From cb14b1043688edd7c869a3443f43d367223d3f54 Mon Sep 17 00:00:00 2001 From: tanya-sinha_atko Date: Thu, 26 Sep 2024 19:42:10 +0530 Subject: [PATCH] added support for HRI phase 2 changes --- .../com/auth0/json/mgmt/client/Client.java | 17 ++++++ .../resourceserver/ProofOfPossession.java | 54 +++++++++++++++++++ .../mgmt/resourceserver/ResourceServer.java | 17 ++++++ .../auth0/json/mgmt/ResourceServerTest.java | 7 +++ .../auth0/json/mgmt/client/ClientTest.java | 5 ++ src/test/resources/mgmt/client.json | 3 +- src/test/resources/mgmt/resource_server.json | 4 ++ 7 files changed, 106 insertions(+), 1 deletion(-) create mode 100644 src/main/java/com/auth0/json/mgmt/resourceserver/ProofOfPossession.java diff --git a/src/main/java/com/auth0/json/mgmt/client/Client.java b/src/main/java/com/auth0/json/mgmt/client/Client.java index 5fa11169..99ffeefa 100644 --- a/src/main/java/com/auth0/json/mgmt/client/Client.java +++ b/src/main/java/com/auth0/json/mgmt/client/Client.java @@ -100,6 +100,8 @@ public class Client { private SignedRequest signedRequest; @JsonProperty("compliance_level") private String complianceLevel; + @JsonProperty("require_proof_of_possession") + private Boolean requireProofOfPossession; /** * Getter for the name of the tenant this client belongs to. @@ -872,5 +874,20 @@ public String getComplianceLevel() { public void setComplianceLevel(String complianceLevel) { this.complianceLevel = complianceLevel; } + + /** + * @return the value of the {@code require_proof_of_possession} field + */ + public Boolean getRequireProofOfPossession() { + return requireProofOfPossession; + } + + /** + * Sets the value of the {@code require_proof_of_possession} field + * @param requireProofOfPossession the value of the {@code require_proof_of_possession} field + */ + public void setRequireProofOfPossession(Boolean requireProofOfPossession) { + this.requireProofOfPossession = requireProofOfPossession; + } } diff --git a/src/main/java/com/auth0/json/mgmt/resourceserver/ProofOfPossession.java b/src/main/java/com/auth0/json/mgmt/resourceserver/ProofOfPossession.java new file mode 100644 index 00000000..5c7be6eb --- /dev/null +++ b/src/main/java/com/auth0/json/mgmt/resourceserver/ProofOfPossession.java @@ -0,0 +1,54 @@ +package com.auth0.json.mgmt.resourceserver; + +import com.fasterxml.jackson.annotation.JsonCreator; +import com.fasterxml.jackson.annotation.JsonIgnoreProperties; +import com.fasterxml.jackson.annotation.JsonInclude; +import com.fasterxml.jackson.annotation.JsonProperty; + +@JsonIgnoreProperties(ignoreUnknown = true) +@JsonInclude(JsonInclude.Include.NON_NULL) +public class ProofOfPossession { + + @JsonProperty("mechanism") + private String mechanism; + @JsonProperty("required") + private Boolean required; + + @JsonCreator + public ProofOfPossession(@JsonProperty("mechanism") String mechanism, @JsonProperty("required") Boolean required) { + this.mechanism = mechanism; + this.required = required; + } + + /** + * Getter for the mechanism of the Proof of Possession. + * @return the mechanism of the Proof of Possession. + */ + public String getMechanism() { + return mechanism; + } + + /** + * Setter for the mechanism of the Proof of Possession. + * @param mechanism the mechanism of the Proof of Possession. + */ + public void setMechanism(String mechanism) { + this.mechanism = mechanism; + } + + /** + * Getter for the required flag of the Proof of Possession. + * @return the required flag of the Proof of Possession. + */ + public Boolean getRequired() { + return required; + } + + /** + * Setter for the required flag of the Proof of Possession. + * @param required the required flag of the Proof of Possession. + */ + public void setRequired(Boolean required) { + this.required = required; + } +} diff --git a/src/main/java/com/auth0/json/mgmt/resourceserver/ResourceServer.java b/src/main/java/com/auth0/json/mgmt/resourceserver/ResourceServer.java index 6161eb3e..0c80f5c0 100644 --- a/src/main/java/com/auth0/json/mgmt/resourceserver/ResourceServer.java +++ b/src/main/java/com/auth0/json/mgmt/resourceserver/ResourceServer.java @@ -45,6 +45,8 @@ public class ResourceServer { private List authorizationDetails; @JsonProperty("token_encryption") private TokenEncryption tokenEncryption; + @JsonProperty("proof_of_possession") + private ProofOfPossession proofOfPossession; @JsonCreator public ResourceServer(@JsonProperty("identifier") String identifier) { @@ -228,4 +230,19 @@ public TokenEncryption getTokenEncryption() { public void setTokenEncryption(TokenEncryption tokenEncryption) { this.tokenEncryption = tokenEncryption; } + + /** + * @return the value of the {@code proof_of_possession} field. + */ + public ProofOfPossession getProofOfPossession() { + return proofOfPossession; + } + + /** + * Sets the value of the {@code proof_of_possession} field. + * @param proofOfPossession the value of the {@code proof_of_possession} field. + */ + public void setProofOfPossession(ProofOfPossession proofOfPossession) { + this.proofOfPossession = proofOfPossession; + } } diff --git a/src/test/java/com/auth0/json/mgmt/ResourceServerTest.java b/src/test/java/com/auth0/json/mgmt/ResourceServerTest.java index 66e52359..a5e6bd04 100644 --- a/src/test/java/com/auth0/json/mgmt/ResourceServerTest.java +++ b/src/test/java/com/auth0/json/mgmt/ResourceServerTest.java @@ -1,5 +1,6 @@ package com.auth0.json.mgmt; +import com.auth0.json.JsonMatcher; import com.auth0.json.JsonTest; import com.auth0.json.mgmt.resourceserver.