Repository: cxf-fediz Updated Branches: refs/heads/master 84e7f6edc -> 84adf90ab
Adding token hint test Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/84adf90a Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/84adf90a Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/84adf90a Branch: refs/heads/master Commit: 84adf90ab8c7d3e3cb000c01efd22e178dd8b8af Parents: 84e7f6e Author: Colm O hEigeartaigh <[email protected]> Authored: Tue Jun 6 17:26:10 2017 +0100 Committer: Colm O hEigeartaigh <[email protected]> Committed: Tue Jun 6 17:26:10 2017 +0100 ---------------------------------------------------------------------- .../cxf/fediz/systests/oidc/OIDCTest.java | 60 ++++++++++++++++++++ 1 file changed, 60 insertions(+) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/84adf90a/systests/oidc/src/test/java/org/apache/cxf/fediz/systests/oidc/OIDCTest.java ---------------------------------------------------------------------- diff --git a/systests/oidc/src/test/java/org/apache/cxf/fediz/systests/oidc/OIDCTest.java b/systests/oidc/src/test/java/org/apache/cxf/fediz/systests/oidc/OIDCTest.java index 216e1ec..d7dceb0 100644 --- a/systests/oidc/src/test/java/org/apache/cxf/fediz/systests/oidc/OIDCTest.java +++ b/systests/oidc/src/test/java/org/apache/cxf/fediz/systests/oidc/OIDCTest.java @@ -794,6 +794,66 @@ public class OIDCTest { webClient.close(); } + @org.junit.Test + public void testLogoutViaTokenHint() throws Exception { + // 1. Log in + String url = "https://localhost:"; + getRpHttpsPort() + "/fediz-oidc/idp/authorize?"; + url += "client_id=" + storedClientId; + url += "&response_type=code"; + url += "&scope=openid"; + String user = "alice"; + String password = "ecila"; + + // Login to the OIDC token endpoint + get the authorization code + WebClient webClient = setupWebClient(user, password, getIdpHttpsPort()); + String authorizationCode = loginAndGetAuthorizationCode(url, webClient); + Assert.assertNotNull(authorizationCode); + webClient.getCredentialsProvider().clear(); + + // Now use the code to get an IdToken + WebClient webClient2 = setupWebClient(user, password, getIdpHttpsPort()); + String tokenUrl = "https://localhost:"; + getRpHttpsPort() + "/fediz-oidc/oauth2/token"; + WebRequest request = new WebRequest(new URL(tokenUrl), HttpMethod.POST); + + request.setRequestParameters(new ArrayList<NameValuePair>()); + request.getRequestParameters().add(new NameValuePair("client_id", storedClientId)); + request.getRequestParameters().add(new NameValuePair("grant_type", "authorization_code")); + request.getRequestParameters().add(new NameValuePair("code", authorizationCode)); + + webClient2.getOptions().setJavaScriptEnabled(false); + final UnexpectedPage responsePage = webClient2.getPage(request); + String response = responsePage.getWebResponse().getContentAsString(); + + // Check the IdToken + String idToken = getIdToken(response); + Assert.assertNotNull(idToken); + validateIdToken(idToken, storedClientId); + + webClient2.close(); + + // 2. Log out using the token hint + String logoutUrl = "https://localhost:"; + getRpHttpsPort() + "/fediz-oidc/idp/logout?"; + logoutUrl += "id_token_hint=" + idToken; + + webClient.getOptions().setJavaScriptEnabled(false); + try { + webClient.getPage(logoutUrl); + } catch (Exception ex) { + Assert.assertTrue(ex.getMessage().contains("Connect to localhost:12345")); + } + + // 3. Get another authorization code without username/password. This should fail as we have + // logged out + try { + loginAndGetAuthorizationCode(url, webClient); + Assert.fail("Failure expected after logout"); + } catch (Exception ex) { + Assert.assertTrue(ex.getMessage().contains("401")); + } + + webClient.close(); + } + // Test that the form has the correct CSRF token in it when creating a client @org.junit.Test public void testCSRFClientRegistration() throws Exception {
