Java Code Examples for org.gluu.oxauth.model.common.ResponseType

The following examples show how to use org.gluu.oxauth.model.common.ResponseType. These examples are extracted from open source projects. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source Project: oxAuth   Source File: AccessTokenManualTest.java    License: MIT License 6 votes vote down vote up
@Parameters({"userId", "userSecret", "redirectUri", "clientId"})
@Test
public void accessTokenExpiration(final String userId, final String userSecret, final String redirectUri, String clientId) throws Exception {
    showTitle("accessTokenExpiration");

    // Request authorization and receive the authorization code.
    String nonce = UUID.randomUUID().toString();
    List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE, ResponseType.ID_TOKEN, ResponseType.TOKEN);
    List<String> scopes = Arrays.asList("openid", "profile", "address", "email", "phone", "user_name");
    AuthorizationResponse authorizationResponse = requestAuthorization(userId, userSecret, redirectUri, responseTypes, scopes, clientId, nonce);

    String accessToken = authorizationResponse.getAccessToken();

    System.out.println("access_token: " + accessToken);

    for (int i = 0; i < 100; i++) {
        requestUserInfo(accessToken);

        sleepSeconds(10);

        System.out.println("Obtained user info successfully, seconds: " + ((i + 1) * 10));
    }
}
 
Example 2
Source Project: oxAuth   Source File: RegistrationRestWebServiceHttpTest.java    License: MIT License 6 votes vote down vote up
@Test
public void failRegistration_whenRedirectUriIsNotSetForResponseTypeCode() throws Exception {
    showTitle("failRegistration_whenRedirectUriIsNotSetForResponseTypeCode");

    RegisterRequest request = new RegisterRequest();
    request.setResponseTypes(Lists.newArrayList(ResponseType.CODE));

    RegisterClient registerClient = new RegisterClient(registrationEndpoint);
    registerClient.setExecutor(clientExecutor(true));
    registerClient.setRequest(request);
    RegisterResponse response = registerClient.exec();

    showClient(registerClient);
    assertEquals(response.getStatus(), 400, "Unexpected response code: " + response.getEntity());
    assertNotNull(response.getEntity(), "The entity is null");
    assertNotNull(response.getErrorType(), "The error type is null");
    assertNotNull(response.getErrorDescription(), "The error description is null");
}
 
Example 3
Source Project: oxAuth   Source File: SpontaneousScopeHttpTest.java    License: MIT License 6 votes vote down vote up
@Parameters({"userId", "userSecret", "redirectUri"})
@Test
public void spontaneousScope(final String userId, final String userSecret, final String redirectUri) throws Exception {
    showTitle("spontaneousScope");

    List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE, ResponseType.ID_TOKEN, ResponseType.TOKEN);

    RegisterResponse registerResponse = registerClient(redirectUri, responseTypes);

    String clientId = registerResponse.getClientId();

    // Request authorization and receive the authorization code.
    List<String> scopes = Lists.newArrayList("openid", "profile", "address", "email", "phone", "user_name",
            "transaction:245", "transaction:8645");
    AuthorizationResponse authorizationResponse = requestAuthorization(userId, userSecret, redirectUri, responseTypes, scopes, clientId);

    final String[] responseScopes = authorizationResponse.getScope().split(" ");

    // Validate spontaneous scopes are present
    assertTrue(Arrays.asList(responseScopes).contains("transaction:245"));
    assertTrue(Arrays.asList(responseScopes).contains("transaction:8645"));
    assertFalse(Arrays.asList(responseScopes).contains("transaction:not_requested"));
}
 
Example 4
Source Project: oxAuth   Source File: BenchmarkRequestAccessToken.java    License: MIT License 6 votes vote down vote up
@Parameters({"userId", "userSecret", "redirectUris", "sectorIdentifierUri"})
@BeforeClass
public void registerClient(final String userId, final String userSecret, String redirectUris, String sectorIdentifierUri) throws Exception {
    Reporter.log("Register client", true);

    List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE, ResponseType.ID_TOKEN);
    List<String> scopes = Arrays.asList("openid", "profile", "address", "email", "user_name");

    RegisterResponse registerResponse = registerClient(redirectUris, responseTypes, scopes, sectorIdentifierUri);

    assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
    assertNotNull(registerResponse.getClientId());
    assertNotNull(registerResponse.getClientSecret());
    assertNotNull(registerResponse.getRegistrationAccessToken());
    assertNotNull(registerResponse.getClientIdIssuedAt());
    assertNotNull(registerResponse.getClientSecretExpiresAt());

    this.clientId = registerResponse.getClientId();
    this.clientSecret = registerResponse.getClientSecret();
}
 
Example 5
Source Project: oxAuth   Source File: AuthorizationCodeFlowHttpTest.java    License: MIT License 6 votes vote down vote up
private AuthorizationResponse requestAuthorization(final String userId, final String userSecret, final String redirectUri,
                                                   List<ResponseType> responseTypes, List<String> scopes, String clientId, String nonce) {
    String state = UUID.randomUUID().toString();

    AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce);
    authorizationRequest.setState(state);

    AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
            authorizationEndpoint, authorizationRequest, userId, userSecret);

    assertNotNull(authorizationResponse.getLocation(), "The location is null");
    assertNotNull(authorizationResponse.getCode(), "The authorization code is null");
    assertNotNull(authorizationResponse.getState(), "The state is null");
    assertNotNull(authorizationResponse.getScope(), "The scope is null");
    return authorizationResponse;
}
 
Example 6
Source Project: oxAuth   Source File: RegistrationRestWebServiceEmbeddedTest.java    License: MIT License 6 votes vote down vote up
@Parameters({"registerPath"})
@Test
public void failRegistration_whenRedirectUriIsNotSetForResponseTypeCode(final String registerPath) throws Exception {
    Builder request = ResteasyClientBuilder.newClient().target(url.toString() + registerPath).request();

    String registerRequestContent = null;
    try {
        RegisterRequest registerRequest = new RegisterRequest(null, null, null);
        registerRequest.setResponseTypes(Lists.newArrayList(ResponseType.CODE));

        registerRequestContent = ServerUtil.toPrettyJson(registerRequest.getJSONParameters());
    } catch (JSONException e) {
        e.printStackTrace();
        fail(e.getMessage());
    }

