authlete 1.2.0 → 1.7.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/authlete/model/client.rb +173 -144
- data/lib/authlete/model/service.rb +251 -216
- data/lib/authlete/version.rb +1 -1
- data/test/authlete/model/test_client-extension.rb +0 -2
- data/test/authlete/model/test_client.rb +416 -388
- data/test/authlete/model/test_named-uri.rb +0 -2
- data/test/authlete/model/test_pair.rb +0 -2
- data/test/authlete/model/test_property.rb +0 -2
- data/test/authlete/model/test_scope.rb +1 -3
- data/test/authlete/model/test_service.rb +477 -446
- metadata +2 -2
data/lib/authlete/version.rb
CHANGED
|
@@ -21,177 +21,189 @@ require 'minitest/autorun'
|
|
|
21
21
|
|
|
22
22
|
|
|
23
23
|
class ClientTest < Minitest::Test
|
|
24
|
-
NUMBER
|
|
25
|
-
SERVICE_NUMBER
|
|
26
|
-
DEVELOPER
|
|
27
|
-
CLIENT_ID
|
|
28
|
-
CLIENT_ID_ALIAS
|
|
29
|
-
CLIENT_ID_ALIAS_ENABLED
|
|
30
|
-
CLIENT_SECRET
|
|
31
|
-
CLIENT_TYPE
|
|
32
|
-
REDIRECT_URIS
|
|
33
|
-
RESPONSE_TYPES
|
|
34
|
-
GRANT_TYPES
|
|
35
|
-
APPLICATION_TYPE
|
|
36
|
-
CONTACTS
|
|
37
|
-
CLIENT_NAME
|
|
38
|
-
CLIENT_NAME_TAG
|
|
39
|
-
CLIENT_NAME_VALUE
|
|
40
|
-
CLIENT_NAMES
|
|
41
|
-
LOGO_URI
|
|
42
|
-
LOGO_URI_TAG
|
|
43
|
-
LOGO_URI_VALUE
|
|
44
|
-
LOGO_URIS
|
|
45
|
-
CLIENT_URI
|
|
46
|
-
CLIENT_URI_TAG
|
|
47
|
-
CLIENT_URI_VALUE
|
|
48
|
-
CLIENT_URIS
|
|
49
|
-
POLICY_URI
|
|
50
|
-
POLICY_URI_TAG
|
|
51
|
-
POLICY_URI_VALUE
|
|
52
|
-
POLICY_URIS
|
|
53
|
-
TOS_URI
|
|
54
|
-
TOS_URI_TAG
|
|
55
|
-
TOS_URI_VALUE
|
|
56
|
-
TOS_URIS
|
|
57
|
-
JWKS_URI
|
|
58
|
-
JWKS
|
|
59
|
-
DERIVED_SECTOR_IDENTIFIER
|
|
60
|
-
SECTOR_IDENTIFIER_URI
|
|
61
|
-
SUBJECT_TYPE
|
|
62
|
-
ID_TOKEN_SIGN_ALG
|
|
63
|
-
ID_TOKEN_ENCRYPTION_ALG
|
|
64
|
-
ID_TOKEN_ENCRYPTION_ENC
|
|
65
|
-
USER_INFO_SIGN_ALG
|
|
66
|
-
USER_INFO_ENCRYPTION_ALG
|
|
67
|
-
USER_INFO_ENCRYPTION_ENC
|
|
68
|
-
REQUEST_SIGN_ALG
|
|
69
|
-
REQUEST_ENCRYPTION_ALG
|
|
70
|
-
REQUEST_ENCRYPTION_ENC
|
|
71
|
-
TOKEN_AUTH_METHOD
|
|
72
|
-
TOKEN_AUTH_SIGN_ALG
|
|
73
|
-
DEFAULT_MAX_AGE
|
|
74
|
-
DEFAULT_ACRS
|
|
75
|
-
AUTH_TIME_REQUIRED
|
|
76
|
-
LOGIN_URI
|
|
77
|
-
REQUEST_URIS
|
|
78
|
-
DESCRIPTION
|
|
79
|
-
DESCRIPTION_TAG
|
|
80
|
-
DESCRIPTION_VALUE
|
|
81
|
-
DESCRIPTIONS
|
|
82
|
-
CREATED_AT
|
|
83
|
-
MODIFIED_AT
|
|
84
|
-
REQUESTABLE_SCOPES
|
|
85
|
-
REQUESTABLE_SCOPES_ENABLED
|
|
86
|
-
ACCESS_TOKEN_DURATION
|
|
87
|
-
REFRESH_TOKEN_DURATION
|
|
88
|
-
EXTENSION
|
|
89
|
-
|
|
90
|
-
|
|
91
|
-
|
|
92
|
-
|
|
93
|
-
|
|
94
|
-
TLS_CLIENT_AUTH_SUBJECT_DN
|
|
95
|
-
TLS_CLIENT_AUTH_SAN_DNS
|
|
96
|
-
TLS_CLIENT_AUTH_SAN_URI
|
|
97
|
-
TLS_CLIENT_AUTH_SAN_IP
|
|
98
|
-
TLS_CLIENT_AUTH_SAN_EMAIL
|
|
99
|
-
TLS_CLIENT_CERTIFICATE_BOUND_ACCESS_TOKENS
|
|
100
|
-
SELF_SIGNED_CERTIFICATE_KEY_ID
|
|
101
|
-
SOFTWARE_ID
|
|
102
|
-
SOFTWARE_VERSION
|
|
103
|
-
AUTHORIZATION_SIGN_ALG
|
|
104
|
-
AUTHORIZATION_ENCRYPTION_ALG
|
|
105
|
-
AUTHORIZATION_ENCRYPTION_ENC
|
|
106
|
-
BC_DELIVERY_MODE
|
|
107
|
-
BC_NOTIFICATION_ENDPOINT
|
|
108
|
-
BC_REQUEST_SIGN_ALG
|
|
109
|
-
BC_USER_CODE_REQUIRED
|
|
110
|
-
DYNAMICALLY_REGISTERED
|
|
111
|
-
REGISTRATION_ACCESS_TOKEN_HASH
|
|
112
|
-
|
|
113
|
-
PAR_REQUIRED
|
|
114
|
-
REQUEST_OBJECT_REQUIRED
|
|
24
|
+
NUMBER = 100
|
|
25
|
+
SERVICE_NUMBER = 1000
|
|
26
|
+
DEVELOPER = '<developer>'
|
|
27
|
+
CLIENT_ID = 12345
|
|
28
|
+
CLIENT_ID_ALIAS = '<client-id-alias>'
|
|
29
|
+
CLIENT_ID_ALIAS_ENABLED = true
|
|
30
|
+
CLIENT_SECRET = '<client-secret>'
|
|
31
|
+
CLIENT_TYPE = 'PUBLIC'
|
|
32
|
+
REDIRECT_URIS = [ '<redirect-uri0>', '<redirect-uri1>' ]
|
|
33
|
+
RESPONSE_TYPES = [ 'NONE', 'CODE', 'TOKEN', 'ID_TOKEN' ]
|
|
34
|
+
GRANT_TYPES = [ 'AUTHORIZATION_CODE', 'REFRESH_TOKEN' ]
|
|
35
|
+
APPLICATION_TYPE = 'WEB'
|
|
36
|
+
CONTACTS = [ '<contact0>', '<contact1>' ]
|
|
37
|
+
CLIENT_NAME = '<client-name>'
|
|
38
|
+
CLIENT_NAME_TAG = '<client-name0-tag>'
|
|
39
|
+
CLIENT_NAME_VALUE = '<client-name0-value>'
|
|
40
|
+
