.has("error"), "The error type is null");
        assertTrue(jsonObj.has("error_description"), "The error description is null");
    } catch (JSONException e) {
        e.printStackTrace();
        fail(e.getMessage() + "\nResponse was: " + entity);
    }
}

Example 9

Source File: TokenRestWebServiceWithHSAlgEmbeddedTest.java From oxAuth with MIT License

4 votes

@Parameters({"registerPath", "redirectUris", "clientJwksUri"})
@Test
public void requestAccessTokenWithClientSecretJwtHS512Step1(final String registerPath, final String redirectUris,
                                                            final String jwksUri) throws Exception {
    Builder request = ResteasyClientBuilder.newClient().target(url.toString() + registerPath).request();

    RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
            StringUtils.spaceSeparatedToList(redirectUris));
    registerRequest.setJwksUri(jwksUri);
    registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.CLIENT_SECRET_JWT);
    registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");

    List<GrantType> grantTypes = Arrays.asList(
            GrantType.RESOURCE_OWNER_PASSWORD_CREDENTIALS
    );
    registerRequest.setGrantTypes(grantTypes);

    String registerRequestContent = ServerUtil.toPrettyJson(registerRequest.getJSONParameters());

    Response response = request.post(Entity.json(registerRequestContent));
    String entity = response.readEntity(String.class);

    showResponse("requestAccessTokenWithClientSecretJwtHS512Step1", response, entity);

    assertEquals(response.getStatus(), 200, "Unexpected response code. " + entity);
    assertNotNull(entity, "Unexpected result: " + entity);
    try {
        JSONObject jsonObj = new JSONObject(entity);
        assertTrue(jsonObj.has(RegisterResponseParam.CLIENT_ID.toString()));
        assertTrue(jsonObj.has(CLIENT_SECRET.toString()));
        assertTrue(jsonObj.has(REGISTRATION_ACCESS_TOKEN.toString()));
        assertTrue(jsonObj.has(REGISTRATION_CLIENT_URI.toString()));
        assertTrue(jsonObj.has(CLIENT_ID_ISSUED_AT.toString()));
        assertTrue(jsonObj.has(CLIENT_SECRET_EXPIRES_AT.toString()));

        clientId3 = jsonObj.getString(RegisterResponseParam.CLIENT_ID.toString());
        clientSecret3 = jsonObj.getString(CLIENT_SECRET.toString());
    } catch (JSONException e) {
        e.printStackTrace();
        fail(e.getMessage() + "\nResponse was: " + entity);
    }
}

Example 10

Source File: TokenRestWebServiceEmbeddedTest.java From oxAuth with MIT License

4 votes

@Parameters({"tokenPath", "userId", "userSecret"})
@Test(dependsOnMethods = "dynamicClientRegistration")
public void requestAccessTokenPassword(final String tokenPath, final String userId, final String userSecret)
        throws Exception {
    // Testing with valid parameters
    Builder request = ResteasyClientBuilder.newClient().target(url.toString() + tokenPath).request();

    TokenRequest tokenRequest = new TokenRequest(GrantType.RESOURCE_OWNER_PASSWORD_CREDENTIALS);
    tokenRequest.setUsername(userId);
    tokenRequest.setPassword(userSecret);
    tokenRequest.setScope("email read_stream manage_pages");
    tokenRequest.setAuthUsername(clientId);
    tokenRequest.setAuthPassword(clientSecret);

    request.header("Authorization", "Basic " + tokenRequest.getEncodedCredentials());
    request.header("Content-Type", MediaType.APPLICATION_FORM_URLENCODED);

    Response response = request
            .post(Entity.form(new MultivaluedHashMap<String, String>(tokenRequest.getParameters())));
    String entity = response.readEntity(String.class);

    showResponse("requestAccessTokenPassword", response, entity);

    assertEquals(response.getStatus(), 200, "Unexpected response code.");
    assertTrue(
            response.getHeaderString("Cache-Control") != null
                    && response.getHeaderString("Cache-Control").equals("no-store"),
            "Unexpected result: " + response.getHeaderString("Cache-Control"));
    assertTrue(response.getHeaderString("Pragma") != null && response.getHeaderString("Pragma").equals("no-cache"),
            "Unexpected result: " + response.getHeaderString("Pragma"));
    assertNotNull(entity, "Unexpected result: " + entity);
    try {
        JSONObject jsonObj = new JSONObject(entity);
        assertTrue(jsonObj.has("access_token"), "Unexpected result: access_token not found");
        assertTrue(jsonObj.has("token_type"), "Unexpected result: token_type not found");
        assertTrue(jsonObj.has("refresh_token"), "Unexpected result: refresh_token not found");
        assertTrue(jsonObj.has("scope"), "Unexpected result: scope not found");
    } catch (JSONException e) {
        e.printStackTrace();
        fail(e.getMessage() + "\nResponse was: " + entity);
    }
}

