diff --git a/src/main/java/com/auth0/json/mgmt/client/Client.java b/src/main/java/com/auth0/json/mgmt/client/Client.java index de2d2fcd..5fa11169 100644 --- a/src/main/java/com/auth0/json/mgmt/client/Client.java +++ b/src/main/java/com/auth0/json/mgmt/client/Client.java @@ -96,6 +96,10 @@ public class Client { private Boolean requiresPushedAuthorizationRequests; @JsonProperty("oidc_backchannel_logout") private OIDCBackchannelLogout oidcBackchannelLogout; + @JsonProperty("signed_request_object") + private SignedRequest signedRequest; + @JsonProperty("compliance_level") + private String complianceLevel; /** * Getter for the name of the tenant this client belongs to. @@ -837,5 +841,36 @@ public OIDCBackchannelLogout getOidcBackchannelLogout() { public void setOidcBackchannelLogout(OIDCBackchannelLogout oidcBackchannelLogout) { this.oidcBackchannelLogout = oidcBackchannelLogout; } + + /** + * @return the value of the {@code signed_request_object} field. + */ + public SignedRequest getSignedRequest() { + return signedRequest; + } + + /** + * Sets the value of the {@code SignedRequest} field. + * + * @param signedRequest the value to set the {@code signed_request_field} field to. + */ + public void setSignedRequest(SignedRequest signedRequest) { + this.signedRequest = signedRequest; + } + + /** + * @return the value of the {@code compliance_level} field + */ + public String getComplianceLevel() { + return complianceLevel; + } + + /** + * Sets the value of the {@code compliance_level} field + * @param complianceLevel the value of the {@code compliance_level} field + */ + public void setComplianceLevel(String complianceLevel) { + this.complianceLevel = complianceLevel; + } } diff --git a/src/main/java/com/auth0/json/mgmt/client/ClientAuthenticationMethods.java b/src/main/java/com/auth0/json/mgmt/client/ClientAuthenticationMethods.java index c42f93d6..bc7b22aa 100644 --- a/src/main/java/com/auth0/json/mgmt/client/ClientAuthenticationMethods.java +++ b/src/main/java/com/auth0/json/mgmt/client/ClientAuthenticationMethods.java @@ -13,16 +13,59 @@ public class ClientAuthenticationMethods { @JsonProperty("private_key_jwt") private PrivateKeyJwt privateKeyJwt; + @JsonProperty("self_signed_tls_client_auth") + private SelfSignedTLSClientAuth selfSignedTLSClientAuth; + @JsonProperty("tls_client_auth") + private TLSClientAuth tlsClientAuth; public ClientAuthenticationMethods() { } + /** + * Create a new instance. + * @param privateKeyJwt the value of the {@code private_key_jwt} field. + */ public ClientAuthenticationMethods(PrivateKeyJwt privateKeyJwt) { + this(privateKeyJwt, null, null); + } + + /** + * Create a new instance. + * @param privateKeyJwt the value of the {@code private_key_jwt} field. + * @param selfSignedTLSClientAuth the value of the {@code self_signed_tls_client_auth} field. + */ + public ClientAuthenticationMethods(PrivateKeyJwt privateKeyJwt, SelfSignedTLSClientAuth selfSignedTLSClientAuth) { + this(privateKeyJwt, selfSignedTLSClientAuth, null); + } + + /** + * Create a new instance. + * @param privateKeyJwt the value of the {@code private_key_jwt} field. + * @param selfSignedTLSClientAuth the value of the {@code self_signed_tls_client_auth} field. + * @param tlsClientAuth the value of the {@code tls_client_auth} field. + */ + public ClientAuthenticationMethods(PrivateKeyJwt privateKeyJwt, SelfSignedTLSClientAuth selfSignedTLSClientAuth, TLSClientAuth tlsClientAuth) { this.privateKeyJwt = privateKeyJwt; + this.selfSignedTLSClientAuth = selfSignedTLSClientAuth; + this.tlsClientAuth = tlsClientAuth; } public PrivateKeyJwt getPrivateKeyJwt() { return privateKeyJwt; } + + /** + * @return the value of the {@code self_signed_tls_client_auth} field + */ + public SelfSignedTLSClientAuth getSelfSignedTLSClientAuth() { + return selfSignedTLSClientAuth; + } + + /** + * @return the value of the {@code tls_client_auth} field + */ + public TLSClientAuth getTlsClientAuth() { + return tlsClientAuth; + } } diff --git a/src/main/java/com/auth0/json/mgmt/client/Credential.java b/src/main/java/com/auth0/json/mgmt/client/Credential.java index e28b39ea..d6a7ff18 100644 --- a/src/main/java/com/auth0/json/mgmt/client/Credential.java +++ b/src/main/java/com/auth0/json/mgmt/client/Credential.java @@ -31,6 +31,8 @@ public class Credential { private String alg; @JsonProperty("parse_expiry_from_cert") private Boolean parseExpiryFromCert; + @JsonProperty("subject_dn") + private String subjectDn; @JsonFormat(shape = JsonFormat.Shape.STRING) @JsonProperty("created_at") private Date createdAt; @@ -188,4 +190,19 @@ public Boolean getParseExpiryFromCert() { public void setParseExpiryFromCert(Boolean parseExpiryFromCert) { this.parseExpiryFromCert = parseExpiryFromCert; } + + /** + * @return the value of the {@code subject_dn} field + */ + public String getSubjectDn() { + return subjectDn; + } + + /** + * Sets the value of the {@code subject_dn} field + * @param subjectDn the value of the {@code subject_dn} field + */ + public void setSubjectDn(String