    Response response = request.post(Entity.json(registerRequestContent));
    String entity = response.readEntity(String.class);

    showResponse("requestClientRegistrationFail 1", response, entity);

    assertEquals(response.getStatus(), 400, "Unexpected response code. " + entity);
    TestUtil.assertErrorResponse(entity);
}
 
Example 7
Source Project: oxAuth   Source File: BenchmarkRequestAuthorization.java    License: MIT License 5 votes vote down vote up
private AuthorizationResponse requestAuthorization(final String userId, final String userSecret, final String redirectUri,
                                                   List<ResponseType> responseTypes, List<String> scopes, String clientId, String nonce, boolean useNewDriver) {
    String state = UUID.randomUUID().toString();

    AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce);
    authorizationRequest.setState(state);

    AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
            authorizationEndpoint, authorizationRequest, userId, userSecret, true, useNewDriver);

    return authorizationResponse;
}
 
Example 8
Source Project: oxTrust   Source File: UpdateClientAction.java    License: MIT License 5 votes vote down vote up
public boolean checkClientSecretRequired() {
	for (ResponseType responseType : this.responseTypes) {
		if (responseType.getValue().equalsIgnoreCase("token")
				|| responseType.getValue().equalsIgnoreCase("id_token")) {
			return false;
		}
	}
	for (GrantType grantType : this.grantTypes) {
		if (grantType.getValue().equalsIgnoreCase("implicit")) {
			return false;
		}
	}
	return true;
}
 
Example 9
Source Project: oxAuth   Source File: ResponseTypesRestrictionEmbeddedTest.java    License: MIT License 5 votes vote down vote up
/**
 * Authorization request with the other Response types combination should
 * fail.
 */
@Test(dependsOnMethods = "omittedResponseTypesStep3b", dataProvider = "responseTypesCodeIdTokenStep4DataProvider")
public void responseTypesCodeIdTokenStep4(final String authorizePath, final String userId, final String userSecret,
                                          final String redirectUri, final List<ResponseType> responseTypes) throws Exception {
    List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
    String nonce = UUID.randomUUID().toString();

    AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId1, scopes,
            redirectUri, nonce);
    authorizationRequest.setState("af0ifjsldkj");
    authorizationRequest.getPrompts().add(Prompt.NONE);
    authorizationRequest.setAuthUsername(userId);
    authorizationRequest.setAuthPassword(userSecret);

    Builder request = ResteasyClientBuilder.newClient()
            .target(url.toString() + authorizePath + "?" + authorizationRequest.getQueryString()).request();
    request.header("Authorization", "Basic " + authorizationRequest.getEncodedCredentials());
    request.header("Accept", MediaType.TEXT_PLAIN);

    Response response = request.get();
    String entity = response.readEntity(String.class);

    showResponse("responseTypesCodeIdTokenStep4", response, entity);

    if (response.getStatus() == 400) {
        assertNotNull(entity, "Unexpected result: " + entity);
        try {
            JSONObject jsonObj = new JSONObject(entity);
            assertTrue(jsonObj.has("error"), "The error type is null");
            assertTrue(jsonObj.has("error_description"), "The error description is null");
        } catch (JSONException e) {
            e.printStackTrace();
            fail(e.getMessage() + "\nResponse was: " + entity);
        }
    } else {
        fail("Unexpected response code: " + response.getStatus());
    }
}
 
Example 10
Source Project: oxAuth   Source File: TokenRestWebServiceHttpTest.java    License: MIT License 5 votes vote down vote up
@Parameters({"redirectUris", "redirectUri", "sectorIdentifierUri"})
@Test
public void requestAccessTokenFail(final String redirectUris, final String redirectUri, final String sectorIdentifierUri) throws Exception {
    showTitle("requestAccessTokenFail");

    List<ResponseType> responseTypes = new ArrayList<ResponseType>();

    // 1. Register client
    RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
            StringUtils.spaceSeparatedToList(redirectUris));
    registerRequest.setResponseTypes(responseTypes);
    registerRequest.setSectorIdentifierUri(sectorIdentifierUri);

    RegisterClient registerClient = new RegisterClient(registrationEndpoint);
    registerClient.setRequest(registerRequest);
    RegisterResponse registerResponse = registerClient.exec();

    showClient(registerClient);
    assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
    assertNotNull(registerResponse.getClientId());
    assertNotNull(registerResponse.getClientSecret());
    assertNotNull(registerResponse.getRegistrationAccessToken());
    assertNotNull(registerResponse.getClientIdIssuedAt());
    assertNotNull(registerResponse.getClientSecretExpiresAt());

    String clientId = registerResponse.getClientId();
    String clientSecret = registerResponse.getClientSecret();

    // 2. Request with invalid Authorization Code
    String code = "INVALID_AUTHORIZATION_CODE";

    TokenClient tokenClient = new TokenClient(tokenEndpoint);
    TokenResponse response = tokenClient.execAuthorizationCode(code, redirectUri, clientId, clientSecret);

    showClient(tokenClient);
    assertEquals(response.getStatus(), 400, "Unexpected response code: " + response.getStatus());
    assertNotNull(response.getEntity(), "The entity is null");
    assertNotNull(response.getErrorType(), "The error type is null");
    assertNotNull(response.getErrorDescription(), "The error description is null");
}
 
Example 11
Source Project: oxAuth   Source File: OpenIDRequestObjectWithRSAlgEmbeddedTest.java    License: MIT License 5 votes vote down vote up
@Parameters({ "registerPath", "redirectUris", "clientJwksUri" })
@Test
public void requestParameterMethodRS384Step1(final String registerPath, final String redirectUris,
		final String jwksUri) throws Exception {
	Builder request = ResteasyClientBuilder.newClient().target(url.toString() + registerPath).request();

	String registerRequestContent = null;
	try {
		List<ResponseType> responseTypes = Arrays.asList(ResponseType.TOKEN);

		RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
				StringUtils.spaceSeparatedToList(redirectUris));
		registerRequest.setJwksUri(jwksUri);
		registerRequest.setResponseTypes(responseTypes);
		registerRequest.setRequestObjectSigningAlg(SignatureAlgorithm.RS384);
		registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");

		registerRequestContent = ServerUtil.toPrettyJson(registerRequest.getJSONParameters());
	} catch (JSONException e) {
		e.printStackTrace();
		fail(e.getMessage());
	}

	Response response = request.post(Entity.json(registerRequestContent));
	String entity = response.readEntity(String.class);

	showResponse("requestParameterMethodRS384Step1", response, entity);

	ResponseAsserter responseAsserter = ResponseAsserter.of(response.getStatus(), entity);
	responseAsserter.assertRegisterResponse();
	clientId2 = responseAsserter.getJson().getJson().getString(RegisterResponseParam.CLIENT_ID.toString());
}
 
Example 12
Source Project: oxAuth   Source File: ResponseTypesRestrictionEmbeddedTest.java    License: MIT License 5 votes vote down vote up
/**
 * Authorization request with the other Response types combination should
 * fail.
 */
@Test(dependsOnMethods = "responseTypesTokenIdTokenStep3", dataProvider = "responseTypesTokenIdTokenStep4DataProvider")
public void responseTypesTokenIdTokenStep4(final String authorizePath, final String userId, final String userSecret,
                                           final String redirectUri, final List<ResponseType> responseTypes) throws Exception {
    List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
    String nonce = UUID.randomUUID().toString();

    AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId3, scopes,
            redirectUri, nonce);
    authorizationRequest.setState("af0ifjsldkj");
    authorizationRequest.getPrompts().add(Prompt.NONE);
    authorizationRequest.setAuthUsername(userId);
    authorizationRequest.setAuthPassword(userSecret);

    Builder request = ResteasyClientBuilder.newClient()
            .target(url.toString() + authorizePath + "?" + authorizationRequest.getQueryString()).request();
    request.header("Authorization", "Basic " + authorizationRequest.getEncodedCredentials());
    request.header("Accept", MediaType.TEXT_PLAIN);

    Response response = request.get();
    String entity = response.readEntity(String.class);

    showResponse("responseTypesTokenIdTokenStep4", response, entity);

    if (response.getStatus() == 400) {
        assertNotNull(entity, "Unexpected result: " + entity);
        try {
            JSONObject jsonObj = new JSONObject(entity);
            assertTrue(jsonObj.has("error"), "The error type is null");
            assertTrue(jsonObj.has("error_description"), "The error description is null");
        } catch (JSONException e) {
            e.printStackTrace();
            fail(e.getMessage() + "\nResponse was: " + entity);
        }
    } else {
        fail("Unexpected response code: " + response.getStatus());
    }
}
 
Example 13
Source Project: oxAuth   Source File: UserAuthenticationFilterEmbeddedTest.java    License: MIT License 5 votes vote down vote up
@Parameters({"registerPath", "redirectUris"})
@Test
public void dynamicClientRegistration(final String registerPath, final String redirectUris) throws Exception {
    Builder request = ResteasyClientBuilder.newClient().target(url.toString() + registerPath).request();

    List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE, ResponseType.TOKEN, ResponseType.ID_TOKEN);

    RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
            StringUtils.spaceSeparatedToList(redirectUris));
    registerRequest.setResponseTypes(responseTypes);
    registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");

    List<GrantType> grantTypes = Arrays.asList(
            GrantType.RESOURCE_OWNER_PASSWORD_CREDENTIALS
    );
    registerRequest.setGrantTypes(grantTypes);

    String registerRequestContent = ServerUtil.toPrettyJson(registerRequest.getJSONParameters());

    Response response = request.post(Entity.json(registerRequestContent));
    String entity = response.readEntity(String.class);

    showResponse("dynamicClientRegistration", response, entity);

    assertEquals(response.getStatus(), 200, "Unexpected response code. " + entity);
    assertNotNull(entity, "Unexpected result: " + entity);
    try {
        final RegisterResponse registerResponse = RegisterResponse.valueOf(entity);
        ClientTestUtil.assert_(registerResponse);

        clientId = registerResponse.getClientId();
        clientSecret = registerResponse.getClientSecret();
    } catch (Exception e) {
        e.printStackTrace();
        fail(e.getMessage() + "\nResponse was: " + entity);
    }
}
 
Example 14
Source Project: oxAuth   Source File: BenchmarkRequestAuthorization.java    License: MIT License 5 votes vote down vote up
private void testAuthorizationImpl(final String userId, final String userSecret, final String clientId, final String redirectUri, boolean useNewDriver) {
    List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE, ResponseType.ID_TOKEN);
    List<String> scopes = Arrays.asList("openid", "profile", "address", "email", "user_name");
    String nonce = UUID.randomUUID().toString();

    AuthorizationResponse response = requestAuthorization(userId, userSecret, redirectUri, responseTypes, scopes, clientId, nonce, useNewDriver);

    assertNotNull(response.getLocation(), "The location is null");
    assertNotNull(response.getCode(), "The authorization code is null");
    assertNotNull(response.getState(), "The state is null");
    assertNotNull(response.getScope(), "The scope is null");
}
 
Example 15
Source Project: oxAuth   Source File: AuthorizeRestWebServiceEmbeddedTest.java    License: MIT License 5 votes vote down vote up
@Parameters({"authorizePath", "userId", "userSecret"})
@Test(dependsOnMethods = "dynamicClientRegistration")
public void requestAuthorizationCodeWithoutRedirectUriFail(final String authorizePath, final String userId,
                                                           final String userSecret) throws Exception {
    final String state = UUID.randomUUID().toString();

    List<ResponseType> responseTypes = Arrays.asList(ResponseType.CODE);
    List<String> scopes = Arrays.asList("openid", "profile", "address", "email");

    AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId1, scopes, null,
            null);
    authorizationRequest.setState(state);
    authorizationRequest.getPrompts().add(Prompt.NONE);
    authorizationRequest.setAuthUsername(userId);
    authorizationRequest.setAuthPassword(userSecret);