CLIENT_NAMES = [ Authlete::Model::TaggedValue.new(tag: CLIENT_NAME_TAG, value: CLIENT_NAME_VALUE) ]
|
|
41
|
+
LOGO_URI = '<logo-uri>'
|
|
42
|
+
LOGO_URI_TAG = '<logo-uri0-tag>'
|
|
43
|
+
LOGO_URI_VALUE = '<logo-uri0-value>'
|
|
44
|
+
LOGO_URIS = [ Authlete::Model::TaggedValue.new(tag: LOGO_URI_TAG, value: LOGO_URI_VALUE) ]
|
|
45
|
+
CLIENT_URI = '<client-uri>'
|
|
46
|
+
CLIENT_URI_TAG = '<client-uri0-tag>'
|
|
47
|
+
CLIENT_URI_VALUE = '<client-uri0-value>'
|
|
48
|
+
CLIENT_URIS = [ Authlete::Model::TaggedValue.new(tag: CLIENT_URI_TAG, value: CLIENT_URI_VALUE) ]
|
|
49
|
+
POLICY_URI = '<policy-uri>'
|
|
50
|
+
POLICY_URI_TAG = '<policy-uri0-tag>'
|
|
51
|
+
POLICY_URI_VALUE = '<policy-uri0-value>'
|
|
52
|
+
POLICY_URIS = [ Authlete::Model::TaggedValue.new(tag: POLICY_URI_TAG, value: POLICY_URI_VALUE) ]
|
|
53
|
+
TOS_URI = '<tos-uri>'
|
|
54
|
+
TOS_URI_TAG = '<tos-uri0-tag>'
|
|
55
|
+
TOS_URI_VALUE = '<tos-uri0-value>'
|
|
56
|
+
TOS_URIS = [ Authlete::Model::TaggedValue.new(tag: TOS_URI_TAG, value: TOS_URI_VALUE) ]
|
|
57
|
+
JWKS_URI = '<jwks-uri>'
|
|
58
|
+
JWKS = '<jwks>'
|
|
59
|
+
DERIVED_SECTOR_IDENTIFIER = '<derived-sector-identifier>'
|
|
60
|
+
SECTOR_IDENTIFIER_URI = '<sector-identifier-uri>'
|
|
61
|
+
SUBJECT_TYPE = 'PUBLIC'
|
|
62
|
+
ID_TOKEN_SIGN_ALG = 'HS256'
|
|
63
|
+
ID_TOKEN_ENCRYPTION_ALG = 'PBES2_HS256_A128KW'
|
|
64
|
+
ID_TOKEN_ENCRYPTION_ENC = 'A128CBC_HS256'
|
|
65
|
+
USER_INFO_SIGN_ALG = 'HS256'
|
|
66
|
+
USER_INFO_ENCRYPTION_ALG = 'PBES2_HS256_A128KW'
|
|
67
|
+
USER_INFO_ENCRYPTION_ENC = 'A128CBC_HS256'
|
|
68
|
+
REQUEST_SIGN_ALG = 'HS256'
|
|
69
|
+
REQUEST_ENCRYPTION_ALG = 'PBES2_HS256_A128KW'
|
|
70
|
+
REQUEST_ENCRYPTION_ENC = 'A128CBC_HS256'
|
|
71
|
+
TOKEN_AUTH_METHOD = 'CLIENT_SECRET_BASIC'
|
|
72
|
+
TOKEN_AUTH_SIGN_ALG = 'HS256'
|
|
73
|
+
DEFAULT_MAX_AGE = 1000
|
|
74
|
+
DEFAULT_ACRS = [ '<default-acr0>', '<default-acr1>' ]
|
|
75
|
+
AUTH_TIME_REQUIRED = true
|
|
76
|
+
LOGIN_URI = '<login-uri>'
|
|
77
|
+
REQUEST_URIS = [ '<request-uri0>', '<request-uri1>' ]
|
|
78
|
+
DESCRIPTION = '<description>'
|
|
79
|
+
DESCRIPTION_TAG = '<description0-tag>'
|
|
80
|
+
DESCRIPTION_VALUE = '<description0-value>'
|
|
81
|
+
DESCRIPTIONS = [ Authlete::Model::TaggedValue.new(tag: DESCRIPTION_TAG, value: DESCRIPTION_VALUE) ]
|
|
82
|
+
CREATED_AT = 10000
|
|
83
|
+
MODIFIED_AT = 10000
|
|
84
|
+
REQUESTABLE_SCOPES = [ '<requestable-scope0>', '<requestable-scope1>' ]
|
|
85
|
+
REQUESTABLE_SCOPES_ENABLED = true
|
|
86
|
+
ACCESS_TOKEN_DURATION = 10000
|
|
87
|
+
REFRESH_TOKEN_DURATION = 10000
|
|
88
|
+
EXTENSION = Authlete::Model::ClientExtension.new(
|
|
89
|
+
requestableScopes: REQUESTABLE_SCOPES,
|
|
90
|
+
requestableScopesEnabled: REQUESTABLE_SCOPES_ENABLED,
|
|
91
|
+
accessTokenDuration: ACCESS_TOKEN_DURATION,
|
|
92
|
+
refreshTokenDuration: REFRESH_TOKEN_DURATION
|
|
93
|
+
)
|
|
94
|
+
TLS_CLIENT_AUTH_SUBJECT_DN = '<tls-client-auth-subject-dn>'
|
|
95
|
+
TLS_CLIENT_AUTH_SAN_DNS = '<tls-client-auth-san-dns>'
|
|
96
|
+
TLS_CLIENT_AUTH_SAN_URI = '<tls-client-auth-san-uri>'
|
|
97
|
+
TLS_CLIENT_AUTH_SAN_IP = '<tls-client-auth-san-ip>'
|
|
98
|
+
TLS_CLIENT_AUTH_SAN_EMAIL = '<tls-client-auth-san-email>'
|
|
99
|
+
TLS_CLIENT_CERTIFICATE_BOUND_ACCESS_TOKENS = false
|
|
100
|
+
SELF_SIGNED_CERTIFICATE_KEY_ID = '<self-signed-certificate-key-id>'
|
|
101
|
+
SOFTWARE_ID = '<software-id>'
|
|
102
|
+
SOFTWARE_VERSION = '<software-version>'
|
|
103
|
+
AUTHORIZATION_SIGN_ALG = 'HS256'
|
|
104
|
+
AUTHORIZATION_ENCRYPTION_ALG = 'PBES2_HS256_A128KW'
|
|
105
|
+
AUTHORIZATION_ENCRYPTION_ENC = 'A128CBC_HS256'
|
|
106
|
+
BC_DELIVERY_MODE = 'POLL'
|
|
107
|
+
BC_NOTIFICATION_ENDPOINT = '<bc-notification-endpoint>'
|
|
108
|
+
BC_REQUEST_SIGN_ALG = 'HS256'
|
|
109
|
+
BC_USER_CODE_REQUIRED = true
|
|
110
|
+
DYNAMICALLY_REGISTERED = false
|
|
111
|
+
REGISTRATION_ACCESS_TOKEN_HASH = '<registration-access-token-hash>'
|
|
112
|
+
