You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2017/06/06 16:26:18 UTC
cxf-fediz git commit: Adding token hint test
Repository: cxf-fediz
Updated Branches:
refs/heads/master 84e7f6edc -> 84adf90ab
Adding token hint test
Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/84adf90a
Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/84adf90a
Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/84adf90a
Branch: refs/heads/master
Commit: 84adf90ab8c7d3e3cb000c01efd22e178dd8b8af
Parents: 84e7f6e
Author: Colm O hEigeartaigh <co...@apache.org>
Authored: Tue Jun 6 17:26:10 2017 +0100
Committer: Colm O hEigeartaigh <co...@apache.org>
Committed: Tue Jun 6 17:26:10 2017 +0100
----------------------------------------------------------------------
.../cxf/fediz/systests/oidc/OIDCTest.java | 60 ++++++++++++++++++++
1 file changed, 60 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/84adf90a/systests/oidc/src/test/java/org/apache/cxf/fediz/systests/oidc/OIDCTest.java
----------------------------------------------------------------------
diff --git a/systests/oidc/src/test/java/org/apache/cxf/fediz/systests/oidc/OIDCTest.java b/systests/oidc/src/test/java/org/apache/cxf/fediz/systests/oidc/OIDCTest.java
index 216e1ec..d7dceb0 100644
--- a/systests/oidc/src/test/java/org/apache/cxf/fediz/systests/oidc/OIDCTest.java
+++ b/systests/oidc/src/test/java/org/apache/cxf/fediz/systests/oidc/OIDCTest.java
@@ -794,6 +794,66 @@ public class OIDCTest {
webClient.close();
}
+ @org.junit.Test
+ public void testLogoutViaTokenHint() throws Exception {
+ // 1. Log in
+ String url = "https://localhost:" + getRpHttpsPort() + "/fediz-oidc/idp/authorize?";
+ url += "client_id=" + storedClientId;
+ url += "&response_type=code";
+ url += "&scope=openid";
+ String user = "alice";
+ String password = "ecila";
+
+ // Login to the OIDC token endpoint + get the authorization code
+ WebClient webClient = setupWebClient(user, password, getIdpHttpsPort());
+ String authorizationCode = loginAndGetAuthorizationCode(url, webClient);
+ Assert.assertNotNull(authorizationCode);
+ webClient.getCredentialsProvider().clear();
+
+ // Now use the code to get an IdToken
+ WebClient webClient2 = setupWebClient(user, password, getIdpHttpsPort());
+ String tokenUrl = "https://localhost:" + getRpHttpsPort() + "/fediz-oidc/oauth2/token";
+ WebRequest request = new WebRequest(new URL(tokenUrl), HttpMethod.POST);
+
+ request.setRequestParameters(new ArrayList<NameValuePair>());
+ request.getRequestParameters().add(new NameValuePair("client_id", storedClientId));
+ request.getRequestParameters().add(new NameValuePair("grant_type", "authorization_code"));
+ request.getRequestParameters().add(new NameValuePair("code", authorizationCode));
+
+ webClient2.getOptions().setJavaScriptEnabled(false);
+ final UnexpectedPage responsePage = webClient2.getPage(request);
+ String response = responsePage.getWebResponse().getContentAsString();
+
+ // Check the IdToken
+ String idToken = getIdToken(response);
+ Assert.assertNotNull(idToken);
+ validateIdToken(idToken, storedClientId);
+
+ webClient2.close();
+
+ // 2. Log out using the token hint
+ String logoutUrl = "https://localhost:" + getRpHttpsPort() + "/fediz-oidc/idp/logout?";
+ logoutUrl += "id_token_hint=" + idToken;
+
+ webClient.getOptions().setJavaScriptEnabled(false);
+ try {
+ webClient.getPage(logoutUrl);
+ } catch (Exception ex) {
+ Assert.assertTrue(ex.getMessage().contains("Connect to localhost:12345"));
+ }
+
+ // 3. Get another authorization code without username/password. This should fail as we have
+ // logged out
+ try {
+ loginAndGetAuthorizationCode(url, webClient);
+ Assert.fail("Failure expected after logout");
+ } catch (Exception ex) {
+ Assert.assertTrue(ex.getMessage().contains("401"));
+ }
+
+ webClient.close();
+ }
+
// Test that the form has the correct CSRF token in it when creating a client
@org.junit.Test
public void testCSRFClientRegistration() throws Exception {