OC5:FTR-op-code-2nd-revokes-x-Gluu OX

From OSIS Open Source Identity Systems
Jump to: navigation, search

{{#vardefine:DtArticleSortKey|}}

FTR-op-code-2nd-revokes-x-Gluu OX

{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|FTR-op-code-2nd-revokes-x-Gluu OX}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:FTR-op-code-2nd-revokes-x-Gluu OX|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||

{{#ifeq:no|no||
{{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}}    list help  [[Special:Call/DT Article copy,cat=OC5 Result,from={{#var:page}},namespace=OC5|copy]]  [[Special:Call/DT Articles list XML,type=OC5 Result,title={{#var:page}},namespace=OC5|as XML]]  edit
}}
{{#if:|Feature Test Result |Feature Test Result }}   FTR-op-code-2nd-revokes-x-Gluu OX
Test Identifier   bgcolor={{{color}}}}}|FTR-op-code-2nd-revokes
Primary Solution   bgcolor={{{color}}}}}|Gluu OX
Test   bgcolor={{{color}}}}}|{{#dpl:|category = FeatureTest|namespace = OC5|include={FeatureTest}:identifier |includematchparsed=/identifier\s*=\s*FTR-op-code-2nd-revokes/s| noresultsheader= no matching test found.\n

}}

Date Tested   bgcolor={{{color}}}}}|29 August 2013
Tested by   bgcolor={{{color}}}}}|Javier Rojas Blum
Outcome   bgcolor={{{color}}}}}|Works
Solutions Involved   bgcolor={{{color}}}}}|{{#if: Gluu_OX | OC5:Gluu_OX | }} {{#if: | [[OC5:]] | }}  
  bgcolor={{{color}}}}}|{{#if: | [[OC5:]] |   }}
Operating System   bgcolor={{{color}}}}}|Fedora 18 x86_64
Browser   bgcolor={{{color}}}}}|Firefox 22.0
Notes   bgcolor={{{color}}}}}|https://svn.gluu.info/repository/openxdi/oxAuth/Client/src/test/java/org/xdi/oxauth/interop/SecondUseOfAccessCodeRevokesPreviouslyIssuedAccessToken.java
#######################################################
TEST: OC5:FeatureTest-Second Use of Access Code Revokes Previously Issued Access Token
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/seam/resource/restv1/oxauth/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: seed.gluu.org

{
    "redirect_uris": [
        "https://seed.gluu.org/oxauth-rp/home.seam",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Content-Type: application/json
Cache-Control: no-store
Pragma: no-cache

{
    "client_id": "@!1111!0008!0A4E.FCB3",
    "client_secret": "83725073-630e-42e5-9fab-8ae8a501deb7",
    "registration_access_token": "747895fe-e58f-4fbb-ba74-b9a8acd7cf35",
    "registration_client_uri": "https://seed.gluu.org/oxauth/seam/resource/restv1/oxauth/register?client_id=@!1111!0008!0A4E.FCB3",
    "client_id_issued_at": 1377817316,
    "client_secret_expires_at": 1377903716,
    "redirect_uris": [
        "https://seed.gluu.org/oxauth-rp/home.seam",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "token_endpoint_auth_method": "client_secret_basic",
    "subject_type": "public",
    "id_token_signed_response_alg": "RS256",
    "require_auth_time": false,
    "request_uris": [],
    "scopes": [
        "openid",
        "address",
        "profile",
        "phone",
        "email"
    ]
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://seed.gluu.org/oxauth/seam/resource/restv1/oxauth/authorize?response_type=code+id_token&client_id=%40%211111%210008%210A4E.FCB3&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fseed.gluu.org%2Foxauth-rp%2Fhome.seam&state=af0ifjsldkj