AUTHORIZATION_DETAILS_TYPES = [ '<authorization-details-type0>', '<authorization-details-type1>' ]
|
|
113
|
+
PAR_REQUIRED = false
|
|
114
|
+
REQUEST_OBJECT_REQUIRED = true
|
|
115
|
+
ATTRIBUTE_KEY = '<attribute0-key>'
|
|
116
|
+
ATTRIBUTE_VALUE = '<attribute0-value>'
|
|
117
|
+
ATTRIBUTES = [ Authlete::Model::Pair.new(key: ATTRIBUTE_KEY, value: ATTRIBUTE_VALUE) ]
|
|
118
|
+
CUSTOM_METADATA = '<custom-metadata>'
|
|
119
|
+
FRONT_CHANNEL_REQUEST_OBJECT_ENCRYPTION_REQUIRED = false
|
|
120
|
+
REQUEST_OBJECT_ENCRYPTION_ALG_MATCH_REQUIRED = false
|
|
121
|
+
REQUEST_OBJECT_ENCRYPTION_ENC_MATCH_REQUIRED = false
|
|
115
122
|
|
|
116
123
|
|
|
117
124
|
def generate_json
|
|
118
125
|
return <<~JSON
|
|
119
126
|
{
|
|
120
|
-
"number":
|
|
121
|
-
"serviceNumber":
|
|
122
|
-
"developer":
|
|
123
|
-
"clientId":
|
|
124
|
-
"clientIdAlias":
|
|
125
|
-
"clientIdAliasEnabled":
|
|
126
|
-
"clientSecret":
|
|
127
|
-
"clientType":
|
|
128
|
-
"redirectUris":
|
|
129
|
-
"responseTypes":
|
|
130
|
-
"grantTypes":
|
|
131
|
-
"applicationType":
|
|
132
|
-
"contacts":
|
|
133
|
-
"clientName":
|
|
134
|
-
"clientNames":
|
|
135
|
-
"logoUri":
|
|
136
|
-
"logoUris":
|
|
137
|
-
"clientUri":
|
|
138
|
-
"clientUris":
|
|
139
|
-
"policyUri":
|
|
140
|
-
"policyUris":
|
|
141
|
-
"tosUri":
|
|
142
|
-
"tosUris":
|
|
143
|
-
"jwksUri":
|
|
144
|
-
"jwks":
|
|
145
|
-
"derivedSectorIdentifier":
|
|
146
|
-
"sectorIdentifierUri":
|
|
147
|
-
"subjectType":
|
|
148
|
-
"idTokenSignAlg":
|
|
149
|
-
"idTokenEncryptionAlg":
|
|
150
|
-
"idTokenEncryptionEnc":
|
|
151
|
-
"userInfoSignAlg":
|
|
152
|
-
"userInfoEncryptionAlg":
|
|
153
|
-
"userInfoEncryptionEnc":
|
|
154
|
-
"requestSignAlg":
|
|
155
|
-
"requestEncryptionAlg":
|
|
156
|
-
"requestEncryptionEnc":
|
|
157
|
-
"tokenAuthMethod":
|
|
158
|
-
"tokenAuthSignAlg":
|
|
159
|
-
"defaultMaxAge":
|
|
160
|
-
"defaultAcrs":
|
|
161
|
-
"authTimeRequired":
|
|
162
|
-
"loginUri":
|
|
163
|
-
"requestUris":
|
|
164
|
-
"description":
|
|
165
|
-
"descriptions":
|
|
166
|
-
"createdAt":
|
|
167
|
-
"modifiedAt":
|
|
168
|
-
"extension":
|
|
169
|
-
|
|
170
|
-
|
|
171
|
-
|
|
172
|
-
|
|
173
|
-
|
|
174
|
-
"tlsClientAuthSubjectDn":
|
|
175
|
-
"tlsClientAuthSanDns":
|
|
176
|
-
"tlsClientAuthSanUri":
|
|
177
|
-
"tlsClientAuthSanIp":
|
|
178
|
-
"tlsClientAuthSanEmail":
|
|
179
|
-
"tlsClientCertificateBoundAccessTokens":
|
|
180
|
-
"selfSignedCertificateKeyId":
|
|
181
|
-
"softwareId":
|
|
182
|
-
"softwareVersion":
|
|
183
|
-
"authorizationSignAlg":
|
|
184
|
-
"authorizationEncryptionAlg":
|
|
185
|
-
"authorizationEncryptionEnc":
|
|
186
|
-
"bcDeliveryMode":
|
|
187
|
-
"bcNotificationEndpoint":
|
|
188
|
-
"bcRequestSignAlg":
|
|
189
|
-
"bcUserCodeRequired":
|
|
190
|
-
"dynamicallyRegistered":
|
|
191
|
-
"registrationAccessTokenHash":
|
|
192
|
-
"
|
|
193
|
-
"parRequired":
|
|
194
|
-
"requestObjectRequired":
|
|
127
|
+
"number": 100,
|
|
128
|
+
"serviceNumber": 1000,
|
|
129
|
+
"developer": "<developer>",
|
|
130
|
+
"clientId": 12345,
|
|
131
|
+
"clientIdAlias": "<client-id-alias>",
|
|
132
|
+
"clientIdAliasEnabled": true,
|
|
133
|
+
"clientSecret": "<client-secret>",
|
|
134
|
+
"clientType": "PUBLIC",
|
|
135
|
+
"redirectUris": [ "<redirect-uri0>", "<redirect-uri1>" ],
|
|
136
|
+
"responseTypes": [ "NONE", "CODE", "TOKEN", "ID_TOKEN" ],
|
|
137
|
+
"grantTypes": [ "AUTHORIZATION_CODE", "REFRESH_TOKEN" ],
|
|
138
|
+
"applicationType": "WEB",
|
|
139
|
+
"contacts": [ "<contact0>", "<contact1>" ],
|
|
140
|
+
"clientName": "<client-name>",
|
|
141
|
+
"clientNames": [ { "tag": "<client-name0-tag>", "value": "<client-name0-value>" } ],
|
|
142
|
+
"logoUri": "<logo-uri>",
|
|
143
|
+
"logoUris": [ { "tag": "<logo-uri0-tag>", "value": "<logo-uri0-value>" } ],
|
|
144
|
+
"clientUri": "<client-uri>",
|
|
145
|
+
"clientUris": [ { "tag": "<client-uri0-tag>", "value": "<client-uri0-value>" } ],
|
|
146
|
+
"policyUri": "<policy-uri>",
|
|
147
|
+
"policyUris": [ { "tag": "<policy-uri0-tag>", "value": "<policy-uri0-value>" } ],