subjectDn) { + this.subjectDn = subjectDn; + } } diff --git a/src/main/java/com/auth0/json/mgmt/client/SelfSignedTLSClientAuth.java b/src/main/java/com/auth0/json/mgmt/client/SelfSignedTLSClientAuth.java new file mode 100644 index 00000000..e73d2be0 --- /dev/null +++ b/src/main/java/com/auth0/json/mgmt/client/SelfSignedTLSClientAuth.java @@ -0,0 +1,34 @@ +package com.auth0.json.mgmt.client; + +import com.fasterxml.jackson.annotation.JsonIgnoreProperties; +import com.fasterxml.jackson.annotation.JsonInclude; +import com.fasterxml.jackson.annotation.JsonProperty; + +import java.util.List; + +/** + * Class that represents an Auth0 Application self-signed TLS client authentication method. Related to the {@link com.auth0.client.mgmt.ClientsEntity} entity. + */ + +@JsonIgnoreProperties(ignoreUnknown = true) +@JsonInclude(JsonInclude.Include.NON_NULL) +public class SelfSignedTLSClientAuth { + + @JsonProperty("credentials") + private List credentials; + + /** + * Create a new instance + * @param credentials the credentials to use + */ + public SelfSignedTLSClientAuth(@JsonProperty("credentials") List credentials) { + this.credentials = credentials; + } + + /** + * @return the credentials + */ + public List getCredentials() { + return credentials; + } +} diff --git a/src/main/java/com/auth0/json/mgmt/client/SignedRequest.java b/src/main/java/com/auth0/json/mgmt/client/SignedRequest.java new file mode 100644 index 00000000..2854f690 --- /dev/null +++ b/src/main/java/com/auth0/json/mgmt/client/SignedRequest.java @@ -0,0 +1,44 @@ +package com.auth0.json.mgmt.client; + +import com.fasterxml.jackson.annotation.JsonIgnoreProperties; +import com.fasterxml.jackson.annotation.JsonInclude; +import com.fasterxml.jackson.annotation.JsonProperty; + +import java.util.List; + +/** + * Class that represents an Auth0 Application signed request object. Related to the {@link com.auth0.client.mgmt.ClientsEntity} entity. + */ +@JsonIgnoreProperties(ignoreUnknown = true) +@JsonInclude(JsonInclude.Include.NON_NULL) +public class SignedRequest { + + @JsonProperty("required") + private Boolean required; + @JsonProperty("credentials") + private List credentials; + + /** + * @return the value of the {@code credentials} field + */ + public List getCredentials() { + return credentials; + } + + /** + * Sets the value of the {@code credentials} field + * + * @param credentials the value of the {@code credentials} field + */ + public void setCredentials(List credentials) { + this.credentials = credentials; + } + + public Boolean getRequired() { + return required; + } + + public void setRequired(Boolean required) { + this.required = required; + } +} diff --git a/src/main/java/com/auth0/json/mgmt/client/TLSClientAuth.java b/src/main/java/com/auth0/json/mgmt/client/TLSClientAuth.java new file mode 100644 index 00000000..05e896af --- /dev/null +++ b/src/main/java/com/auth0/json/mgmt/client/TLSClientAuth.java @@ -0,0 +1,32 @@ +package com.auth0.json.mgmt.client; + +import com.fasterxml.jackson.annotation.JsonIgnoreProperties; +import com.fasterxml.jackson.annotation.JsonInclude; +import com.fasterxml.jackson.annotation.JsonProperty; + +import java.util.List; + +/** + * Class that represents an Auth0 Application TLS client authentication method. Related to the {@link com.auth0.client.mgmt.ClientsEntity} entity. + */ +@JsonIgnoreProperties(ignoreUnknown = true) +@JsonInclude(JsonInclude.Include.NON_NULL) +public class TLSClientAuth { + @JsonProperty("credentials") + private List credentials; + + /** + * Create a new instance + * @param credentials the credentials to use + */ + public TLSClientAuth(@JsonProperty("credentials") List credentials) { + this.credentials = credentials; + } + + /** + * @return the credentials + */ + public List getCredentials() { + return credentials; + } +} diff --git a/src/main/java/com/auth0/json/mgmt/resourceserver/AuthorizationDetails.java b/src/main/java/com/auth0/json/mgmt/resourceserver/AuthorizationDetails.java new file mode 100644 index 00000000..69989507 --- /dev/null +++ b/src/main/java/com/auth0/json/mgmt/resourceserver/AuthorizationDetails.java @@ -0,0 +1,33 @@ +package com.auth0.json.mgmt.resourceserver; + +import com.fasterxml.jackson.annotation.JsonCreator; +import com.fasterxml.jackson.annotation.JsonIgnoreProperties; +import com.fasterxml.jackson.annotation.JsonInclude; +import com.fasterxml.jackson.annotation.JsonProperty; + +/** + * Class that represents the authorization details associated with a {@link ResourceServer} + */ +@JsonIgnoreProperties(ignoreUnknown = true) +@JsonInclude(JsonInclude.Include.NON_NULL) +public class AuthorizationDetails { + + @JsonProperty("type") + private String type; + + /** + * Create a new instance. + * @param type the value of the {@code type} field. + */ + @JsonCreator + public AuthorizationDetails(@JsonProperty("type") String type) { + this.type = type; + } + + /** + * @return the value of the {@code type} field + */ + public String getType() { + return type; + } +} diff --git a/src/main/java/com/auth0/json/mgmt/resourceserver/EncryptionKey.java b/src/main/java/com/auth0/json/mgmt/resourceserver/EncryptionKey.java new file mode 100644 index 00000000..74f19707 --- /dev/null +++ b/src/main/java/com/auth0/json/mgmt/resourceserver/EncryptionKey.java @@ -0,0 +1,99 @@ +package com.auth0.json.mgmt.resourceserver; + +import com.fasterxml.jackson.annotation.JsonIgnoreProperties; +import com.fasterxml.jackson.annotation.JsonInclude; +import com.fasterxml.jackson.annotation.JsonProperty; + +/** + * Class that represents the encryption key associated with a {@link TokenEncryption} + */ +@JsonIgnoreProperties(ignoreUnknown = true) +@JsonInclude(JsonInclude.Include.NON_NULL) +public class EncryptionKey { + + @JsonProperty("name") + private String name; + @JsonProperty("alg") + private String alg; + @JsonProperty("pem") + private String pem; + @JsonProperty("kid") + private String kid; + @JsonProperty("thumbprint_sha256") + private String thumbprintSha256; + + /** + * @return the value of the {@code name} field. + */ + public String getName() { + return name; + } + + /** + * Sets the value of the {@code name} field. + * @param name the value of the {@code name} field. + */ + public void setName(String name) { + this.name = name; + } + + /** + * @return the value of the {@code alg} field. + */ + public String getAlg() { + return alg; + } + + /** + * Sets the value of the {@code alg} field. + * @param alg the value of the {@code alg} field. + */ + public void setAlg(String alg) { + this.alg = alg; + } + + /** + * @return the value of the {@code pem} field. + */ + public String getPem() { + return pem; + } + + /** + * Sets the value of the {@code pem} field. + * @param pem the value of the {@code pem} field. + */ + public void setPem(String pem) { + this.pem = pem; + } + + /** + * @return the value of the {@code kid} field. + */ + public String getKid() { + return kid; + } + + /** + * Sets the value of the {@code kid} field. + * @param kid the value of the {@code kid} field. + */ + public void setKid(String kid) { + this.kid = kid; + } + + /** + * @return the value of the {@code thumbprint_sha256} field. + */ + public String getThumbprintSha256() { + return thumbprintSha256; + } + + /** + * Sets the value of the {@code thumbprint_sha256} field. + * @param thumbprintSha256 the value of the {@code thumbprint_sha256} field. + */ + public void setThumbprintSha256(String thumbprintSha256) { + this.thumbprintSha256 = thumbprintSha256; + } +} diff --git a/src/main/java/com/auth0/json/mgmt/resourceserver/ResourceServer.java b/src/main/java/com/auth0/json/mgmt/resourceserver/ResourceServer.java index 5b0182d8..6161eb3e 100644 --- a/src/main/java/com/auth0/json/mgmt/resourceserver/ResourceServer.java +++ b/src/main/java/com/auth0/json/mgmt/resourceserver/ResourceServer.java @@ -39,6 +39,12 @@ public class ResourceServer { private Boolean isSystem; @JsonProperty("enforce_policies") private Boolean enforcePolicies; + @JsonProperty("consent_policy") + private String consentPolicy; + @JsonProperty("authorization_details") + private List authorizationDetails; + @JsonProperty("token_encryption") + private TokenEncryption tokenEncryption; @JsonCreator public ResourceServer(@JsonProperty("identifier") String identifier) { @@ -178,4 +184,48 @@ public void setTokenLifetimeForWeb(Integer tokenLifetimeForWeb) { this.tokenLifetimeForWeb = tokenLifetimeForWeb; } + /** + * @return the value of the {@code consent_policy} field. + */ + public String getConsentPolicy() { + return consentPolicy; + } + + /** + * Sets the value of the {@code consent_policy} field + * @param consentPolicy the value of the {@code consent_policy} field + */ + public void setConsentPolicy(String consentPolicy) { + this.consentPolicy = consentPolicy; + } + + /** + * @return the value of the {@code authorization_details} field. + */ + public List getAuthorizationDetails() { + return authorizationDetails; + } + + /** + * Sets the value of the {@code authorization_details} field. + * @param authorizationDetails the value of the {@code authorization_details} field. + */ + public void setAuthorizationDetails(List authorizationDetails) { + this.authorizationDetails = authorizationDetails; + } + + /** + * @return the value of the {@code token_encryption} field. + */ + public TokenEncryption getTokenEncryption() { + return tokenEncryption; + } + + /** + * Sets the value of the {@code token_encryption} field. + * @param tokenEncryption the value of the {@code token_encryption} field. + */ + public void setTokenEncryption(TokenEncryption tokenEncryption) { + this.tokenEncryption = tokenEncryption; + } } diff --git a/src/main/java/com/auth0/json/mgmt/resourceserver/TokenEncryption.java b/src/main/java/com/auth0/json/mgmt/resourceserver/TokenEncryption.java new file mode 100644 index 00000000..86aa0f51 --- /dev/null +++ b/src/main/java/com/auth0/json/mgmt/resourceserver/TokenEncryption.java @@ -0,0 +1,43 @@ +package com.auth0.json.mgmt.resourceserver; + +import