    Builder request = ResteasyClientBuilder.newClient()
            .target(url.toString() + authorizePath + "?" + authorizationRequest.getQueryString()).request();
    request.header("Authorization", "Basic " + authorizationRequest.getEncodedCredentials());
    request.header("Accept", MediaType.TEXT_PLAIN);

    Response response = request.get();
    String entity = response.readEntity(String.class);

    showResponse("requestAuthorizationCodeWithoutRedirectUriFailStep", response, entity);

    assertEquals(response.getStatus(), 400, "Unexpected response code.");
    assertNotNull(entity, "Unexpected result: " + entity);
    try {
        JSONObject jsonObj = new JSONObject(entity);
        assertTrue(jsonObj.has("error"), "The error type is null");
        assertTrue(jsonObj.has("error_description"), "The error description is null");
        assertEquals(jsonObj.get(AuthorizeResponseParam.STATE), state);
    } catch (JSONException e) {
        e.printStackTrace();
        fail(e.getMessage() + "\nResponse was: " + entity);
    }
}
 
Example 16
Source Project: oxAuth   Source File: ClientAuthenticationByAccessTokenHttpTest.java    License: MIT License 5 votes vote down vote up
@Test
public void requestClientRegistrationWithCustomAttributes() throws Exception {
    showTitle("requestClientRegistrationWithCustomAttributes");

    List<ResponseType> responseTypes = Arrays.asList(
            ResponseType.CODE,
            ResponseType.TOKEN,
            ResponseType.ID_TOKEN);
    List<GrantType> grantTypes = Arrays.asList(
            GrantType.RESOURCE_OWNER_PASSWORD_CREDENTIALS
    );

    RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", Collections.singletonList(REDIRECT_URI));
    registerRequest.setResponseTypes(responseTypes);
    registerRequest.setGrantTypes(grantTypes);
    registerRequest.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_BASIC);
    registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");

    RegisterClient registerClient = new RegisterClient(registrationEndpoint);
    registerClient.setExecutor(clientExecutor(true));
    registerClient.setRequest(registerRequest);
    RegisterResponse response = registerClient.exec();

    showClient(registerClient);
    assertEquals(response.getStatus(), 200, "Unexpected response code: " + response.getEntity());
    assertNotNull(response.getClientId());
    assertNotNull(response.getClientSecret());
    assertNotNull(response.getRegistrationAccessToken());
    assertNotNull(response.getClientSecretExpiresAt());

    clientId = response.getClientId();
    clientSecret = response.getClientSecret();
}
 
Example 17
Source Project: oxAuth   Source File: OpenIDRequestObjectWithRSAlgEmbeddedTest.java    License: MIT License 5 votes vote down vote up
@Parameters({ "registerPath", "redirectUris", "clientJwksUri" })
@Test
public void requestParameterMethodRS256Step1(final String registerPath, final String redirectUris,
		final String jwksUri) throws Exception {
	Builder request = ResteasyClientBuilder.newClient().target(url.toString() + registerPath).request();

	String registerRequestContent = null;
	try {
		List<ResponseType> responseTypes = Arrays.asList(ResponseType.TOKEN);

		RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
				StringUtils.spaceSeparatedToList(redirectUris));
		registerRequest.setJwksUri(jwksUri);
		registerRequest.setResponseTypes(responseTypes);
		registerRequest.setRequestObjectSigningAlg(SignatureAlgorithm.RS256);
		registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");

		registerRequestContent = ServerUtil.toPrettyJson(registerRequest.getJSONParameters());
	} catch (JSONException e) {
		e.printStackTrace();
		fail(e.getMessage());
	}

	Response response = request.post(Entity.json(registerRequestContent));
	String entity = response.readEntity(String.class);

	showResponse("requestParameterMethodRS256Step1", response, entity);

	ResponseAsserter responseAsserter = ResponseAsserter.of(response.getStatus(), entity);
	responseAsserter.assertRegisterResponse();
	clientId1 = responseAsserter.getJson().getJson().getString(RegisterResponseParam.CLIENT_ID.toString());
}
 
Example 18
Source Project: oxAuth   Source File: ResponseTypesRestrictionHttpTest.java    License: MIT License 5 votes vote down vote up
@DataProvider(name = "responseTypesCodeIdTokenFailDataProvider")
public Object[][] responseTypesCodeIdTokenFailDataProvider(ITestContext context) {
    String redirectUris = context.getCurrentXmlTest().getParameter("redirectUris");
    String redirectUri = context.getCurrentXmlTest().getParameter("redirectUri");
    String userId = context.getCurrentXmlTest().getParameter("userId");
    String userSecret = context.getCurrentXmlTest().getParameter("userSecret");
    String sectorIdentifierUri = context.getCurrentXmlTest().getParameter("sectorIdentifierUri");

    return new Object[][]{
            {redirectUris, redirectUri, userId, userSecret, Arrays.asList(ResponseType.TOKEN), sectorIdentifierUri},
            {redirectUris, redirectUri, userId, userSecret, Arrays.asList(ResponseType.TOKEN, ResponseType.ID_TOKEN), sectorIdentifierUri},
            {redirectUris, redirectUri, userId, userSecret, Arrays.asList(ResponseType.CODE, ResponseType.TOKEN), sectorIdentifierUri},
            {redirectUris, redirectUri, userId, userSecret, Arrays.asList(ResponseType.CODE, ResponseType.TOKEN, ResponseType.ID_TOKEN), sectorIdentifierUri},
    };
}
 
Example 19
Source Project: oxAuth   Source File: AuthorizeParamsValidator.java    License: MIT License 5 votes vote down vote up
public static boolean validateResponseTypes(List<ResponseType> responseTypes, Client client) {
    if (responseTypes == null || responseTypes.isEmpty() || client == null || client.getResponseTypes() == null) {
        return false;
    }

    List<ResponseType> clientSupportedResponseTypes = Arrays.asList(client.getResponseTypes());

    return clientSupportedResponseTypes.containsAll(responseTypes);
}
 
Example 20
Source Project: oxTrust   Source File: OxAuthClient.java    License: MIT License 4 votes vote down vote up
public ResponseType[] getResponseTypes() {
	return responseTypes;
}
 