|
|
148
|
+
"tosUri": "<tos-uri>",
|
|
149
|
+
"tosUris": [ { "tag": "<tos-uri0-tag>", "value": "<tos-uri0-value>" } ],
|
|
150
|
+
"jwksUri": "<jwks-uri>",
|
|
151
|
+
"jwks": "<jwks>",
|
|
152
|
+
"derivedSectorIdentifier": "<derived-sector-identifier>",
|
|
153
|
+
"sectorIdentifierUri": "<sector-identifier-uri>",
|
|
154
|
+
"subjectType": "PUBLIC",
|
|
155
|
+
"idTokenSignAlg": "HS256",
|
|
156
|
+
"idTokenEncryptionAlg": "PBES2_HS256_A128KW",
|
|
157
|
+
"idTokenEncryptionEnc": "A128CBC_HS256",
|
|
158
|
+
"userInfoSignAlg": "HS256",
|
|
159
|
+
"userInfoEncryptionAlg": "PBES2_HS256_A128KW",
|
|
160
|
+
"userInfoEncryptionEnc": "A128CBC_HS256",
|
|
161
|
+
"requestSignAlg": "HS256",
|
|
162
|
+
"requestEncryptionAlg": "PBES2_HS256_A128KW",
|
|
163
|
+
"requestEncryptionEnc": "A128CBC_HS256",
|
|
164
|
+
"tokenAuthMethod": "CLIENT_SECRET_BASIC",
|
|
165
|
+
"tokenAuthSignAlg": "HS256",
|
|
166
|
+
"defaultMaxAge": 1000,
|
|
167
|
+
"defaultAcrs": [ "<default-acr0>", "<default-acr1>" ],
|
|
168
|
+
"authTimeRequired": true,
|
|
169
|
+
"loginUri": "<login-uri>",
|
|
170
|
+
"requestUris": [ "<request-uri0>", "<request-uri1>" ],
|
|
171
|
+
"description": "<description>",
|
|
172
|
+
"descriptions": [ { "tag": "<description0-tag>", "value": "<description0-value>" } ],
|
|
173
|
+
"createdAt": 10000,
|
|
174
|
+
"modifiedAt": 10000,
|
|
175
|
+
"extension": {
|
|
176
|
+
"requestableScopes": [ "<requestable-scope0>", "<requestable-scope1>" ],
|
|
177
|
+
"requestableScopesEnabled": true,
|
|
178
|
+
"accessTokenDuration": 10000,
|
|
179
|
+
"refreshTokenDuration": 10000
|
|
180
|
+
},
|
|
181
|
+
"tlsClientAuthSubjectDn": "<tls-client-auth-subject-dn>",
|
|
182
|
+
"tlsClientAuthSanDns": "<tls-client-auth-san-dns>",
|
|
183
|
+
"tlsClientAuthSanUri": "<tls-client-auth-san-uri>",
|
|
184
|
+
"tlsClientAuthSanIp": "<tls-client-auth-san-ip>",
|
|
185
|
+
"tlsClientAuthSanEmail": "<tls-client-auth-san-email>",
|
|
186
|
+
"tlsClientCertificateBoundAccessTokens": false,
|
|
187
|
+
"selfSignedCertificateKeyId": "<self-signed-certificate-key-id>",
|
|
188
|
+
"softwareId": "<software-id>",
|
|
189
|
+
"softwareVersion": "<software-version>",
|
|
190
|
+
"authorizationSignAlg": "HS256",
|
|
191
|
+
"authorizationEncryptionAlg": "PBES2_HS256_A128KW",
|
|
192
|
+
"authorizationEncryptionEnc": "A128CBC_HS256",
|
|
193
|
+
"bcDeliveryMode": "POLL",
|
|
194
|
+
"bcNotificationEndpoint": "<bc-notification-endpoint>",
|
|
195
|
+
"bcRequestSignAlg": "HS256",
|
|
196
|
+
"bcUserCodeRequired": true,
|
|
197
|
+
"dynamicallyRegistered": false,
|
|
198
|
+
"registrationAccessTokenHash": "<registration-access-token-hash>",
|
|
199
|
+
"authorizationDetailsTypes": [ "<authorization-details-type0>", "<authorization-details-type1>" ],
|
|
200
|
+
"parRequired": false,
|
|
201
|
+
"requestObjectRequired": true,
|
|
202
|
+
"attributes": [ { "key": "<attribute0-key>", "value": "<attribute0-value>" } ],
|
|
203
|
+
"customMetadata": "<custom-metadata>",
|
|
204
|
+
"frontChannelRequestObjectEncryptionRequired": false,
|
|
205
|
+
"requestObjectEncryptionAlgMatchRequired": false,
|
|
206
|
+
"requestObjectEncryptionEncMatchRequired": false
|
|
195
207
|
}
|
|
196
208
|
JSON
|
|
197
209
|
end
|
|
@@ -199,237 +211,253 @@ class ClientTest < Minitest::Test
|
|
|
199
211
|
|
|
200
212
|
def generate_hash
|
|
201
213
|
{
|
|
202
|
-
number:
|
|
203
|
-
serviceNumber:
|
|
204
|
-
developer:
|
|
205
|
-
clientId:
|
|
206
|
-
clientIdAlias:
|
|
207
|
-
clientIdAliasEnabled:
|
|
208
|
-
clientSecret:
|
|
209
|
-
clientType:
|
|
210
|
-
redirectUris:
|
|
211
|
-
responseTypes:
|
|
212
|
-
grantTypes:
|
|
213
|
-
applicationType:
|
|
214
|
-
contacts:
|
|
215
|
-
clientName:
|
|
216
|
-
clientNames:
|
|
217
|
-
logoUri:
|
|
218
|
-
logoUris:
|
|
219
|
-
clientUri:
|
|
220
|
-
clientUris:
|
|
221
|
-
policyUri:
|
|
222
|
-
policyUris:
|
|
223
|
-
tosUri:
|
|
224
|
-
tosUris:
|
|
225
|
-
jwksUri:
|
|
