Examples of com.nimbusds.oauth2.sdk.http.HTTPResponse

• com.nimbusds.oauth2.sdk.http.HTTPResponse
  HTTP response with support for the parameters required to construct an {@link com.nimbusds.oauth2.sdk.Response OAuth 2.0 response message}.

  Provided HTTP status code constants:

  • {@link #SC_OK HTTP 200 OK}
  • {@link #SC_CREATED HTTP 201 Created}
  • {@link #SC_FOUND HTTP 302 Redirect}
  • {@link #SC_BAD_REQUEST HTTP 400 Bad request}
  • {@link #SC_UNAUTHORIZED HTTP 401 Unauthorized}
  • {@link #SC_FORBIDDEN HTTP 403 Forbidden}
  • {@link #SC_SERVER_ERROR HTTP 500 Server error}

  Supported response headers:

  • Location
  • Content-Type
  • Cache-Control
  • Pragma
  • Www-Authenticate

    assertEquals("def456", response.getRefreshToken().getValue());
    assertEquals(ID_TOKEN_STRING, response.getIDTokenString());
    assertEquals(ID_TOKEN_STRING, response.getIDToken().serialize());
    assertTrue(response.getCustomParams().isEmpty());

    HTTPResponse httpResponse = response.toHTTPResponse();

    response = OIDCAccessTokenResponse.parse(httpResponse);

    assertEquals("abc123", response.getAccessToken().getValue());
    assertEquals("def456", response.getRefreshToken().getValue());

    assertEquals(ID_TOKEN_STRING, response.getIDToken().serialize());
    assertEquals("abc", (String)response.getCustomParams().get("sub_sid"));
    assertEquals(10, ((Number)response.getCustomParams().get("priority")).intValue());
    assertEquals(2, response.getCustomParams().size());

    HTTPResponse httpResponse = response.toHTTPResponse();

    response = OIDCAccessTokenResponse.parse(httpResponse);

    assertEquals("abc123", response.getAccessToken().getValue());
    assertEquals("def456", response.getRefreshToken().getValue());

    assertEquals(OAuth2Error.INVALID_REQUEST.getCode(), params.get("error"));
    assertEquals(OAuth2Error.INVALID_REQUEST.getDescription(), params.get("error_description"));
    assertEquals(state.toString(), params.get("state"));
    assertEquals(3, params.size());

    HTTPResponse httpResponse = r.toHTTPResponse();

    assertEquals(HTTPResponse.SC_FOUND, httpResponse.getStatusCode());
    assertEquals(location, httpResponse.getLocation());

    r = AuthorizationErrorResponse.parse(httpResponse);

    assertEquals(REDIRECT_URI, r.getRedirectionURI());
    assertEquals(OAuth2Error.INVALID_REQUEST, r.getErrorObject());

    assertEquals(claims, response.getUserInfo());
    assertEquals("application/json; charset=UTF-8", response.getContentType().toString());
    assertNull(response.getUserInfoJWT());

    HTTPResponse httpResponse = response.toHTTPResponse();

    response = UserInfoSuccessResponse.parse(httpResponse);

    assertEquals("application/json; charset=UTF-8", response.getContentType().toString());
    assertNull(response.getUserInfoJWT());

    assertEquals(jwt, response.getUserInfoJWT());
    assertEquals("application/jwt; charset=UTF-8", response.getContentType().toString());
    assertNull(response.getUserInfo());

    HTTPResponse httpResponse = response.toHTTPResponse();

    response = UserInfoSuccessResponse.parse(httpResponse);

    assertEquals("application/jwt; charset=UTF-8", response.getContentType().toString());
    assertNull(response.getUserInfo());

  public void testParseFull()
    throws Exception {

    HTTPResponse httpResponse = new HTTPResponse(403);
    httpResponse.setContentType(CommonContentTypes.APPLICATION_JSON);
    JSONObject jsonObject = new JSONObject();
    jsonObject.put("error", "access_denied");
    jsonObject.put("error_description", "Access denied");
    jsonObject.put("error_uri", "https://c2id.com/errors/access_denied");

    httpResponse.setContent(jsonObject.toJSONString());

    ErrorObject errorObject = ErrorObject.parse(httpResponse);

    assertEquals(403, errorObject.getHTTPStatusCode());
    assertEquals("access_denied", errorObject.getCode());

  public void testParseWithOmittedURI()
    throws Exception {

    HTTPResponse httpResponse = new HTTPResponse(403);
    httpResponse.setContentType(CommonContentTypes.APPLICATION_JSON);
    JSONObject jsonObject = new JSONObject();
    jsonObject.put("error", "access_denied");
    jsonObject.put("error_description", "Access denied");

    httpResponse.setContent(jsonObject.toJSONString());

    ErrorObject errorObject = ErrorObject.parse(httpResponse);

    assertEquals(403, errorObject.getHTTPStatusCode());
    assertEquals("access_denied", errorObject.getCode());

  public void testParseWithCodeOnly()
    throws Exception {

    HTTPResponse httpResponse = new HTTPResponse(403);
    httpResponse.setContentType(CommonContentTypes.APPLICATION_JSON);
    JSONObject jsonObject = new JSONObject();
    jsonObject.put("error", "access_denied");

    httpResponse.setContent(jsonObject.toJSONString());

    ErrorObject errorObject = ErrorObject.parse(httpResponse);

    assertEquals(403, errorObject.getHTTPStatusCode());
    assertEquals("access_denied", errorObject.getCode());

  public void testParseNone()
    throws Exception {

    HTTPResponse httpResponse = new HTTPResponse(403);

    ErrorObject errorObject = ErrorObject.parse(httpResponse);

    assertEquals(403, errorObject.getHTTPStatusCode());
    assertNull(errorObject.getCode());

    assertEquals(STATE, new State(params.get("state")));
    assertEquals(2, params.size());

    URI uri = resp.toURI();

    HTTPResponse httpResponse = resp.toHTTPResponse();
    assertEquals(302, httpResponse.getStatusCode());
    assertEquals(uri.toString(), httpResponse.getLocation().toString());

    resp = AuthorizationSuccessResponse.parse(httpResponse);

    assertEquals(ABS_REDIRECT_URI, resp.getRedirectionURI());
    assertEquals(CODE, resp.getAuthorizationCode());