Example 21
@Parameters({"userId", "userSecret", "redirectUris", "redirectUri", "sectorIdentifierUri"})
@Test
public void userInfoEndpointAccessWithFormEncodedBodyMethod(
        final String userId, final String userSecret, final String redirectUris, final String redirectUri,
        final String sectorIdentifierUri) throws Exception {
    showTitle("OC5:FeatureTest-UserInfo Endpoint Access with Form-Encoded Body Method");

    List<ResponseType> responseTypes = Arrays.asList(ResponseType.TOKEN, ResponseType.ID_TOKEN);

    // 1. Register client
    RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
            StringUtils.spaceSeparatedToList(redirectUris));
    registerRequest.setResponseTypes(responseTypes);
    registerRequest.setSectorIdentifierUri(sectorIdentifierUri);

    RegisterClient registerClient = new RegisterClient(registrationEndpoint);
    registerClient.setRequest(registerRequest);
    RegisterResponse registerResponse = registerClient.exec();

    showClient(registerClient);
    assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
    assertNotNull(registerResponse.getClientId());
    assertNotNull(registerResponse.getClientSecret());
    assertNotNull(registerResponse.getRegistrationAccessToken());
    assertNotNull(registerResponse.getClientIdIssuedAt());
    assertNotNull(registerResponse.getClientSecretExpiresAt());

    String clientId = registerResponse.getClientId();

    // 2. Request authorization
    List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
    String nonce = UUID.randomUUID().toString();
    String state = UUID.randomUUID().toString();

    AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce);
    authorizationRequest.setState(state);

    AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
            authorizationEndpoint, authorizationRequest, userId, userSecret);

    assertNotNull(authorizationResponse.getLocation());
    assertNotNull(authorizationResponse.getAccessToken());
    assertNotNull(authorizationResponse.getIdToken());
    assertNotNull(authorizationResponse.getState());

    String accessToken = authorizationResponse.getAccessToken();

    // 3. Request user info
    UserInfoRequest userInfoRequest = new UserInfoRequest(accessToken);
    userInfoRequest.setAuthorizationMethod(AuthorizationMethod.FORM_ENCODED_BODY_PARAMETER);

    UserInfoClient userInfoClient = new UserInfoClient(userInfoEndpoint);
    userInfoClient.setRequest(userInfoRequest);

    UserInfoResponse userInfoResponse = userInfoClient.exec();

    showClient(userInfoClient);
    assertEquals(userInfoResponse.getStatus(), 200, "Unexpected response code: " + userInfoResponse.getStatus());
    assertNotNull(userInfoResponse.getClaim(JwtClaimName.SUBJECT_IDENTIFIER));
    assertNotNull(userInfoResponse.getClaim(JwtClaimName.NAME));
    assertNotNull(userInfoResponse.getClaim(JwtClaimName.GIVEN_NAME));
    assertNotNull(userInfoResponse.getClaim(JwtClaimName.FAMILY_NAME));
    assertNotNull(userInfoResponse.getClaim(JwtClaimName.EMAIL));
    assertNotNull(userInfoResponse.getClaim(JwtClaimName.ZONEINFO));
    assertNotNull(userInfoResponse.getClaim(JwtClaimName.LOCALE));
}
 
Example 22
Source Project: oxAuth   Source File: EncodeClaimsInStateParameter.java    License: MIT License 4 votes vote down vote up
@Parameters({"userId", "userSecret", "redirectUris", "redirectUri", "sectorIdentifierUri",
        "keyStoreFile", "keyStoreSecret", "dnName", "RS256_keyId", "clientJwksUri"})
@Test
public void encodeClaimsInStateParameterAlgRSA15EncA128CBCPLUSHS256(
        final String userId, final String userSecret, final String redirectUris, final String redirectUri,
        final String sectorIdentifierUri, final String keyStoreFile, final String keyStoreSecret,
        final String dnName, final String keyId, final String clientJwksUri) throws Exception {
    showTitle("encodeClaimsInStateParameterAlgRSA15EncA128CBCPLUSHS256");

    List<ResponseType> responseTypes = Arrays.asList(
            ResponseType.TOKEN,
            ResponseType.ID_TOKEN);

    // 1. Register client
    RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
            StringUtils.spaceSeparatedToList(redirectUris));
    registerRequest.setResponseTypes(responseTypes);
    registerRequest.setSectorIdentifierUri(sectorIdentifierUri);

    RegisterClient registerClient = new RegisterClient(registrationEndpoint);
    registerClient.setRequest(registerRequest);
    RegisterResponse registerResponse = registerClient.exec();

    showClient(registerClient);
    assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
    assertNotNull(registerResponse.getClientId());
    assertNotNull(registerResponse.getClientSecret());
    assertNotNull(registerResponse.getRegistrationAccessToken());
    assertNotNull(registerResponse.getClientIdIssuedAt());
    assertNotNull(registerResponse.getClientSecretExpiresAt());

    String clientId = registerResponse.getClientId();

    // 2. Request authorization
    JSONObject jwks = JwtUtil.getJSONWebKeys(clientJwksUri);
    OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);

    List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
    String nonce = UUID.randomUUID().toString();
    String rfp = UUID.randomUUID().toString();
    String jti = UUID.randomUUID().toString();

    JwtState jwtState = new JwtState(KeyEncryptionAlgorithm.RSA1_5, BlockEncryptionAlgorithm.A128CBC_PLUS_HS256, cryptoProvider);
    jwtState.setKeyId(keyId);
    jwtState.setRfp(rfp);
    jwtState.setJti(jti);
    jwtState.setAdditionalClaims(new JSONObject(additionalClaims));
    String encodedState = jwtState.getEncodedJwt(jwks);

    AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce);
    authorizationRequest.setState(encodedState);

    AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
            authorizationEndpoint, authorizationRequest, userId, userSecret);

    assertNotNull(authorizationResponse.getLocation(), "The location is null");
    assertNotNull(authorizationResponse.getAccessToken(), "The accessToken is null");
    assertNotNull(authorizationResponse.getTokenType(), "The tokenType is null");
    assertNotNull(authorizationResponse.getIdToken(), "The idToken is null");
    assertNotNull(authorizationResponse.getState(), "The state is null");

    String state = authorizationResponse.getState();

    // 3. Decrypt state
    PrivateKey privateKey = cryptoProvider.getPrivateKey(keyId);
    Jwe jwe = Jwe.parse(state, privateKey, null);
    assertNotNull(jwe.getClaims().getClaimAsString(KID));
    assertNotNull(jwe.getClaims().getClaimAsString(RFP));
    assertNotNull(jwe.getClaims().getClaimAsString(JTI));
    assertNotNull(jwe.getClaims().getClaimAsJSON(ADDITIONAL_CLAIMS));

    JSONObject addClaims = jwe.getClaims().getClaimAsJSON(ADDITIONAL_CLAIMS);
    assertEquals(addClaims.getString("first_name"), "Javier");
    assertEquals(addClaims.getString("last_name"), "Rojas");
    assertEquals(addClaims.getInt("age"), 34);
    assertNotNull(addClaims.getJSONArray("more"));
    assertEquals(addClaims.getJSONArray("more").length(), 2);
}
 
Example 23
Source Project: oxTrust   Source File: OxAuthClient.java    License: MIT License 4 votes vote down vote up
public void setResponseTypes(ResponseType[] responseTypes) {
	this.responseTypes = responseTypes;
}
 
Example 24
Source Project: oxAuth   Source File: UsesAsymmetricIdTokenSignatures.java    License: MIT License 4 votes vote down vote up
@Parameters({"redirectUris", "userId", "userSecret", "redirectUri", "sectorIdentifierUri"})
@Test
public void usesAsymmetricIdTokenSignaturesES512(
        final String redirectUris, final String userId, final String userSecret, final String redirectUri,
        final String sectorIdentifierUri) throws Exception {
    showTitle("OC5:FeatureTest-Uses Asymmetric ID Token Signatures ES512");

    List<ResponseType> responseTypes = Arrays.asList(ResponseType.ID_TOKEN);

    // 1. Registration
    RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
            StringUtils.spaceSeparatedToList(redirectUris));
    registerRequest.setResponseTypes(responseTypes);
    registerRequest.setIdTokenSignedResponseAlg(SignatureAlgorithm.ES512);
    registerRequest.setSectorIdentifierUri(sectorIdentifierUri);

    RegisterClient registerClient = new RegisterClient(registrationEndpoint);
    registerClient.setRequest(registerRequest);
    RegisterResponse registerResponse = registerClient.exec();

    showClient(registerClient);
    assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
    assertNotNull(registerResponse.getClientId());
    assertNotNull(registerResponse.getClientSecret());
    assertNotNull(registerResponse.getRegistrationAccessToken());
    assertNotNull(registerResponse.getClientSecretExpiresAt());

    String clientId = registerResponse.getClientId();

    // 2. Request Authorization
    List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
    String nonce = UUID.randomUUID().toString();
    String state = UUID.randomUUID().toString();

    AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce);
    authorizationRequest.setState(state);

    AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
            authorizationEndpoint, authorizationRequest, userId, userSecret);

    assertNotNull(authorizationResponse.getLocation());
    assertNotNull(authorizationResponse.getIdToken());
    assertNotNull(authorizationResponse.getState());

    String idToken = authorizationResponse.getIdToken();

    // 3. Validate id_token
    Jwt jwt = Jwt.parse(idToken);
    ECDSAPublicKey publicKey = JwkClient.getECDSAPublicKey(
            jwksUri,
            jwt.getHeader().getClaimAsString(JwtHeaderName.KEY_ID));
    ECDSASigner ecdsaSigner = new ECDSASigner(SignatureAlgorithm.ES512, publicKey);
    assertTrue(ecdsaSigner.validate(jwt));
}
 
Example 25
Source Project: oxAuth   Source File: OpenIDRequestObjectHttpTest.java    License: MIT License 4 votes vote down vote up
@Parameters({"userId", "userSecret", "redirectUri", "redirectUris", "clientJwksUri",
        "RS512_keyId", "dnName", "keyStoreFile", "keyStoreSecret", "sectorIdentifierUri"})
@Test
public void requestParameterMethodRS512X509Cert(
        final String userId, final String userSecret, final String redirectUri, final String redirectUris,
        final String jwksUri, final String keyId, final String dnName, final String keyStoreFile,
        final String keyStoreSecret, final String sectorIdentifierUri) throws Exception {
    showTitle("requestParameterMethodRS512X509Cert");

    List<ResponseType> responseTypes = Arrays.asList(ResponseType.TOKEN, ResponseType.ID_TOKEN);

    // 1. Dynamic Client Registration
    RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
            StringUtils.spaceSeparatedToList(redirectUris));
    registerRequest.setResponseTypes(responseTypes);
    registerRequest.setJwksUri(jwksUri);
    registerRequest.setRequestObjectSigningAlg(SignatureAlgorithm.RS512);
    registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");
    registerRequest.setSectorIdentifierUri(sectorIdentifierUri);

    RegisterClient registerClient = new RegisterClient(registrationEndpoint);
    registerClient.setRequest(registerRequest);
    RegisterResponse response = registerClient.exec();

    showClient(registerClient);
    assertEquals(response.getStatus(), 200, "Unexpected response code: " + response.getEntity());
    assertNotNull(response.getClientId());
    assertNotNull(response.getClientSecret());
    assertNotNull(response.getRegistrationAccessToken());
    assertNotNull(response.getClientSecretExpiresAt());

    String clientId = response.getClientId();

    // 2. Request authorization
    OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);

    List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
    String nonce = UUID.randomUUID().toString();
    String state = UUID.randomUUID().toString();

    AuthorizationRequest request = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce);
    request.setState(state);
    request.setAuthUsername(userId);
    request.setAuthPassword(userSecret);
    request.getPrompts().add(Prompt.NONE);