226
|
-
jwks:
|
|
227
|
-
derivedSectorIdentifier:
|
|
228
|
-
sectorIdentifierUri:
|
|
229
|
-
subjectType:
|
|
230
|
-
idTokenSignAlg:
|
|
231
|
-
idTokenEncryptionAlg:
|
|
232
|
-
idTokenEncryptionEnc:
|
|
233
|
-
userInfoSignAlg:
|
|
234
|
-
userInfoEncryptionAlg:
|
|
235
|
-
userInfoEncryptionEnc:
|
|
236
|
-
requestSignAlg:
|
|
237
|
-
requestEncryptionAlg:
|
|
238
|
-
requestEncryptionEnc:
|
|
239
|
-
tokenAuthMethod:
|
|
240
|
-
tokenAuthSignAlg:
|
|
241
|
-
defaultMaxAge:
|
|
242
|
-
defaultAcrs:
|
|
243
|
-
authTimeRequired:
|
|
244
|
-
loginUri:
|
|
245
|
-
requestUris:
|
|
246
|
-
description:
|
|
247
|
-
descriptions:
|
|
248
|
-
createdAt:
|
|
249
|
-
modifiedAt:
|
|
250
|
-
extension:
|
|
251
|
-
|
|
252
|
-
|
|
253
|
-
|
|
254
|
-
|
|
255
|
-
|
|
256
|
-
tlsClientAuthSubjectDn:
|
|
257
|
-
tlsClientAuthSanDns:
|
|
258
|
-
tlsClientAuthSanUri:
|
|
259
|
-
tlsClientAuthSanIp:
|
|
260
|
-
tlsClientAuthSanEmail:
|
|
261
|
-
tlsClientCertificateBoundAccessTokens:
|
|
262
|
-
selfSignedCertificateKeyId:
|
|
263
|
-
softwareId:
|
|
264
|
-
softwareVersion:
|
|
265
|
-
authorizationSignAlg:
|
|
266
|
-
authorizationEncryptionAlg:
|
|
267
|
-
authorizationEncryptionEnc:
|
|
268
|
-
bcDeliveryMode:
|
|
269
|
-
bcNotificationEndpoint:
|
|
270
|
-
bcRequestSignAlg:
|
|
271
|
-
bcUserCodeRequired:
|
|
272
|
-
dynamicallyRegistered:
|
|
273
|
-
registrationAccessTokenHash:
|
|
274
|
-
|
|
275
|
-
parRequired:
|
|
276
|
-
requestObjectRequired:
|
|
214
|
+
number: 100,
|
|
215
|
+
serviceNumber: 1000,
|
|
216
|
+
developer: '<developer>',
|
|
217
|
+
clientId: 12345,
|
|
218
|
+
clientIdAlias: '<client-id-alias>',
|
|
219
|
+
clientIdAliasEnabled: true,
|
|
220
|
+
clientSecret: '<client-secret>',
|
|
221
|
+
clientType: 'PUBLIC',
|
|
222
|
+
redirectUris: [ '<redirect-uri0>', '<redirect-uri1>' ],
|
|
223
|
+
responseTypes: [ 'NONE', 'CODE', 'TOKEN', 'ID_TOKEN' ],
|
|
224
|
+
grantTypes: [ 'AUTHORIZATION_CODE', 'REFRESH_TOKEN' ],
|
|
225
|
+
applicationType: 'WEB',
|
|
226
|
+
contacts: [ '<contact0>', '<contact1>' ],
|
|
227
|
+
clientName: '<client-name>',
|
|
228
|
+
clientNames: [ { tag: '<client-name0-tag>', value: '<client-name0-value>' } ],
|
|
229
|
+
logoUri: '<logo-uri>',
|
|
230
|
+
logoUris: [ { tag: '<logo-uri0-tag>', value: '<logo-uri0-value>' } ],
|
|
231
|
+
clientUri: '<client-uri>',
|
|
232
|
+
clientUris: [ { tag: '<client-uri0-tag>', value: '<client-uri0-value>' } ],
|
|
233
|
+
policyUri: '<policy-uri>',
|
|
234
|
+
policyUris: [ { tag: '<policy-uri0-tag>', value: '<policy-uri0-value>' } ],
|
|
235
|
+
tosUri: '<tos-uri>',
|
|
236
|
+
tosUris: [ { tag: '<tos-uri0-tag>', value: '<tos-uri0-value>' } ],
|
|
237
|
+
jwksUri: '<jwks-uri>',
|
|
238
|
+
jwks: '<jwks>',
|
|
239
|
+
derivedSectorIdentifier: '<derived-sector-identifier>',
|
|
240
|
+
sectorIdentifierUri: '<sector-identifier-uri>',
|
|
241
|
+
subjectType: 'PUBLIC',
|
|
242
|
+
idTokenSignAlg: 'HS256',
|
|
243
|
+
idTokenEncryptionAlg: 'PBES2_HS256_A128KW',
|
|
244
|
+
idTokenEncryptionEnc: 'A128CBC_HS256',
|
|
245
|
+
userInfoSignAlg: 'HS256',
|
|
246
|
+
userInfoEncryptionAlg: 'PBES2_HS256_A128KW',
|
|
247
|
+
userInfoEncryptionEnc: 'A128CBC_HS256',
|
|
248
|
+
requestSignAlg: 'HS256',
|
|
249
|
+
requestEncryptionAlg: 'PBES2_HS256_A128KW',
|
|
250
|
+
requestEncryptionEnc: 'A128CBC_HS256',
|
|
251
|
+
tokenAuthMethod: 'CLIENT_SECRET_BASIC',
|
|
252
|
+
tokenAuthSignAlg: 'HS256',
|
|
253
|
+
defaultMaxAge: 1000,
|
|
254
|
+
defaultAcrs: [ '<default-acr0>', '<default-acr1>' ],
|
|
255
|
+
authTimeRequired: true,
|
|
256
|
+
loginUri: '<login-uri>',
|
|
257
|
+
requestUris: [ '<request-uri0>', '<request-uri1>' ],
|
|
258
|
+
description: '<description>',
|
|
259
|
+
descriptions: [ { tag: '<description0-tag>', value: '<description0-value>' } ],
|
|
260
|
+
createdAt: 10000,
|
|
261
|
+
modifiedAt: 10000,
|
|
262
|
+
extension: {
|
|
263
|
+
requestableScopes: [ '<requestable-scope0>', '<requestable-scope1>' ],
|
|
264
|
+