com.fasterxml.jackson.annotation.JsonCreator; +import com.fasterxml.jackson.annotation.JsonIgnoreProperties; +import com.fasterxml.jackson.annotation.JsonInclude; +import com.fasterxml.jackson.annotation.JsonProperty; + +/** + * Class that represents the token encryption associated with a {@link ResourceServer} + */ +@JsonIgnoreProperties(ignoreUnknown = true) +@JsonInclude(JsonInclude.Include.NON_NULL) +public class TokenEncryption { + + @JsonProperty("format") + private String format; + @JsonProperty("encryption_key") + private EncryptionKey encryptionKey; + + /** + * Create a new instance. + * @param format the value of the {@code format} field. + * @param encryptionKey the value of the {@code encryption_key} field. + */ + @JsonCreator + public TokenEncryption(@JsonProperty("format") String format, @JsonProperty("encryption_key") EncryptionKey encryptionKey) { + this.format = format; + this.encryptionKey = encryptionKey; + } + /** + * @return the value of the {@code format} field. + */ + public String getFormat() { + return format; + } + + /** + * @return the value of the {@code encryption_key} field. + */ + public EncryptionKey getEncryptionKey() { + return encryptionKey; + } +} diff --git a/src/main/java/com/auth0/json/mgmt/tenants/Mtls.java b/src/main/java/com/auth0/json/mgmt/tenants/Mtls.java new file mode 100644 index 00000000..e4c441e4 --- /dev/null +++ b/src/main/java/com/auth0/json/mgmt/tenants/Mtls.java @@ -0,0 +1,34 @@ +package com.auth0.json.mgmt.tenants; + +import com.fasterxml.jackson.annotation.JsonCreator; +import com.fasterxml.jackson.annotation.JsonIgnoreProperties; +import com.fasterxml.jackson.annotation.JsonInclude; +import com.fasterxml.jackson.annotation.JsonProperty; + +/** + * Represents the value of the {@code enable_endpoint_aliases} field of the {@link Tenant}. + */ +@JsonIgnoreProperties(ignoreUnknown = true) +@JsonInclude(JsonInclude.Include.NON_NULL) +public class Mtls { + + @JsonProperty("enable_endpoint_aliases") + private Boolean enableEndpointAliases; + + /** + * @return the value of the {@code enable_endpoint_aliases} field + */ + public Boolean getEnableEndpointAliases() { + return enableEndpointAliases; + } + + /** + * Sets the value of the {@code enable_endpoint_aliases} field + * + * @param enableEndpointAliases the value of the {@code enable_endpoint_aliases} field + */ + public void setEnableEndpointAliases(Boolean enableEndpointAliases) { + this.enableEndpointAliases = enableEndpointAliases; + } + +} diff --git a/src/main/java/com/auth0/json/mgmt/tenants/Tenant.java b/src/main/java/com/auth0/json/mgmt/tenants/Tenant.java index d8c0bea6..a48dc8c5 100644 --- a/src/main/java/com/auth0/json/mgmt/tenants/Tenant.java +++ b/src/main/java/com/auth0/json/mgmt/tenants/Tenant.java @@ -46,6 +46,19 @@ public class Tenant { @JsonProperty("idle_session_lifetime") private Integer idleSessionLifetime; + @JsonProperty("acr_values_supported") + private List acrValuesSupported; + + @JsonProperty("pushed_authorization_requests_supported") + private Boolean pushedAuthorizationRequestsSupported; + + @JsonProperty("remove_alg_from_jwks") + private Boolean removeAlgFromJwks; + + @JsonProperty("mtls") + private Mtls mtls; + + /** * Getter for the change password page customization. * @@ -320,4 +333,68 @@ public Integer getIdleSessionLifetime() { public void setIdleSessionLifetime(Integer idleSessionLifetime) { this.idleSessionLifetime = idleSessionLifetime; } + + /** + * @return the value of the {@code acr_values_supported} field + */ + public List getAcrValuesSupported() { + return acrValuesSupported; + } + + /** + * Sets the value of the {@code acr_values_supported} field + * + * @param acrValuesSupported the value of the {@code acr_values_supported_field} + */ + public void setAcrValuesSupported(List acrValuesSupported) { + this.acrValuesSupported = acrValuesSupported; + } + + /** + * @return the value of the {@code pushed_authorization_requests_supported} field. + */ + public Boolean getPushedAuthorizationRequestsSupported() { + return pushedAuthorizationRequestsSupported; + } + + /** + * Sets the value of the {@code pushed_authorization_requests_supported} field + * + * @param pushedAuthorizationRequestsSupported the value of the {@code pushed_authorization_requests_supported} field + */ + public void setPushedAuthorizationRequestsSupported(Boolean pushedAuthorizationRequestsSupported) { + this.pushedAuthorizationRequestsSupported = pushedAuthorizationRequestsSupported; + } + + /** + * @return the value of the {@code remove_alg_from_jwks} field + */ + public Boolean getRemoveAlgFromJwks() { + return removeAlgFromJwks; + } + + /** + * Sets the value of the {@code remove_alg_from_jwks} field + * + * @param removeAlgFromJwks the value of the {@code remove_alg_from_jwks} field + */ + public void setRemoveAlgFromJwks(Boolean removeAlgFromJwks) { + this.removeAlgFromJwks = removeAlgFromJwks; + } + + /** + * @return the value of the {@code mtls} field + */ + public Mtls