Example 11

Source File: TokenRestWebServiceWithRSAlgEmbeddedTest.java From oxAuth with MIT License

4 votes

@Parameters({"registerPath", "redirectUris", "clientJwksUri"})
@Test
public void requestAccessTokenWithClientSecretJwtRS384Step1(final String registerPath, final String redirectUris,
                                                            final String jwksUri) throws Exception {
    Builder request = ResteasyClientBuilder.newClient().target(url.toString() + registerPath).request();

    RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
            StringUtils.spaceSeparatedToList(redirectUris));
    registerRequest.setJwksUri(jwksUri);
    registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
    registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");

    List<GrantType> grantTypes = Arrays.asList(
            GrantType.RESOURCE_OWNER_PASSWORD_CREDENTIALS
    );
    registerRequest.setGrantTypes(grantTypes);

    String registerRequestContent = ServerUtil.toPrettyJson(registerRequest.getJSONParameters());

    Response response = request.post(Entity.json(registerRequestContent));
    String entity = response.readEntity(String.class);

    showResponse("requestAccessTokenWithClientSecretJwtRS384Step1", response, entity);

    assertEquals(response.getStatus(), 200, "Unexpected response code. " + entity);
    assertNotNull(entity, "Unexpected result: " + entity);
    try {
        JSONObject jsonObj = new JSONObject(entity);
        assertTrue(jsonObj.has(RegisterResponseParam.CLIENT_ID.toString()));
        assertTrue(jsonObj.has(CLIENT_SECRET.toString()));
        assertTrue(jsonObj.has(REGISTRATION_ACCESS_TOKEN.toString()));
        assertTrue(jsonObj.has(REGISTRATION_CLIENT_URI.toString()));
        assertTrue(jsonObj.has(CLIENT_ID_ISSUED_AT.toString()));
        assertTrue(jsonObj.has(CLIENT_SECRET_EXPIRES_AT.toString()));

        clientId2 = jsonObj.getString(RegisterResponseParam.CLIENT_ID.toString());
        clientSecret2 = jsonObj.getString(CLIENT_SECRET.toString());
    } catch (JSONException e) {
        e.printStackTrace();
        fail(e.getMessage() + "\nResponse was: " + entity);
    }
}

Example 12

Source File: TokenRestWebServiceWithRSAlgEmbeddedTest.java From oxAuth with MIT License

4 votes

@Parameters({"tokenPath", "userId", "userSecret", "audience", "RS384_keyId", "keyStoreFile", "keyStoreSecret"})
@Test(dependsOnMethods = "requestAccessTokenWithClientSecretJwtRS384X509CertStep1")
public void requestAccessTokenWithClientSecretJwtRS384X509CertStep2(final String tokenPath, final String userId,
                                                                    final String userSecret, final String audience, final String keyId, final String keyStoreFile,
                                                                    final String keyStoreSecret) throws Exception {
    Builder request = ResteasyClientBuilder.newClient().target(url.toString() + tokenPath).request();

    request.header("Content-Type", MediaType.APPLICATION_FORM_URLENCODED);

    OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, null);

    TokenRequest tokenRequest = new TokenRequest(GrantType.RESOURCE_OWNER_PASSWORD_CREDENTIALS);
    tokenRequest.setUsername(userId);
    tokenRequest.setPassword(userSecret);
    tokenRequest.setScope("email read_stream manage_pages");

    tokenRequest.setAuthUsername(clientId5);
    tokenRequest.setAuthPassword(clientSecret5);
    tokenRequest.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_JWT);
    tokenRequest.setAlgorithm(SignatureAlgorithm.RS384);
    tokenRequest.setKeyId(keyId);
    tokenRequest.setCryptoProvider(cryptoProvider);
    tokenRequest.setAudience(audience);

    Response response = request
            .post(Entity.form(new MultivaluedHashMap<String, String>(tokenRequest.getParameters())));
    String entity = response.readEntity(String.class);

    showResponse("requestAccessTokenWithClientSecretJwtRS384X509CertStep2", response, entity);

    assertEquals(response.getStatus(), 200, "Unexpected response code.");
    assertTrue(
            response.getHeaderString("Cache-Control") != null
                    && response.getHeaderString("Cache-Control").equals("no-store"),
            "Unexpected result: " + response.getHeaderString("Cache-Control"));
    assertTrue(response.getHeaderString("Pragma") != null && response.getHeaderString("Pragma").equals("no-cache"),
            "Unexpected result: " + response.getHeaderString("Pragma"));
    assertNotNull(entity, "Unexpected result: " + entity);
    try {
        JSONObject jsonObj = new JSONObject(entity);
        assertTrue(jsonObj.has("access_token"), "Unexpected result: access_token not found");
        assertTrue(jsonObj.has("token_type"), "Unexpected result: token_type not found");
        assertTrue(jsonObj.has("scope"), "Unexpected result: scope not found");
    } catch (JSONException e) {
        e.printStackTrace();
        fail(e.getMessage() + "\nResponse was: " + entity);
    }
}