requestableScopesEnabled: true,
|
|
265
|
+
accessTokenDuration: 10000,
|
|
266
|
+
refreshTokenDuration: 10000
|
|
267
|
+
},
|
|
268
|
+
tlsClientAuthSubjectDn: '<tls-client-auth-subject-dn>',
|
|
269
|
+
tlsClientAuthSanDns: '<tls-client-auth-san-dns>',
|
|
270
|
+
tlsClientAuthSanUri: '<tls-client-auth-san-uri>',
|
|
271
|
+
tlsClientAuthSanIp: '<tls-client-auth-san-ip>',
|
|
272
|
+
tlsClientAuthSanEmail: '<tls-client-auth-san-email>',
|
|
273
|
+
tlsClientCertificateBoundAccessTokens: false,
|
|
274
|
+
selfSignedCertificateKeyId: '<self-signed-certificate-key-id>',
|
|
275
|
+
softwareId: '<software-id>',
|
|
276
|
+
softwareVersion: '<software-version>',
|
|
277
|
+
authorizationSignAlg: 'HS256',
|
|
278
|
+
authorizationEncryptionAlg: 'PBES2_HS256_A128KW',
|
|
279
|
+
authorizationEncryptionEnc: 'A128CBC_HS256',
|
|
280
|
+
bcDeliveryMode: 'POLL',
|
|
281
|
+
bcNotificationEndpoint: '<bc-notification-endpoint>',
|
|
282
|
+
bcRequestSignAlg: 'HS256',
|
|
283
|
+
bcUserCodeRequired: true,
|
|
284
|
+
dynamicallyRegistered: false,
|
|
285
|
+
registrationAccessTokenHash: '<registration-access-token-hash>',
|
|
286
|
+
authorizationDetailsTypes: [ '<authorization-details-type0>', '<authorization-details-type1>' ],
|
|
287
|
+
parRequired: false,
|
|
288
|
+
requestObjectRequired: true,
|
|
289
|
+
attributes: [ { key: '<attribute0-key>', value: '<attribute0-value>' } ],
|
|
290
|
+
customMetadata: '<custom-metadata>',
|
|
291
|
+
frontChannelRequestObjectEncryptionRequired: false,
|
|
292
|
+
requestObjectEncryptionAlgMatchRequired: false,
|
|
293
|
+
requestObjectEncryptionEncMatchRequired: false
|
|
277
294
|
}
|
|
278
295
|
end
|
|
279
296
|
|
|
280
297
|
|
|
281
298
|
def set_params(obj)
|
|
282
|
-
obj.number
|
|
283
|
-
obj.service_number
|
|
284
|
-
obj.developer
|
|
285
|
-
obj.client_id
|
|
286
|
-
obj.client_id_alias
|
|
287
|
-
obj.client_id_alias_enabled
|
|
288
|
-
obj.client_secret
|
|
289
|
-
obj.client_type
|
|
290
|
-
obj.redirect_uris
|
|
291
|
-
obj.response_types
|
|
292
|
-
obj.grant_types
|
|
293
|
-
obj.application_type
|
|
294
|
-
obj.contacts
|
|
295
|
-
obj.client_name
|
|
296
|
-
obj.client_names
|
|
297
|
-
obj.logo_uri
|
|
298
|
-
obj.logo_uris
|
|
299
|
-
obj.client_uri
|
|
300
|
-
obj.client_uris
|
|
301
|
-
obj.policy_uri
|
|
302
|
-
obj.policy_uris
|
|
303
|
-
obj.tos_uri
|
|
304
|
-
obj.tos_uris
|
|
305
|
-
obj.jwks_uri
|
|
306
|
-
obj.jwks
|
|
307
|
-
obj.derived_sector_identifier
|
|
308
|
-
obj.sector_identifier_uri
|
|
309
|
-
obj.subject_type
|
|
310
|
-
obj.id_token_sign_alg
|
|
311
|
-
obj.id_token_encryption_alg
|
|
312
|
-
obj.id_token_encryption_enc
|
|
313
|
-
obj.user_info_sign_alg
|
|
314
|
-
obj.user_info_encryption_alg
|
|
315
|
-
obj.user_info_encryption_enc
|
|
316
|
-
obj.request_sign_alg
|
|
317
|
-
obj.request_encryption_alg
|
|
318
|
-
obj.request_encryption_enc
|
|
319
|
-
obj.token_auth_method
|
|
320
|
-
obj.token_auth_sign_alg
|
|
321
|
-
obj.default_max_age
|
|
322
|
-
obj.default_acrs
|
|
323
|
-
obj.auth_time_required
|
|
324
|
-
obj.login_uri
|
|
325
|
-
obj.request_uris
|
|
326
|
-
obj.description
|
|
327
|
-
obj.descriptions
|
|
328
|
-
obj.created_at
|
|
329
|
-
obj.modified_at
|
|
330
|
-
obj.extension
|
|
331
|
-
obj.tls_client_auth_subject_dn
|
|
332
|
-
obj.tls_client_auth_san_dns
|
|
333
|
-
obj.tls_client_auth_san_uri
|
|
334
|
-
obj.tls_client_auth_san_ip
|
|
335
|
-
obj.tls_client_auth_san_email
|
|
336
|
-
obj.tls_client_certificate_bound_access_tokens
|
|
337
|
-
obj.self_signed_certificate_key_id
|
|
338
|
-
obj.software_id
|
|
339
|
-
obj.software_version
|
|
340
|
-
obj.authorization_sign_alg
|
|
341
|
-
obj.authorization_encryption_alg
|
|
342
|
-
obj.authorization_encryption_enc
|
|
343
|
-
obj.bc_delivery_mode
|
|
344
|
-
obj.bc_notification_endpoint
|
|
345
|
-
obj.bc_request_sign_alg
|
|
346
|
-
obj.bc_user_code_required
|
|
347
|
-
obj.dynamically_registered
|
|
348
|
-
obj.registration_access_token_hash
|
|
349
|
-
obj.