*; import org.junit.jupiter.api.Test; @@ -12,6 +13,7 @@ import static com.auth0.json.JsonMatcher.hasEntry; import static org.hamcrest.MatcherAssert.assertThat; import static org.hamcrest.Matchers.*; +import static org.hamcrest.Matchers.containsString; public class ResourceServerTest extends JsonTest { private final static String RESOURCE_SERVER_JSON = "src/test/resources/mgmt/resource_server.json"; @@ -42,6 +44,8 @@ public void deserialize() throws Exception { assertThat(deserialized.getTokenEncryption().getEncryptionKey().getKid(), is("my kid")); assertThat(deserialized.getTokenEncryption().getEncryptionKey().getName(), is("my JWE public key")); assertThat(deserialized.getTokenEncryption().getEncryptionKey().getThumbprintSha256(), is("thumbprint")); + assertThat(deserialized.getProofOfPossession().getMechanism(), is("mtls")); + assertThat(deserialized.getProofOfPossession().getRequired(), is(true)); } @Test @@ -77,6 +81,8 @@ public void serialize() throws Exception { encryptionKey.setPem("pem"); TokenEncryption tokenEncryption = new TokenEncryption("format", encryptionKey); entity.setTokenEncryption(tokenEncryption); + ProofOfPossession proofOfPossession = new ProofOfPossession("mtls", true); + entity.setProofOfPossession(proofOfPossession); String json = toJSON(entity); @@ -96,5 +102,6 @@ public void serialize() throws Exception { assertThat(json, hasEntry("consent_policy", "transactional-authorization-with-mfa")); assertThat(json, hasEntry("authorization_details", notNullValue())); assertThat(json, hasEntry("token_encryption", containsString("{\"format\":\"format\",\"encryption_key\":{\"name\":\"name\",\"alg\":\"alg\",\"pem\":\"pem\",\"kid\":\"kid\"}}"))); + assertThat(json, hasEntry("proof_of_possession", containsString("{\"mechanism\":\"mtls\",\"required\":true}"))); } } diff --git a/src/test/java/com/auth0/json/mgmt/client/ClientTest.java b/src/test/java/com/auth0/json/mgmt/client/ClientTest.java index 307f82b8..11f901ba 100644 --- a/src/test/java/com/auth0/json/mgmt/client/ClientTest.java +++ b/src/test/java/com/auth0/json/mgmt/client/ClientTest.java @@ -135,6 +135,7 @@ public class ClientTest extends JsonTest { " }\n" + " ]\n" + " },\n" + + " \"require_proof_of_possession\": true,\n" + " \"compliance_level\": \"fapi1_adv_pkj_par\"\n" + "}"; @@ -179,6 +180,7 @@ public void shouldSerialize() throws Exception { client.setRefreshToken(refreshToken); client.setOrganizationUsage("require"); client.setOrganizationRequireBehavior("pre_login_prompt"); + client.setRequireProofOfPossession(true); Credential credential = new Credential("public_key", "PEM"); PrivateKeyJwt privateKeyJwt = new PrivateKeyJwt(Collections.singletonList(credential)); @@ -251,6 +253,7 @@ public void shouldSerialize() throws Exception { assertThat(serialized, JsonMatcher.hasEntry("oidc_backchannel_logout", containsString("{\"backchannel_logout_urls\":[\"http://acme.eu.auth0.com/events\"]}"))); assertThat(serialized, JsonMatcher.hasEntry("signed_request_object", containsString("{\"required\":true,\"credentials\":[{\"credential_type\":\"public_key\",\"name\":\"cred name\",\"pem\":\"pem\"}]}"))); assertThat(serialized, JsonMatcher.hasEntry("compliance_level", "fapi1_adv_pkj_par")); + assertThat(serialized, JsonMatcher.hasEntry("require_proof_of_possession", true)); } @Test @@ -326,6 +329,8 @@ public void shouldDeserialize() throws Exception { assertThat(client.getSignedRequest().getCredentials().get(0).getName(), is("My JAR credential")); assertThat(client.getSignedRequest().getCredentials().get(0).getCreatedAt(), is(Date.from(Instant.parse("2024-03-14T11:34:28.893Z")))); assertThat(client.getSignedRequest().getCredentials().get(0).getUpdatedAt(), is(Date.from(Instant.parse("2024-03-14T11:34:28.893Z")))); + + assertThat(client.getRequireProofOfPossession(), is(true)); } @Test diff --git a/src/test/resources/mgmt/client.json b/src/test/resources/mgmt/client.json index daca48ca..a3395042 100644 --- a/src/test/resources/mgmt/client.json +++ b/src/test/resources/mgmt/client.json @@ -90,5 +90,6 @@ } ] }, - "compliance_level": "fapi1_adv_pkj_par" + "compliance_level": "fapi1_adv_pkj_par", + "require_proof_of_possession": true } diff --git a/src/test/resources/mgmt/resource_server.json b/src/test/resources/mgmt/resource_server.json index a383d78f..75284b5a 100644 --- a/src/test/resources/mgmt/resource_server.json +++ b/src/test/resources/mgmt/resource_server.json @@ -36,5 +36,9 @@ "alg": "RSA-OAEP-256", "thumbprint_sha256": "thumbprint" } + }, + "proof_of_possession": { + "mechanism": "mtls", + "required": true } }