    JwtAuthorizationRequest jwtAuthorizationRequest = new JwtAuthorizationRequest(request, SignatureAlgorithm.RS512, cryptoProvider);
    jwtAuthorizationRequest.setKeyId(keyId);
    jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.NAME, ClaimValue.createNull()));
    jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.NICKNAME, ClaimValue.createEssential(false)));
    jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.EMAIL, ClaimValue.createNull()));
    jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.EMAIL_VERIFIED, ClaimValue.createNull()));
    jwtAuthorizationRequest.addUserInfoClaim(new Claim(JwtClaimName.PICTURE, ClaimValue.createEssential(false)));
    jwtAuthorizationRequest.addIdTokenClaim(new Claim(JwtClaimName.AUTHENTICATION_TIME, ClaimValue.createNull()));
    jwtAuthorizationRequest.addIdTokenClaim(new Claim(JwtClaimName.AUTHENTICATION_CONTEXT_CLASS_REFERENCE, ClaimValue.createValueList(new String[]{ACR_VALUE})));
    jwtAuthorizationRequest.getIdTokenMember().setMaxAge(86400);
    String authJwt = jwtAuthorizationRequest.getEncodedJwt();
    request.setRequest(authJwt);

    AuthorizeClient authorizeClient = new AuthorizeClient(authorizationEndpoint);
    authorizeClient.setRequest(request);
    AuthorizationResponse response1 = authorizeClient.exec();

    showClient(authorizeClient);
    assertEquals(response1.getStatus(), 302, "Unexpected response code: " + response1.getStatus());
    assertNotNull(response1.getLocation(), "The location is null");
    assertNotNull(response1.getAccessToken(), "The accessToken is null");
    assertNotNull(response1.getTokenType(), "The tokenType is null");
    assertNotNull(response1.getIdToken(), "The idToken is null");
    assertNotNull(response1.getState(), "The state is null");

    String accessToken = response1.getAccessToken();

    // 3. Request user info
    UserInfoClient userInfoClient = new UserInfoClient(userInfoEndpoint);
    UserInfoResponse response3 = userInfoClient.execUserInfo(accessToken);

    showClient(userInfoClient);
    assertEquals(response3.getStatus(), 200, "Unexpected response code: " + response3.getStatus());
    assertNotNull(response3.getClaim(JwtClaimName.SUBJECT_IDENTIFIER));
    assertNotNull(response3.getClaim(JwtClaimName.NAME));
    assertNotNull(response3.getClaim(JwtClaimName.GIVEN_NAME));
    assertNotNull(response3.getClaim(JwtClaimName.FAMILY_NAME));
    assertNotNull(response3.getClaim(JwtClaimName.EMAIL));
    assertNotNull(response3.getClaim(JwtClaimName.ZONEINFO));
    assertNotNull(response3.getClaim(JwtClaimName.LOCALE));
}
 
Example 26
Source Project: oxAuth   Source File: UsesAsymmetricIdTokenSignatures.java    License: MIT License 4 votes vote down vote up
@Parameters({"redirectUris", "userId", "userSecret", "redirectUri", "sectorIdentifierUri"})
@Test
public void usesAsymmetricIdTokenSignaturesRS256(
        final String redirectUris, final String userId, final String userSecret, final String redirectUri,
        final String sectorIdentifierUri) throws Exception {
    showTitle("OC5:FeatureTest-Uses Asymmetric ID Token Signatures RS256");

    List<ResponseType> responseTypes = Arrays.asList(ResponseType.ID_TOKEN);

    // 1. Registration
    RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
            StringUtils.spaceSeparatedToList(redirectUris));
    registerRequest.setResponseTypes(responseTypes);
    registerRequest.setIdTokenSignedResponseAlg(SignatureAlgorithm.RS256);
    registerRequest.setSectorIdentifierUri(sectorIdentifierUri);

    RegisterClient registerClient = new RegisterClient(registrationEndpoint);
    registerClient.setRequest(registerRequest);
    RegisterResponse registerResponse = registerClient.exec();

    showClient(registerClient);
    assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
    assertNotNull(registerResponse.getClientId());
    assertNotNull(registerResponse.getClientSecret());
    assertNotNull(registerResponse.getRegistrationAccessToken());
    assertNotNull(registerResponse.getClientSecretExpiresAt());

    String clientId = registerResponse.getClientId();

    // 2. Request Authorization
    List<String> scopes = Arrays.asList("openid", "profile", "address", "email");
    String nonce = UUID.randomUUID().toString();
    String state = UUID.randomUUID().toString();

    AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce);
    authorizationRequest.setState(state);

    AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
            authorizationEndpoint, authorizationRequest, userId, userSecret);

    assertNotNull(authorizationResponse.getLocation());
    assertNotNull(authorizationResponse.getIdToken());
    assertNotNull(authorizationResponse.getState());

    String idToken = authorizationResponse.getIdToken();

    // 3. Validate id_token
    Jwt jwt = Jwt.parse(idToken);
    RSAPublicKey publicKey = JwkClient.getRSAPublicKey(
            jwksUri,
            jwt.getHeader().getClaimAsString(JwtHeaderName.KEY_ID));
    RSASigner rsaSigner = new RSASigner(SignatureAlgorithm.RS256, publicKey);
    assertTrue(rsaSigner.validate(jwt));
}
 
Example 27
Source Project: oxAuth   Source File: TokenRestWebServiceHttpTest.java    License: MIT License 4 votes vote down vote up
@Parameters({"userId", "userSecret", "redirectUris", "sectorIdentifierUri"})
@Test
public void requestAccessTokenPassword(
        final String userId, final String userSecret, final String redirectUris, final String sectorIdentifierUri) throws Exception {
    showTitle("requestAccessTokenPassword");

    List<ResponseType> responseTypes = new ArrayList<ResponseType>();
    List<GrantType> grantTypes = Arrays.asList(
            GrantType.RESOURCE_OWNER_PASSWORD_CREDENTIALS
    );