getMtls() { + return mtls; + } + + /** + * Sets the value of the {@code mtls} field + * + * @param mtls the value of the {@code mtls} field + */ + public void setMtls(Mtls mtls) { + this.mtls = mtls; + } } diff --git a/src/test/java/com/auth0/json/JsonMatcher.java b/src/test/java/com/auth0/json/JsonMatcher.java index 2066c667..7a7b622b 100644 --- a/src/test/java/com/auth0/json/JsonMatcher.java +++ b/src/test/java/com/auth0/json/JsonMatcher.java @@ -38,7 +38,7 @@ protected boolean matchesSafely(String item, Description mismatchDescription) { return false; } if (!item.contains(getStringKey(key))) { - mismatchDescription.appendText("JSON didn't contained the key ").appendValue(key); + mismatchDescription.appendText("JSON does not contain the key ").appendValue(key); return false; } } diff --git a/src/test/java/com/auth0/json/mgmt/ResourceServerTest.java b/src/test/java/com/auth0/json/mgmt/ResourceServerTest.java index 9295a25b..66e52359 100644 --- a/src/test/java/com/auth0/json/mgmt/ResourceServerTest.java +++ b/src/test/java/com/auth0/json/mgmt/ResourceServerTest.java @@ -1,17 +1,17 @@ package com.auth0.json.mgmt; import com.auth0.json.JsonTest; -import com.auth0.json.mgmt.resourceserver.ResourceServer; -import com.auth0.json.mgmt.resourceserver.Scope; +import com.auth0.json.mgmt.resourceserver.*; import org.junit.jupiter.api.Test; import java.util.ArrayList; +import java.util.Arrays; import java.util.List; +import java.util.stream.Collectors; import static com.auth0.json.JsonMatcher.hasEntry; import static org.hamcrest.MatcherAssert.assertThat; -import static org.hamcrest.Matchers.hasSize; -import static org.hamcrest.Matchers.is; +import static org.hamcrest.Matchers.*; public class ResourceServerTest extends JsonTest { private final static String RESOURCE_SERVER_JSON = "src/test/resources/mgmt/resource_server.json"; @@ -32,6 +32,16 @@ public void deserialize() throws Exception { assertThat(deserialized.getTokenDialect(), is("access_token")); assertThat(deserialized.getTokenLifetime(), is(86400)); assertThat(deserialized.getVerificationLocation(), is("verification_location")); + assertThat(deserialized.getConsentPolicy(), is("transactional-authorization-with-mfa")); + assertThat(deserialized.getAuthorizationDetails(), is(notNullValue())); + assertThat(deserialized.getAuthorizationDetails().size(), is(2)); + assertThat(deserialized.getAuthorizationDetails().stream().map(AuthorizationDetails::getType).collect(Collectors.toList()), containsInAnyOrder("payment", "my custom type")); + assertThat(deserialized.getTokenEncryption(), notNullValue()); + assertThat(deserialized.getTokenEncryption().getFormat(), is("compact-nested-jwe")); + assertThat(deserialized.getTokenEncryption().getEncryptionKey().getAlg(), is("RSA-OAEP-256")); + assertThat(deserialized.getTokenEncryption().getEncryptionKey().getKid(), is("my kid")); + assertThat(deserialized.getTokenEncryption().getEncryptionKey().getName(), is("my JWE public key")); + assertThat(deserialized.getTokenEncryption().getEncryptionKey().getThumbprintSha256(), is("thumbprint")); } @Test @@ -56,9 +66,22 @@ public void serialize() throws Exception { entity.setTokenLifetime(86400); entity.setTokenDialect("access_token_authz"); entity.setVerificationLocation("verification_location"); + entity.setConsentPolicy("transactional-authorization-with-mfa"); + AuthorizationDetails authorizationDetails1 = new AuthorizationDetails("type1"); + AuthorizationDetails authorizationDetails2 = new AuthorizationDetails("type2"); + entity.setAuthorizationDetails(Arrays.asList(authorizationDetails1, authorizationDetails2)); + EncryptionKey encryptionKey = new EncryptionKey(); + encryptionKey.setName("name"); + encryptionKey.setAlg("alg"); + encryptionKey.setKid("kid"); + encryptionKey.setPem("pem"); + TokenEncryption tokenEncryption = new TokenEncryption("format", encryptionKey); + entity.setTokenEncryption(tokenEncryption); String json = toJSON(entity); + System.out.println(json); + assertThat(json, hasEntry("id", "23445566abab")); assertThat(json, hasEntry("name", "Some API")); assertThat(json, hasEntry("identifier", "https://api.my-company.com/api/v2/")); @@ -70,5 +93,8 @@ public void serialize() throws Exception { assertThat(json, hasEntry("token_lifetime", 86400)); assertThat(json, hasEntry("token_dialect", "access_token_authz")); assertThat(json, hasEntry("verification_location", "verification_location")); + assertThat(json, hasEntry("consent_policy", "transactional-authorization-with-mfa")); + assertThat(json, hasEntry("authorization_details", notNullValue())); + assertThat(json, hasEntry("token_encryption", containsString("{\"format\":\"format\",\"encryption_key\":{\"name\":\"name\",\"alg\":\"alg\",\"pem\":\"pem\",\"kid\":\"kid\"}}"))); } } diff --git a/src/test/java/com/auth0/json/mgmt/client/ClientTest.java b/src/test/java/com/auth0/json/mgmt/client/ClientTest.java index ca2832e9..307f82b8 100644 --- a/src/test/java/com/auth0/json/mgmt/client/ClientTest.java +++ b/src/test/java/com/auth0/json/mgmt/client/ClientTest.java @@ -5,7 +5,9 @@ import org.hamcrest.collection.IsMapContaining; import org.junit.jupiter.api.Test; +import java.time.Instant; import java.util.Collections; +import java.util.Date; import java.util.List; import java.util.Map; @@ -97,12 +99,43 @@ public class ClientTest extends JsonTest { " \"id\": \"cred_123\"\n" + " }\n" + " ]\n" + + " },\n" + + " \"self_signed_tls_client_auth\": {\n" + + " \"credentials\": [\n" + + " {\n" + + " \"id\": \"cred_id\"\n" + + " }\n" + + " ]\n" + + " },\n" + + " \"tls_client_auth\": {\n" + + " \"credentials\": [\n" + + " {\n" + + " \"id\": \"cred_id\",\n" + + " \"credential_type\": \"cert_subject_dn\",\n" + + " \"name\": \"My cA mtls credential\",\n" + + " \"subject_dn\": \"subject dn\"\n" + + " }\n" + + " ]\n" + " }\n" + " },\n" + " \"require_pushed_authorization_requests\": true,\n" + " \"oidc_backchannel_logout\": {\n" + " \"backchannel_logout_urls\": [\"http://acme.eu.auth0.com/events\"]\n" + - " }\n" + + " },\n" + + " \"signed_request_object\": {\n" + + " \"credentials\": [\n" + + " {\n" + + " \"id\": \"cred_id\",\n" + + " \"credential_type\": \"public_key\",\n" + + " \"kid\": \"cred_kid\",\n" + + " \"alg\": \"RS256\",\n" + + " \"name\": \"My JAR credential\",\n" + + " \"created_at\": \"2024-03-14T11:34:28.893Z\",\n" + + " \"updated_at\": \"2024-03-14T11:34:28.893Z\"\n" + + " }\n" + + " ]\n" + + " },\n" + + " \"compliance_level\": \"fapi1_adv_pkj_par\"\n" + "}"; @Test @@ -146,13 +179,39 @@ public void shouldSerialize() throws Exception { client.setRefreshToken(refreshToken); client.setOrganizationUsage("require"); client.setOrganizationRequireBehavior("pre_login_prompt"); + Credential credential = new Credential("public_key", "PEM"); PrivateKeyJwt privateKeyJwt = new PrivateKeyJwt(Collections.singletonList(credential)); - ClientAuthenticationMethods cam = new ClientAuthenticationMethods(privateKeyJwt); + + Credential selfSignedCredential = new Credential(); + selfSignedCredential.setName("mtls credential"); + selfSignedCredential.setCredentialType("x509_cert"); + selfSignedCredential.setPem("pem"); + SelfSignedTLSClientAuth selfSignedTLSClientAuth = new SelfSignedTLSClientAuth(Collections.singletonList(selfSignedCredential)); + + Credential tlsCredential = new Credential(); + tlsCredential.setName("My cA mtls credential"); + tlsCredential.setSubjectDn("subject dn"); + tlsCredential.setCredentialType("cert_subject_dn"); + TLSClientAuth tlsClientAuth = new TLSClientAuth(Collections.singletonList(tlsCredential)); + + ClientAuthenticationMethods cam = new ClientAuthenticationMethods(privateKeyJwt, selfSignedTLSClientAuth, tlsClientAuth); + client.setClientAuthenticationMethods(cam); client.setRequiresPushedAuthorizationRequests(true); client.setOidcBackchannelLogout(new OIDCBackchannelLogout(Collections.singletonList("http://acme.eu.auth0.com/events"))); + // HRI configuration + Credential signedRequestCredential = new Credential(); + signedRequestCredential.setName("cred name"); + signedRequestCredential.setCredentialType("public_key"); + signedRequestCredential.setPem("pem"); + SignedRequest signedRequest = new SignedRequest(); + signedRequest.setRequired(true); + signedRequest.setCredentials(Collections.singletonList(signedRequestCredential)); + client.setSignedRequest(signedRequest); + client.setComplianceLevel("fapi1_adv_pkj_par"); + String serialized = toJSON(client); assertThat(serialized, is(notNullValue())); @@ -186,9 +245,12 @@ public void shouldSerialize() throws Exception { assertThat(serialized, JsonMatcher.hasEntry("organization_usage", "require")); assertThat(serialized, JsonMatcher.hasEntry("organization_require_behavior", "pre_login_prompt")); assertThat(serialized, JsonMatcher.hasEntry("client_authentication_methods", notNullValue())); - assertThat(serialized, JsonMatcher.hasEntry("client_authentication_methods", containsString("{\"private_key_jwt\":{\"credentials\":[{\"credential_type\":\"public_key\",\"pem\":\"PEM\"}]}}"))); + // but: was "{"name":"name","description":"description","client_secret":"secret","app_type":"type","logo_uri":"uri","is_first_party":true,"oidc_conformant":true,"callbacks":["value"],"allowed_origins":["value"],"web_origins":["value"],"grant_types":["value"],"client_aliases":["value"],"allowed_clients":["value"],"allowed_logout_urls":["value"],"jwt_configuration":{"lifetime_in_seconds":100,"scopes":"openid","alg":"alg"},"encryption_key":{"pub":"pub","cert":"cert"},"sso":true,"sso_disabled":true,"custom_login_page_on":true,"initiate_login_uri":"https://appzero.com/login","custom_login_page":"custom","custom_login_page_preview":"preview","form_template":"template","addons":{"rms":{},"mscrm":{},"slack":{},"layer":{}},"token_endpoint_auth_method":"method","client_metadata":{"key":"value"},"mobile":{"android":{"app_package_name":"pkg","sha256_cert_fingerprints":["256"]},"ios":{"team_id":"team","app_bundle_identifier":"id"}},"refresh_token":{},"organization_usage":"require","organization_require_behavior":"pre_login_prompt","client_authentication_methods":{"private_key_jwt":{"credentials":[{"credential_type":"public_key","pem":"PEM"}]},"self_signed_tls_client_auth":{"credentials":[{"credential_type":"x509_cert","name":"mtls