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://seed.gluu.org/oxauth-rp/home.seam#code=783e40e9-6dc1-4c94-9550-827908fc3c08&id_token=eyJ0eXAiOiJKV1MiLCJhbGciOiJSUzI1NiIsImprdSI6Imh0dHBzOi8vc2VlZC5nbHV1Lm9yZy9veGF1dGgvc2VhbS9yZXNvdXJjZS9yZXN0djEvb3hhdXRoL2p3a3MiLCJraWQiOiIxIn0.eyJpc3MiOiJodHRwczovL3NlZWQuZ2x1dS5vcmciLCJhdWQiOiJAITExMTEhMDAwOCEwQTRFLkZDQjMiLCJleHAiOjEzNzc4MjA5MjYsImlhdCI6MTM3NzgxNzMyNiwic3ViIjoibWlrZSIsIm94SW51bSI6IkAhMTExMSEwMDAwIUQ0RTciLCJhdXRoX3RpbWUiOjEzNzc4MTczMjIsImNfaGFzaCI6InFTckFGdlZLdkxpWHpqbGxyLXhUSFEiLCJveFZhbGlkYXRpb25VUkkiOiJodHRwczovL3NlZWQuZ2x1dS5vcmcvb3hhdXRoL3NlYW0vcmVzb3VyY2UvcmVzdHYxL294YXV0aC9jaGVja19zZXNzaW9uIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwicmVnaW9uIjoiVGV4YXMiLCJwaWN0dXJlIjoiaHR0cDovL3d3dy5nbHV1Lm9yZy93cC1jb250ZW50L3VwbG9hZHMvMjAxMi8wNC9taWtlMy5wbmciLCJ6b25laW5mbyI6IkFtZXJpY2EvQ2hpY2FnbyIsImVtYWlsIjoibWlrZUBnbHV1Lm9yZyIsImxvY2FsZSI6ImVuLXVzIiwibmFtZSI6Ik1pY2hlYWwgU2Nod2FydHoiLCJsb2NhbGl0eSI6IkF1c3RpbiIsImZhbWlseV9uYW1lIjoiU2Nod2FydHoiLCJzdHJlZXRfYWRkcmVzcyI6IjYyMSBFYXN0IDZ0aCBTdHJlZXQiLCJnaXZlbl9uYW1lIjoiTWljaGFlbCIsImNvdW50cnkiOiJVUyJ9.NxLnuVx1IMxcuQ_3o_SEdrdFXygOBIW5t20_oTmZMTmcYg2RQQR-9NdbyG0ccwwN4oWxpKcjdlFx1ZWtfH3IFbFnC-V5pwEGth0kzNYtGoDIFyCkvloQRTV_RcbSacnQSOzpQFzMIx2Mx6ltQw934i6qRTUsl7Q1YeA8W4XgQWmdyha45sj8Tp8A2MNNs491fa4GWCJ0wIs_saVnaTgus673CoGVAM2B-XhE-LWaWTzn5eC6qPNkhjaRbmUi3fXeoUE7vvEzrpaS054yj02Jwstcp9bLfqOkeNkveywsoadUv9RB8V0XZxsiYtPt3XS6LZ1zTLDWvUZxL0cE6cDawg&auth_level=10&auth_mode=basic&session_id=5fc938ed-f7f4-4b9a-85e1-3a558879ba32&state=af0ifjsldkj&scope=openid+profile+address+email

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/seam/resource/restv1/oxauth/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: seed.gluu.org
Authorization: Basic QCExMTExITAwMDghMEE0RS5GQ0IzOjgzNzI1MDczLTYzMGUtNDJlNS05ZmFiLThhZThhNTAxZGViNw==

grant_type=authorization_code&code=783e40e9-6dc1-4c94-9550-827908fc3c08&redirect_uri=https%3A%2F%2Fseed.gluu.org%2Foxauth-rp%2Fhome.seam

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Content-Type: application/json
Cache-Control: no-store
Pragma: no-cache