|
|
350
|
-
obj.par_required
|
|
351
|
-
obj.request_object_required
|
|
299
|
+
obj.number = NUMBER
|
|
300
|
+
obj.service_number = SERVICE_NUMBER
|
|
301
|
+
obj.developer = DEVELOPER
|
|
302
|
+
obj.client_id = CLIENT_ID
|
|
303
|
+
obj.client_id_alias = CLIENT_ID_ALIAS
|
|
304
|
+
obj.client_id_alias_enabled = CLIENT_ID_ALIAS_ENABLED
|
|
305
|
+
obj.client_secret = CLIENT_SECRET
|
|
306
|
+
obj.client_type = CLIENT_TYPE
|
|
307
|
+
obj.redirect_uris = REDIRECT_URIS
|
|
308
|
+
obj.response_types = RESPONSE_TYPES
|
|
309
|
+
obj.grant_types = GRANT_TYPES
|
|
310
|
+
obj.application_type = APPLICATION_TYPE
|
|
311
|
+
obj.contacts = CONTACTS
|
|
312
|
+
obj.client_name = CLIENT_NAME
|
|
313
|
+
obj.client_names = CLIENT_NAMES
|
|
314
|
+
obj.logo_uri = LOGO_URI
|
|
315
|
+
obj.logo_uris = LOGO_URIS
|
|
316
|
+
obj.client_uri = CLIENT_URI
|
|
317
|
+
obj.client_uris = CLIENT_URIS
|
|
318
|
+
obj.policy_uri = POLICY_URI
|
|
319
|
+
obj.policy_uris = POLICY_URIS
|
|
320
|
+
obj.tos_uri = TOS_URI
|
|
321
|
+
obj.tos_uris = TOS_URIS
|
|
322
|
+
obj.jwks_uri = JWKS_URI
|
|
323
|
+
obj.jwks = JWKS
|
|
324
|
+
obj.derived_sector_identifier = DERIVED_SECTOR_IDENTIFIER
|
|
325
|
+
obj.sector_identifier_uri = SECTOR_IDENTIFIER_URI
|
|
326
|
+
obj.subject_type = SUBJECT_TYPE
|
|
327
|
+
obj.id_token_sign_alg = ID_TOKEN_SIGN_ALG
|
|
328
|
+
obj.id_token_encryption_alg = ID_TOKEN_ENCRYPTION_ALG
|
|
329
|
+
obj.id_token_encryption_enc = ID_TOKEN_ENCRYPTION_ENC
|
|
330
|
+
obj.user_info_sign_alg = USER_INFO_SIGN_ALG
|
|
331
|
+
obj.user_info_encryption_alg = USER_INFO_ENCRYPTION_ALG
|
|
332
|
+
obj.user_info_encryption_enc = USER_INFO_ENCRYPTION_ENC
|
|
333
|
+
obj.request_sign_alg = REQUEST_SIGN_ALG
|
|
334
|
+
obj.request_encryption_alg = REQUEST_ENCRYPTION_ALG
|
|
335
|
+
obj.request_encryption_enc = REQUEST_ENCRYPTION_ENC
|
|
336
|
+
obj.token_auth_method = TOKEN_AUTH_METHOD
|
|
337
|
+
obj.token_auth_sign_alg = TOKEN_AUTH_SIGN_ALG
|
|
338
|
+
obj.default_max_age = DEFAULT_MAX_AGE
|
|
339
|
+
obj.default_acrs = DEFAULT_ACRS
|
|
340
|
+
obj.auth_time_required = AUTH_TIME_REQUIRED
|
|
341
|
+
obj.login_uri = LOGIN_URI
|
|
342
|
+
obj.request_uris = REQUEST_URIS
|
|
343
|
+
obj.description = DESCRIPTION
|
|
344
|
+
obj.descriptions = DESCRIPTIONS
|
|
345
|
+
obj.created_at = CREATED_AT
|
|
346
|
+
obj.modified_at = MODIFIED_AT
|
|
347
|
+
obj.extension = EXTENSION
|
|
348
|
+
obj.tls_client_auth_subject_dn = TLS_CLIENT_AUTH_SUBJECT_DN
|
|
349
|
+
obj.tls_client_auth_san_dns = TLS_CLIENT_AUTH_SAN_DNS
|
|
350
|
+
obj.tls_client_auth_san_uri = TLS_CLIENT_AUTH_SAN_URI
|
|
351
|
+
obj.tls_client_auth_san_ip = TLS_CLIENT_AUTH_SAN_IP
|
|
352
|
+
obj.tls_client_auth_san_email = TLS_CLIENT_AUTH_SAN_EMAIL
|
|
353
|
+
obj.tls_client_certificate_bound_access_tokens = TLS_CLIENT_CERTIFICATE_BOUND_ACCESS_TOKENS
|
|
354
|
+
obj.self_signed_certificate_key_id = SELF_SIGNED_CERTIFICATE_KEY_ID
|
|
355
|
+
obj.software_id = SOFTWARE_ID
|
|
356
|
+
obj.software_version = SOFTWARE_VERSION
|
|
357
|
+
obj.authorization_sign_alg = AUTHORIZATION_SIGN_ALG
|
|
358
|
+
obj.authorization_encryption_alg = AUTHORIZATION_ENCRYPTION_ALG
|
|
359
|
+
obj.authorization_encryption_enc = AUTHORIZATION_ENCRYPTION_ENC
|
|
360
|
+
obj.bc_delivery_mode = BC_DELIVERY_MODE
|
|
361
|
+
obj.bc_notification_endpoint = BC_NOTIFICATION_ENDPOINT
|
|
362
|
+
obj.bc_request_sign_alg = BC_REQUEST_SIGN_ALG
|
|
363
|
+
obj.bc_user_code_required = BC_USER_CODE_REQUIRED
|
|
364
|
+
obj.dynamically_registered = DYNAMICALLY_REGISTERED
|
|
365
|
+
obj.registration_access_token_hash = REGISTRATION_ACCESS_TOKEN_HASH
|
|
366
|
+
obj.authorization_details_types = AUTHORIZATION_DETAILS_TYPES
|
|
367
|
+
obj.par_required = PAR_REQUIRED
|
|
368
|
+
obj.request_object_required = REQUEST_OBJECT_REQUIRED
|
|
369
|
+
obj.attributes = ATTRIBUTES
|
|
370
|
+
obj.custom_metadata = CUSTOM_METADATA
|
|
371
|
+
obj.frontChannelRequestObjectEncryptionRequired = FRONT_CHANNEL_REQUEST_OBJECT_ENCRYPTION_REQUIRED