credential","pem":"pem"}]},"tls_client_auth":{"credentials":[{"credential_type":"cert_subject_dn","name":"My cA mtls credential","subject_dn":"subject dn"}]}},"require_pushed_authorization_requests":true,"oidc_backchannel_logout":{"backchannel_logout_urls":["http://acme.eu.auth0.com/events"]},"signed_request_object":{"required":true,"credentials":[{"credential_type":"public_key","name":"cred name","pem":"pem"}]},"compliance_level":"fapi1_adv_pkj_par"}" + assertThat(serialized, JsonMatcher.hasEntry("client_authentication_methods", containsString("{\"private_key_jwt\":{\"credentials\":[{\"credential_type\":\"public_key\",\"pem\":\"PEM\"}]},\"self_signed_tls_client_auth\":{\"credentials\":[{\"credential_type\":\"x509_cert\",\"name\":\"mtls credential\",\"pem\":\"pem\"}]},\"tls_client_auth\":{\"credentials\":[{\"credential_type\":\"cert_subject_dn\",\"name\":\"My cA mtls credential\",\"subject_dn\":\"subject dn\"}]}}"))); assertThat(serialized, JsonMatcher.hasEntry("require_pushed_authorization_requests", true)); assertThat(serialized, JsonMatcher.hasEntry("oidc_backchannel_logout", containsString("{\"backchannel_logout_urls\":[\"http://acme.eu.auth0.com/events\"]}"))); + assertThat(serialized, JsonMatcher.hasEntry("signed_request_object", containsString("{\"required\":true,\"credentials\":[{\"credential_type\":\"public_key\",\"name\":\"cred name\",\"pem\":\"pem\"}]}"))); + assertThat(serialized, JsonMatcher.hasEntry("compliance_level", "fapi1_adv_pkj_par")); } @Test @@ -239,8 +301,31 @@ public void shouldDeserialize() throws Exception { assertThat(client.getClientAuthenticationMethods().getPrivateKeyJwt().getCredentials().size(), is(2)); assertThat(client.getClientAuthenticationMethods().getPrivateKeyJwt().getCredentials().get(0).getId(), is("cred_abc")); assertThat(client.getClientAuthenticationMethods().getPrivateKeyJwt().getCredentials().get(1).getId(), is("cred_123")); + assertThat(client.getClientAuthenticationMethods().getSelfSignedTLSClientAuth(), is(notNullValue())); + assertThat(client.getClientAuthenticationMethods().getSelfSignedTLSClientAuth().getCredentials(), is(notNullValue())); + assertThat(client.getClientAuthenticationMethods().getSelfSignedTLSClientAuth().getCredentials().size(), is(1)); + assertThat(client.getClientAuthenticationMethods().getSelfSignedTLSClientAuth().getCredentials().get(0).getId(), is("cred_id")); + assertThat(client.getClientAuthenticationMethods().getTlsClientAuth(), is(notNullValue())); + assertThat(client.getClientAuthenticationMethods().getTlsClientAuth().getCredentials(), is(notNullValue())); + assertThat(client.getClientAuthenticationMethods().getTlsClientAuth().getCredentials().size(), is(1)); + assertThat(client.getClientAuthenticationMethods().getTlsClientAuth().getCredentials().get(0).getId(), is("cred_id")); + assertThat(client.getClientAuthenticationMethods().getTlsClientAuth().getCredentials().get(0).getName(), is("My cA mtls credential")); + assertThat(client.getClientAuthenticationMethods().getTlsClientAuth().getCredentials().get(0).getSubjectDn(), is("subject dn")); + assertThat(client.getClientAuthenticationMethods().getTlsClientAuth().getCredentials().get(0).getCredentialType(), is("cert_subject_dn")); assertThat(client.getRequiresPushedAuthorizationRequests(), is(true)); assertThat(client.getOidcBackchannelLogout().getBackchannelLogoutUrls().size(), is(1)); + + assertThat(client.getComplianceLevel(), is("fapi1_adv_pkj_par")); + assertThat(client.getSignedRequest(), is(notNullValue())); + assertThat(client.getSignedRequest().getCredentials(), is(notNullValue())); + assertThat(client.getSignedRequest().getCredentials().size(), is(1)); + assertThat(client.getSignedRequest().getCredentials().get(0).getId(), is("cred_id")); + assertThat(client.getSignedRequest().getCredentials().get(0).getCredentialType(), is("public_key")); + assertThat(client.getSignedRequest().getCredentials().get(0).getKid(), is("cred_kid")); + assertThat(client.getSignedRequest().getCredentials().get(0).getAlg(), is("RS256")); + assertThat(client.getSignedRequest().getCredentials().get(0).getName(), is("My JAR credential")); + assertThat(client.getSignedRequest().getCredentials().get(0).getCreatedAt(), is(Date.from(Instant.parse("2024-03-14T11:34:28.893Z")))); + assertThat(client.getSignedRequest().getCredentials().get(0).getUpdatedAt(), is(Date.from(Instant.parse("2024-03-14T11:34:28.893Z")))); } @Test diff --git a/src/test/java/com/auth0/json/mgmt/tenants/TenantTest.java b/src/test/java/com/auth0/json/mgmt/tenants/TenantTest.java index ada9eb7f..b923d584 100644 --- a/src/test/java/com/auth0/json/mgmt/tenants/TenantTest.java +++ b/src/test/java/com/auth0/json/mgmt/tenants/TenantTest.java @@ -12,7 +12,7 @@ public class TenantTest extends JsonTest { - private static final String