Example 13

Source File: TokenRestWebServiceWithESAlgEmbeddedTest.java From oxAuth with MIT License

4 votes

@Parameters({"registerPath", "redirectUris", "clientJwksUri"})
@Test
public void requestAccessTokenWithClientSecretJwtES256X509CertStep1(final String registerPath,
                                                                    final String redirectUris, final String jwksUri) throws Exception {

    Builder request = ResteasyClientBuilder.newClient().target(url.toString() + registerPath).request();

    RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
            StringUtils.spaceSeparatedToList(redirectUris));
    registerRequest.setJwksUri(jwksUri);
    registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.PRIVATE_KEY_JWT);
    registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");

    List<GrantType> grantTypes = Arrays.asList(
            GrantType.RESOURCE_OWNER_PASSWORD_CREDENTIALS
    );
    registerRequest.setGrantTypes(grantTypes);

    String registerRequestContent = ServerUtil.toPrettyJson(registerRequest.getJSONParameters());

    Response response = request.post(Entity.json(registerRequestContent));

    String entity = response.readEntity(String.class);

    showResponse("requestAccessTokenWithClientSecretJwtES256X509CertStep1", response, entity);

    assertEquals(response.getStatus(), 200, "Unexpected response code. " + entity);
    assertNotNull(entity, "Unexpected result: " + entity);
    try {
        JSONObject jsonObj = new JSONObject(entity);
        assertTrue(jsonObj.has(RegisterResponseParam.CLIENT_ID.toString()));
        assertTrue(jsonObj.has(CLIENT_SECRET.toString()));
        assertTrue(jsonObj.has(REGISTRATION_ACCESS_TOKEN.toString()));
        assertTrue(jsonObj.has(REGISTRATION_CLIENT_URI.toString()));
        assertTrue(jsonObj.has(CLIENT_ID_ISSUED_AT.toString()));
        assertTrue(jsonObj.has(CLIENT_SECRET_EXPIRES_AT.toString()));

        clientId4 = jsonObj.getString(RegisterResponseParam.CLIENT_ID.toString());
        clientSecret4 = jsonObj.getString(CLIENT_SECRET.toString());
    } catch (JSONException e) {
        e.printStackTrace();
        fail(e.getMessage() + "\nResponse was: " + entity);
    }
}

Example 14

Source File: TokenRestWebServiceWithHSAlgEmbeddedTest.java From oxAuth with MIT License

4 votes

@Parameters({"tokenPath", "userId", "userSecret", "audience"})
@Test(dependsOnMethods = "requestAccessTokenWithClientSecretJwtHS512Step1")
public void requestAccessTokenWithClientSecretJwtHS512Step2(final String tokenPath, final String userId,
                                                            final String userSecret, final String audience) throws Exception {
    Builder request = ResteasyClientBuilder.newClient().target(url.toString() + tokenPath).request();

    request.header("Content-Type", MediaType.APPLICATION_FORM_URLENCODED);

    OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider();

    TokenRequest tokenRequest = new TokenRequest(GrantType.RESOURCE_OWNER_PASSWORD_CREDENTIALS);
    tokenRequest.setUsername(userId);
    tokenRequest.setPassword(userSecret);
    tokenRequest.setScope("email read_stream manage_pages");

    tokenRequest.setAuthUsername(clientId3);
    tokenRequest.setAuthPassword(clientSecret3);
    tokenRequest.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_JWT);
    tokenRequest.setCryptoProvider(cryptoProvider);
    tokenRequest.setAlgorithm(SignatureAlgorithm.HS512);
    tokenRequest.setAudience(audience);

    Response response = request
            .post(Entity.form(new MultivaluedHashMap<String, String>(tokenRequest.getParameters())));

    String entity = response.readEntity(String.class);

    showResponse("requestAccessTokenWithClientSecretJwtHS512Step2", response, entity);

    assertEquals(response.getStatus(), 200, "Unexpected response code.");
    assertTrue(
            response.getHeaderString("Cache-Control") != null
                    && response.getHeaderString("Cache-Control").equals("no-store"),
            "Unexpected result: " + response.getHeaderString("Cache-Control"));
    assertTrue(response.getHeaderString("Pragma") != null && response.getHeaderString("Pragma").equals("no-cache"),
            "Unexpected result: " + response.getHeaderString("Pragma"));
    assertNotNull(entity, "Unexpected result: " + entity);
    try {
        JSONObject jsonObj = new JSONObject(entity);
        assertTrue(jsonObj.has("access_token"), "Unexpected result: access_token not found");
        assertTrue(jsonObj.has("token_type"), "Unexpected result: token_type not found");
        assertTrue(jsonObj.has("scope"), "Unexpected result: scope not found");
    } catch (Exception e) {
        fail(e.getMessage(), e);
    }
}

Example 15