{"access_token":"414b5bd1-ee04-4b8f-9db4-a6be8d16d44b","token_type":"bearer","expires_in":3599,"refresh_token":"9996cbe4-78db-4f4b-b6f2-bef548a1620e","id_token":"eyJ0eXAiOiJKV1MiLCJhbGciOiJSUzI1NiIsImprdSI6Imh0dHBzOi8vc2VlZC5nbHV1Lm9yZy9veGF1dGgvc2VhbS9yZXNvdXJjZS9yZXN0djEvb3hhdXRoL2p3a3MiLCJraWQiOiIxIn0.eyJpc3MiOiJodHRwczovL3NlZWQuZ2x1dS5vcmciLCJhdWQiOiJAITExMTEhMDAwOCEwQTRFLkZDQjMiLCJleHAiOjEzNzc4MjA5MzAsImlhdCI6MTM3NzgxNzMzMCwic3ViIjoibWlrZSIsIm94SW51bSI6IkAhMTExMSEwMDAwIUQ0RTciLCJveFZhbGlkYXRpb25VUkkiOiJodHRwczovL3NlZWQuZ2x1dS5vcmcvb3hhdXRoL3NlYW0vcmVzb3VyY2UvcmVzdHYxL294YXV0aC9jaGVja19zZXNzaW9uIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIn0.FgX4sHp70Cs7ZZgAniJrZB9MrzSTqhyDN2fvbRB2qzwMQ0aBx4v8GPa1Y9bGR8t3sCB-lAhIekj-4eApBxk3A5Wl5h5i47dQM9CObowAZGSGTgSzEHqjYAj_PudWFVQdGIWEAeD4AOX4iy3PNZ6qEjrKyPQXk5bir_jR8q4HVrql13YGxr1M3qk0idO-RDOCGsLrixDBKZ5JQWLSczjtXiyiVgLMUaiPYDdlC_WxA-yhmX9IuSq3KTyzfsnf5PGmYBClRWfCXA0eGJMd4r-1pX02jYuhjPzb7FNOeDhStLdsZYqKCX-MDSExWdyjXGGZmmTHXo3Di8o9EVG0WuqYRw"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/seam/resource/restv1/oxauth/userinfo HTTP/1.1
Host: seed.gluu.org
Authorization: Bearer 414b5bd1-ee04-4b8f-9db4-a6be8d16d44b

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Content-Type: application/json
Cache-Control: no-store, private
Pragma: no-cache

{
    "sub": "mike",
    "name": "Micheal Schwartz",
    "given_name": "Michael",
    "family_name": "Schwartz",
    "locale": "en-us",
    "zoneinfo": "America/Chicago",
    "picture": "http://www.gluu.org/wp-content/uploads/2012/04/mike3.png",
    "street_address": "621 East 6th Street",
    "locality": "Austin",
    "country": "US",
    "region": "Texas",
    "email": "mike@gluu.org"
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/seam/resource/restv1/oxauth/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: seed.gluu.org
Authorization: Basic QCExMTExITAwMDghMEE0RS5GQ0IzOjgzNzI1MDczLTYzMGUtNDJlNS05ZmFiLThhZThhNTAxZGViNw==

grant_type=authorization_code&code=783e40e9-6dc1-4c94-9550-827908fc3c08&redirect_uri=https%3A%2F%2Fseed.gluu.org%2Foxauth-rp%2Fhome.seam

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 400
Content-Type: application/json
Cache-Control: no-store
Pragma: no-cache

{"error":"invalid_grant","error_description":"The provided authorization grant is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client."}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/seam/resource/restv1/oxauth/userinfo HTTP/1.1
Host: seed.gluu.org
Authorization: Bearer 414b5bd1-ee04-4b8f-9db4-a6be8d16d44b

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 400
Content-Type: */*

{"error":"invalid_token","error_description":"The access token provided is expired, revoked, malformed, or invalid for other reasons. Try to request a new access token and retry the protected resource."}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/seam/resource/restv1/oxauth/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: seed.gluu.org
Authorization: Basic QCExMTExITAwMDghMEE0RS5GQ0IzOjgzNzI1MDczLTYzMGUtNDJlNS05ZmFiLThhZThhNTAxZGViNw==

grant_type=refresh_token&scope=openid+profile+address+email&refresh_token=9996cbe4-78db-4f4b-b6f2-bef548a1620e

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 401
Content-Type: application/json
Cache-Control: no-store
Pragma: no-cache

{"error":"invalid_grant","error_description":"The provided authorization grant is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client."}


===============================================
Custom suite
Total tests run: 1, Failures: 0, Skips: 0
===============================================

Back To

{{#dpl: namespace = OC5 | linksto = OC5:FTR-op-code-2nd-revokes-x-Gluu OX }}