json = "{\"change_password\":{},\"guardian_mfa_page\":{},\"default_audience\":\"https://domain.auth0.com/myapi\",\"default_directory\":\"Username-Password-Authentication\",\"error_page\":{},\"flags\":{},\"friendly_name\":\"My-Tenant\",\"picture_url\":\"https://pic.to/123\",\"support_email\":\"support@auth0.com\",\"support_url\":\"https://support.auth0.com\",\"allowed_logout_urls\":[\"https://domain.auth0.com/logout\"], \"session_lifetime\":24, \"idle_session_lifetime\":0.5, \"session_cookie\":{\"mode\": \"persistent\"}}"; + private static final String json = "{\"change_password\":{},\"guardian_mfa_page\":{},\"default_audience\":\"https://domain.auth0.com/myapi\",\"default_directory\":\"Username-Password-Authentication\",\"error_page\":{},\"flags\":{},\"friendly_name\":\"My-Tenant\",\"picture_url\":\"https://pic.to/123\",\"support_email\":\"support@auth0.com\",\"support_url\":\"https://support.auth0.com\",\"allowed_logout_urls\":[\"https://domain.auth0.com/logout\"], \"session_lifetime\":24, \"idle_session_lifetime\":0.5, \"session_cookie\":{\"mode\": \"persistent\"}, \"acr_values_supported\":[\"string1\",\"string2\"], \"pushed_authorization_requests_supported\": true, \"remove_alg_from_jwks\": true, \"mtls\": {\"enable_endpoint_aliases\": true}}"; @Test @@ -32,6 +32,12 @@ public void shouldSerialize() throws Exception { tenant.setSessionLifetime(48); tenant.setIdleSessionLifetime(0); tenant.setSessionCookie(new SessionCookie("persistent")); + tenant.setAcrValuesSupported(Collections.singletonList("supported acr value")); + tenant.setPushedAuthorizationRequestsSupported(true); + tenant.setRemoveAlgFromJwks(true); + Mtls mtls = new Mtls(); + mtls.setEnableEndpointAliases(true); + tenant.setMtls(mtls); String serialized = toJSON(tenant); assertThat(serialized, is(notNullValue())); @@ -50,6 +56,10 @@ public void shouldSerialize() throws Exception { assertThat(serialized, JsonMatcher.hasEntry("session_lifetime", 48)); assertThat(serialized, JsonMatcher.hasEntry("idle_session_lifetime", 0)); assertThat(serialized, JsonMatcher.hasEntry("session_cookie", notNullValue())); + assertThat(serialized, JsonMatcher.hasEntry("acr_values_supported", Collections.singletonList("supported acr value"))); + assertThat(serialized, JsonMatcher.hasEntry("pushed_authorization_requests_supported", true)); + assertThat(serialized, JsonMatcher.hasEntry("remove_alg_from_jwks", true)); + assertThat(serialized, JsonMatcher.hasEntry("enable_endpoint_aliases", notNullValue())); } @Test @@ -72,6 +82,11 @@ public void shouldDeserialize() throws Exception { assertThat(tenant.getIdleSessionLifetime(), is(0)); assertThat(tenant.getSessionCookie(), is(notNullValue())); assertThat(tenant.getSessionCookie().getMode(), is("persistent")); + assertThat(tenant.getAcrValuesSupported(), contains("string1", "string2")); + assertThat(tenant.getPushedAuthorizationRequestsSupported(), is(true)); + assertThat(tenant.getRemoveAlgFromJwks(), is(true)); + assertThat(tenant.getMtls(), is(notNullValue())); + assertThat(tenant.getMtls().getEnableEndpointAliases(), is(true)); } } diff --git a/src/test/resources/mgmt/client.json b/src/test/resources/mgmt/client.json index 70fd3095..daca48ca 100644 --- a/src/test/resources/mgmt/client.json +++ b/src/test/resources/mgmt/client.json @@ -65,6 +65,30 @@ "credentials": [ { "id": "cred_abc" }] + }, + "self_signed_tls_client_auth": { + "credentials": [ { + "id": "cred_123" + }] + }, + "tls_client_auth": { + "credentials": [ { + "id": "cred_789" + }] } - } + }, + "signed_request_object": { + "credentials": [ + { + "id": "cred_id", + "credential_type": "public_key", + "kid": "cred_kid", + "alg": "RS256", + "name": "My JAR credential", + "created_at": "2024-03-14T11:34:28.893Z", + "updated_at": "2024-03-14T11:34:28.893Z" + } + ] + }, + "compliance_level": "fapi1_adv_pkj_par" } diff --git a/src/test/resources/mgmt/resource_server.json b/src/test/resources/mgmt/resource_server.json index 1a84daae..a383d78f 100644 --- a/src/test/resources/mgmt/resource_server.json +++ b/src/test/resources/mgmt/resource_server.json @@ -21,5 +21,20 @@ } ], "is_system": true, - "enforce_policies": false -} \ No newline at end of file + "enforce_policies": false, + "consent_policy": "transactional-authorization-with-mfa", + "authorization_details": [{ + "type": "payment" + }, { + "type": "my custom type" + }], + "token_encryption": { + "format": "compact-nested-jwe", + "encryption_key": { + "name": "my JWE public key", + "kid": "my kid", + "alg": "RSA-OAEP-256", + "thumbprint_sha256": "thumbprint" + } + } +} diff --git a/src/test/resources/mgmt/tenant.json b/src/test/resources/mgmt/tenant.json index f7938169..66195f79 100644 --- a/src/test/resources/mgmt/tenant.json +++ b/src/test/resources/mgmt/tenant.json @@ -32,5 +32,11 @@ ], "session_cookie": { "mode": "persistent" + }, + "acr_values_supported": ["string1", "string2"], + "pushed_authorization_requests_supported": true, + "remove_alg_from_jwks": true, + "mtls": { + "enable_endpoint_aliases": true } }