[20/36] cxf git commit: Adding some OIDC Keys tests

reta Sun, 01 May 2016 12:36:41 -0700

Adding some OIDC Keys tests


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/210f068d
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/210f068d
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/210f068d

Branch: refs/heads/master-jaxrs-2.1
Commit: 210f068d5331c3eb7ec83022088b54a5ac53ec55
Parents: c65c7b5
Author: Colm O hEigeartaigh <[email protected]>
Authored: Thu Apr 28 12:31:11 2016 +0100
Committer: Colm O hEigeartaigh <[email protected]>
Committed: Thu Apr 28 12:31:11 2016 +0100

----------------------------------------------------------------------
 .../security/oauth2/common/OAuth2TestUtils.java |  5 +-
 .../jaxrs/security/oidc/OIDCFlowTest.java       | 62 ++++++++++++++++++++
 .../systest/jaxrs/security/oidc/oidc-server.xml |  1 +
 3 files changed, 66 insertions(+), 2 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/210f068d/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/common/OAuth2TestUtils.java
----------------------------------------------------------------------
diff --git 
a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/common/OAuth2TestUtils.java
 
b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/common/OAuth2TestUtils.java
index 073c0df..eb325df 100644
--- 
a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/common/OAuth2TestUtils.java
+++ 
b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/common/OAuth2TestUtils.java
@@ -30,6 +30,7 @@ import javax.ws.rs.core.Response;
 
 import org.apache.cxf.jaxrs.client.WebClient;
 import org.apache.cxf.jaxrs.provider.json.JSONProvider;
+import org.apache.cxf.rs.security.jose.jaxrs.JsonWebKeysProvider;
 import org.apache.cxf.rs.security.jose.jwa.SignatureAlgorithm;
 import org.apache.cxf.rs.security.jose.jws.JwsHeaders;
 import org.apache.cxf.rs.security.jose.jws.JwsJwtCompactProducer;
@@ -162,8 +163,8 @@ public final class OAuth2TestUtils {
         
jsonP.setNamespaceMap(Collections.singletonMap("http://org.apache.cxf.rs.security.oauth";,
                                                        "ns2"));
         providers.add(jsonP);
-        OAuthJSONProvider oauthProvider = new OAuthJSONProvider();
-        providers.add(oauthProvider);
+        providers.add(new OAuthJSONProvider());
+        providers.add(new JsonWebKeysProvider());
         
         return providers;
     }

http://git-wip-us.apache.org/repos/asf/cxf/blob/210f068d/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oidc/OIDCFlowTest.java
----------------------------------------------------------------------
diff --git 
a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oidc/OIDCFlowTest.java
 
b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oidc/OIDCFlowTest.java
index 9ccd19d..168a5a1 100644
--- 
a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oidc/OIDCFlowTest.java
+++ 
b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oidc/OIDCFlowTest.java
@@ -34,6 +34,7 @@ import javax.ws.rs.core.Response;
 
 import org.apache.cxf.jaxrs.client.WebClient;
 import org.apache.cxf.rs.security.jose.jwa.SignatureAlgorithm;
+import org.apache.cxf.rs.security.jose.jwk.JsonWebKeys;
 import org.apache.cxf.rs.security.jose.jws.JwsHeaders;
 import org.apache.cxf.rs.security.jose.jws.JwsJwtCompactConsumer;
 import org.apache.cxf.rs.security.jose.jws.JwsJwtCompactProducer;
@@ -562,6 +563,67 @@ public class OIDCFlowTest extends 
AbstractBusClientServerTestBase {
         assertNotNull(code);
     }
     
+    @org.junit.Test
+    public void testGetKeys() throws Exception {
+        URL busFile = OIDCFlowTest.class.getResource("client.xml");
+        
+        String address = "https://localhost:"; + PORT + "/services/";
+        WebClient client = WebClient.create(address, 
OAuth2TestUtils.setupProviders(), 
+                                            "alice", "security", 
busFile.toString());
+        client.accept("application/json");
+        
+        client.path("keys/");
+        Response response = client.get();
+        JsonWebKeys jsonWebKeys = response.readEntity(JsonWebKeys.class);
+        
+        assertEquals(1, jsonWebKeys.getKeys().size());
+    }
+    
+    @org.junit.Test
+    public void testAuthorizationCodeFlowWithKey() throws Exception {
+        URL busFile = OIDCFlowTest.class.getResource("client.xml");
+        
+        String address = "https://localhost:"; + PORT + "/services/";
+        WebClient client = WebClient.create(address, 
OAuth2TestUtils.setupProviders(), 
+                                            "alice", "security", 
busFile.toString());
+        // Save the Cookie for the second request...
+        WebClient.getConfig(client).getRequestContext().put(
+            org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
+        
+        // Get Authorization Code
+        String code = OAuth2TestUtils.getAuthorizationCode(client, "openid");
+        assertNotNull(code);
+        
+        // Now get the access token
+        client = WebClient.create(address, OAuth2TestUtils.setupProviders(), 
+                                  "consumer-id", "this-is-a-secret", 
busFile.toString());
+        // Save the Cookie for the second request...
+        WebClient.getConfig(client).getRequestContext().put(
+            org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
+        
+        ClientAccessToken accessToken = 
+            OAuth2TestUtils.getAccessTokenWithAuthorizationCode(client, code);
+        assertNotNull(accessToken.getTokenKey());
+        assertTrue(accessToken.getApprovedScope().contains("openid"));
+        
+        String idToken = accessToken.getParameters().get("id_token");
+        assertNotNull(idToken);
+        
+        JwsJwtCompactConsumer jwtConsumer = new JwsJwtCompactConsumer(idToken);
+        
+        // Now get the key to validate the token
+        client = WebClient.create(address, OAuth2TestUtils.setupProviders(), 
+                                  "alice", "security", busFile.toString());
+        client.accept("application/json");
+        
+        client.path("keys/");
+        Response response = client.get();
+        JsonWebKeys jsonWebKeys = response.readEntity(JsonWebKeys.class);
+        
+        
Assert.assertTrue(jwtConsumer.verifySignatureWith(jsonWebKeys.getKeys().get(0),
+                                                          
SignatureAlgorithm.RS256));
+    }
+    
     private void validateIdToken(String idToken, String nonce) 
         throws KeyStoreException, NoSuchAlgorithmException, 
CertificateException, IOException {
         JwsJwtCompactConsumer jwtConsumer = new JwsJwtCompactConsumer(idToken);

http://git-wip-us.apache.org/repos/asf/cxf/blob/210f068d/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/oidc/oidc-server.xml
----------------------------------------------------------------------
diff --git 
a/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/oidc/oidc-server.xml
 
b/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/oidc/oidc-server.xml
index 988910e..93873df 100644
--- 
a/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/oidc/oidc-server.xml
+++ 
b/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/oidc/oidc-server.xml
@@ -122,6 +122,7 @@ under the License.
        </jaxrs:serviceBeans>
        <jaxrs:providers>
            <ref bean="basicAuthFilter"/>
+           <bean 
class="org.apache.cxf.rs.security.jose.jaxrs.JsonWebKeysProvider"/>
        </jaxrs:providers>
        <jaxrs:properties>
            <entry key="rs.security.keystore.type" value="jks" />

[20/36] cxf git commit: Adding some OIDC Keys tests

Reply via email to