Adding revocation method into OAuthClient (#32260)
Signed-off-by: wojnarfilip <fwojnar@redhat.com> Co-authored-by: wojnarfilip <fwojnar@redhat.com>
This commit is contained in:
parent
c539a15ee5
commit
3b978c5a13
2 changed files with 27 additions and 0 deletions
|
@ -4,6 +4,7 @@ import com.nimbusds.oauth2.sdk.AuthorizationResponse;
|
|||
import com.nimbusds.oauth2.sdk.TokenIntrospectionResponse;
|
||||
import com.nimbusds.oauth2.sdk.TokenResponse;
|
||||
import com.nimbusds.oauth2.sdk.token.AccessToken;
|
||||
import jakarta.ws.rs.core.Response;
|
||||
import org.junit.jupiter.api.Assertions;
|
||||
import org.junit.jupiter.api.Test;
|
||||
import org.keycloak.representations.idm.UserRepresentation;
|
||||
|
@ -72,6 +73,24 @@ public class OAuthClientTest {
|
|||
Assertions.assertNotNull(tokenResponse.toSuccessResponse().getTokens().getAccessToken());
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testAccessTokenRevocation() throws Exception {
|
||||
TokenResponse tokenResponse = oAuthClient.clientCredentialGrant();
|
||||
Assertions.assertTrue(tokenResponse.indicatesSuccess());
|
||||
Assertions.assertNotNull(tokenResponse.toSuccessResponse().getTokens().getAccessToken());
|
||||
|
||||
AccessToken accessToken = tokenResponse.toSuccessResponse().getTokens().getAccessToken();
|
||||
TokenIntrospectionResponse introspectionResponse = oAuthClient.introspection(accessToken);
|
||||
Assertions.assertTrue(introspectionResponse.indicatesSuccess());
|
||||
Assertions.assertNotNull(introspectionResponse.toSuccessResponse().getScope());
|
||||
|
||||
Assertions.assertEquals(Response.Status.OK.getStatusCode(), oAuthClient.revokeAccessToken(accessToken).getStatusCode());
|
||||
|
||||
introspectionResponse = oAuthClient.introspection(accessToken);
|
||||
Assertions.assertTrue(introspectionResponse.indicatesSuccess());
|
||||
Assertions.assertNull(introspectionResponse.toSuccessResponse().getScope());
|
||||
}
|
||||
|
||||
public static class UserConfig implements org.keycloak.test.framework.realm.UserConfig {
|
||||
|
||||
@Override
|
||||
|
|
|
@ -11,9 +11,11 @@ import com.nimbusds.oauth2.sdk.TokenIntrospectionRequest;
|
|||
import com.nimbusds.oauth2.sdk.TokenIntrospectionResponse;
|
||||
import com.nimbusds.oauth2.sdk.TokenRequest;
|
||||
import com.nimbusds.oauth2.sdk.TokenResponse;
|
||||
import com.nimbusds.oauth2.sdk.TokenRevocationRequest;
|
||||
import com.nimbusds.oauth2.sdk.auth.ClientAuthentication;
|
||||
import com.nimbusds.oauth2.sdk.auth.ClientSecretBasic;
|
||||
import com.nimbusds.oauth2.sdk.auth.Secret;
|
||||
import com.nimbusds.oauth2.sdk.http.HTTPResponse;
|
||||
import com.nimbusds.oauth2.sdk.id.ClientID;
|
||||
import com.nimbusds.oauth2.sdk.id.Issuer;
|
||||
import com.nimbusds.oauth2.sdk.id.State;
|
||||
|
@ -79,6 +81,12 @@ public class OAuthClient {
|
|||
return TokenIntrospectionResponse.parse(introspectionRequest.toHTTPRequest().send());
|
||||
}
|
||||
|
||||
public HTTPResponse revokeAccessToken(AccessToken token) throws GeneralException, IOException {
|
||||
URI revocationEndpoint = getOIDCProviderMetadata().getRevocationEndpointURI();
|
||||
TokenRevocationRequest revocationRequest = new TokenRevocationRequest(revocationEndpoint, getClientAuthentication(), token);
|
||||
return revocationRequest.toHTTPRequest().send();
|
||||
}
|
||||
|
||||
public URL authorizationRequest() throws IOException, GeneralException {
|
||||
URI authorizationEndpoint = getOIDCProviderMetadata().getAuthorizationEndpointURI();
|
||||
State state = new State();
|
||||
|
|
Loading…
Reference in a new issue