    // 1. Register client
    RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
            StringUtils.spaceSeparatedToList(redirectUris));
    registerRequest.setResponseTypes(responseTypes);
    registerRequest.setGrantTypes(grantTypes);
    registerRequest.setSectorIdentifierUri(sectorIdentifierUri);

    RegisterClient registerClient = new RegisterClient(registrationEndpoint);
    registerClient.setRequest(registerRequest);
    RegisterResponse registerResponse = registerClient.exec();

    showClient(registerClient);
    assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
    assertNotNull(registerResponse.getClientId());
    assertNotNull(registerResponse.getClientSecret());
    assertNotNull(registerResponse.getRegistrationAccessToken());
    assertNotNull(registerResponse.getClientIdIssuedAt());
    assertNotNull(registerResponse.getClientSecretExpiresAt());

    String clientId = registerResponse.getClientId();
    String clientSecret = registerResponse.getClientSecret();

    // 2. Request Resource Owner Credentials Grant
    String username = userId;
    String password = userSecret;

    TokenClient tokenClient = new TokenClient(tokenEndpoint);
    TokenResponse tokenResponse = tokenClient.execResourceOwnerPasswordCredentialsGrant(username, password, null,
            clientId, clientSecret);

    showClient(tokenClient);
    assertEquals(tokenResponse.getStatus(), 200, "Unexpected response code: " + tokenResponse.getStatus());
    assertNotNull(tokenResponse.getEntity(), "The entity is null");
    assertNotNull(tokenResponse.getAccessToken(), "The access token is null");
    assertNotNull(tokenResponse.getTokenType(), "The token type is null");
}
 
Example 28
Source Project: oxTrust   Source File: UpdateClientAction.java    License: MIT License 4 votes vote down vote up
public List<SelectableEntity<ResponseType>> getAvailableResponseTypes() {
    return this.availableResponseTypes;
}
 
Example 29
Source Project: oxTrust   Source File: UpdateClientAction.java    License: MIT License 4 votes vote down vote up
public List<ResponseType> getResponseTypes() {
    return responseTypes;
}
 
Example 30
Source Project: oxAuth   Source File: SupportRequestsContainingNonce.java    License: MIT License 4 votes vote down vote up
@Parameters({"userId", "userSecret", "redirectUri", "redirectUris", "sectorIdentifierUri"})
@Test
public void supportRequestsContainingNonce(
        final String userId, final String userSecret, final String redirectUri, final String redirectUris,
        final String sectorIdentifierUri) throws Exception {
    showTitle("OC5:FeatureTest-Support Requests Containing nonce");

    List<ResponseType> responseTypes = Arrays.asList(ResponseType.TOKEN, ResponseType.ID_TOKEN);

    // 1. Register client
    RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app",
            StringUtils.spaceSeparatedToList(redirectUris));
    registerRequest.setResponseTypes(responseTypes);
    registerRequest.setSectorIdentifierUri(sectorIdentifierUri);

    RegisterClient registerClient = new RegisterClient(registrationEndpoint);
    registerClient.setRequest(registerRequest);
    RegisterResponse registerResponse = registerClient.exec();

    showClient(registerClient);
    assertEquals(registerResponse.getStatus(), 200, "Unexpected response code: " + registerResponse.getEntity());
    assertNotNull(registerResponse.getClientId());
    assertNotNull(registerResponse.getClientSecret());
    assertNotNull(registerResponse.getRegistrationAccessToken());
    assertNotNull(registerResponse.getClientIdIssuedAt());
    assertNotNull(registerResponse.getClientSecretExpiresAt());

    String clientId = registerResponse.getClientId();
    String clientSecret = registerResponse.getClientSecret();

    // 2. Request authorization
    List<String> scopes = Arrays.asList("openid");
    String nonce = UUID.randomUUID().toString();
    String state = UUID.randomUUID().toString();

    AuthorizationRequest authorizationRequest = new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce);
    authorizationRequest.setState(state);

    AuthorizeClient authorizeClient = new AuthorizeClient(authorizationEndpoint);
    authorizeClient.setRequest(authorizationRequest);

    AuthorizationResponse authorizationResponse = authenticateResourceOwnerAndGrantAccess(
            authorizationEndpoint, authorizationRequest, userId, userSecret);

    assertNotNull(authorizationResponse.getLocation(), "The location is null");
    assertNotNull(authorizationResponse.getAccessToken(), "The accessToken is null");
    assertNotNull(authorizationResponse.getTokenType(), "The tokenType is null");
    assertNotNull(authorizationResponse.getIdToken(), "The idToken is null");
    assertNotNull(authorizationResponse.getState(), "The state is null");

    String idToken = authorizationResponse.getIdToken();

    // 3. Validate id_token
    Jwt jwt = Jwt.parse(idToken);
    assertNotNull(jwt.getHeader().getClaimAsString(JwtHeaderName.TYPE));
    assertNotNull(jwt.getHeader().getClaimAsString(JwtHeaderName.ALGORITHM));
    assertNotNull(jwt.getClaims().getClaimAsString(JwtClaimName.ISSUER));
    assertNotNull(jwt.getClaims().getClaimAsString(JwtClaimName.AUDIENCE));
    assertNotNull(jwt.getClaims().getClaimAsString(JwtClaimName.EXPIRATION_TIME));
    assertNotNull(jwt.getClaims().getClaimAsString(JwtClaimName.ISSUED_AT));
    assertNotNull(jwt.getClaims().getClaimAsString(JwtClaimName.SUBJECT_IDENTIFIER));
    assertNotNull(jwt.getClaims().getClaimAsString(JwtClaimName.ACCESS_TOKEN_HASH));
    assertNotNull(jwt.getClaims().getClaimAsString(JwtClaimName.AUTHENTICATION_TIME));
    assertEquals(nonce, jwt.getClaims().getClaimAsString(JwtClaimName.NONCE));

    RSAPublicKey publicKey = JwkClient.getRSAPublicKey(
            jwksUri,
            jwt.getHeader().getClaimAsString(JwtHeaderName.KEY_ID));
    RSASigner rsaSigner = new RSASigner(SignatureAlgorithm.RS256, publicKey);

    assertTrue(rsaSigner.validate(jwt));
}