|
|
372
|
+
obj.requestObjectEncryptionAlgMatchRequired = REQUEST_OBJECT_ENCRYPTION_ALG_MATCH_REQUIRED
|
|
373
|
+
obj.requestObjectEncryptionEncMatchRequired = REQUEST_OBJECT_ENCRYPTION_ENC_MATCH_REQUIRED
|
|
352
374
|
end
|
|
353
375
|
|
|
354
376
|
|
|
355
377
|
def match(obj)
|
|
356
|
-
assert_equal NUMBER,
|
|
357
|
-
assert_equal SERVICE_NUMBER,
|
|
358
|
-
assert_equal DEVELOPER,
|
|
359
|
-
assert_equal CLIENT_ID,
|
|
360
|
-
assert_equal CLIENT_ID_ALIAS,
|
|
361
|
-
assert_equal CLIENT_ID_ALIAS_ENABLED,
|
|
362
|
-
assert_equal CLIENT_SECRET,
|
|
363
|
-
assert_equal CLIENT_TYPE,
|
|
364
|
-
assert_equal REDIRECT_URIS,
|
|
365
|
-
assert_equal RESPONSE_TYPES,
|
|
366
|
-
assert_equal GRANT_TYPES,
|
|
367
|
-
assert_equal APPLICATION_TYPE,
|
|
368
|
-
assert_equal CONTACTS,
|
|
369
|
-
assert_equal CLIENT_NAME,
|
|
370
|
-
assert_equal CLIENT_NAME_TAG,
|
|
371
|
-
assert_equal CLIENT_NAME_VALUE,
|
|
372
|
-
assert_equal LOGO_URI,
|
|
373
|
-
assert_equal LOGO_URI_TAG,
|
|
374
|
-
assert_equal LOGO_URI_VALUE,
|
|
375
|
-
assert_equal CLIENT_URI,
|
|
376
|
-
assert_equal CLIENT_URI_TAG,
|
|
377
|
-
assert_equal CLIENT_URI_VALUE,
|
|
378
|
-
assert_equal POLICY_URI,
|
|
379
|
-
assert_equal POLICY_URI_TAG,
|
|
380
|
-
assert_equal POLICY_URI_VALUE,
|
|
381
|
-
assert_equal TOS_URI,
|
|
382
|
-
assert_equal TOS_URI_TAG,
|
|
383
|
-
assert_equal TOS_URI_VALUE,
|
|
384
|
-
assert_equal JWKS_URI,
|
|
385
|
-
assert_equal JWKS,
|
|
386
|
-
assert_equal DERIVED_SECTOR_IDENTIFIER,
|
|
387
|
-
assert_equal SECTOR_IDENTIFIER_URI,
|
|
388
|
-
assert_equal SUBJECT_TYPE,
|
|
389
|
-
assert_equal ID_TOKEN_SIGN_ALG,
|
|
390
|
-
assert_equal ID_TOKEN_ENCRYPTION_ALG,
|
|
391
|
-
assert_equal ID_TOKEN_ENCRYPTION_ENC,
|
|
392
|
-
assert_equal USER_INFO_SIGN_ALG,
|
|
393
|
-
assert_equal USER_INFO_ENCRYPTION_ALG,
|
|
394
|
-
assert_equal USER_INFO_ENCRYPTION_ENC,
|
|
395
|
-
assert_equal REQUEST_SIGN_ALG,
|
|
396
|
-
assert_equal REQUEST_ENCRYPTION_ALG,
|
|
397
|
-
assert_equal REQUEST_ENCRYPTION_ENC,
|
|
398
|
-
assert_equal TOKEN_AUTH_METHOD,
|
|
399
|
-
assert_equal TOKEN_AUTH_SIGN_ALG,
|
|
400
|
-
assert_equal DEFAULT_MAX_AGE,
|
|
401
|
-
assert_equal DEFAULT_ACRS,
|
|
402
|
-
assert_equal AUTH_TIME_REQUIRED,
|
|
403
|
-
assert_equal LOGIN_URI,
|
|
404
|
-
assert_equal REQUEST_URIS,
|
|
405
|
-
assert_equal DESCRIPTION,
|
|
406
|
-
assert_equal DESCRIPTION_TAG,
|
|
407
|
-
assert_equal DESCRIPTION_VALUE,
|
|
408
|
-
assert_equal CREATED_AT,
|
|
409
|
-
assert_equal MODIFIED_AT,
|
|
410
|
-
assert_equal REQUESTABLE_SCOPES,
|
|
411
|
-
assert_equal REQUESTABLE_SCOPES_ENABLED,
|
|
412
|
-
assert_equal ACCESS_TOKEN_DURATION,
|
|
413
|
-
assert_equal REFRESH_TOKEN_DURATION,
|
|
414
|
-
assert_equal TLS_CLIENT_AUTH_SUBJECT_DN,
|
|
415
|
-
assert_equal TLS_CLIENT_AUTH_SAN_DNS,
|
|
416
|
-
assert_equal TLS_CLIENT_AUTH_SAN_URI,
|
|
417
|
-
assert_equal TLS_CLIENT_AUTH_SAN_IP,
|
|
418
|
-
assert_equal TLS_CLIENT_AUTH_SAN_EMAIL,
|
|
419
|
-
assert_equal TLS_CLIENT_CERTIFICATE_BOUND_ACCESS_TOKENS,
|
|
420
|
-
assert_equal SELF_SIGNED_CERTIFICATE_KEY_ID,
|
|
421
|
-
assert_equal AUTHORIZATION_SIGN_ALG,
|
|
422
|
-
assert_equal AUTHORIZATION_ENCRYPTION_ALG,
|
|
423
|
-
assert_equal AUTHORIZATION_ENCRYPTION_ENC,
|
|
424
|
-
assert_equal BC_DELIVERY_MODE,
|
|
425
|
-
assert_equal BC_NOTIFICATION_ENDPOINT,
|
|
426
|
-
assert_equal BC_REQUEST_SIGN_ALG,
|
|
427
|
-
assert_equal BC_USER_CODE_REQUIRED,
|
|
428
|
-
assert_equal DYNAMICALLY_REGISTERED,
|
|
429
|
-
assert_equal REGISTRATION_ACCESS_TOKEN_HASH,
|
|
430
|
-
assert_equal
|
|
431
|
-
assert_equal PAR_REQUIRED,
|
|
432
|
-
assert_equal REQUEST_OBJECT_REQUIRED,
|
|
378
|
+
assert_equal NUMBER, obj.number
|
|
379
|
+
assert_equal SERVICE_NUMBER, obj.serviceNumber
|
|
380
|
+
assert_equal DEVELOPER, obj.developer
|
|
381
|
+
assert_equal CLIENT_ID, obj.clientId
|
|
382
|
+
assert_equal CLIENT_ID_ALIAS, obj.clientIdAlias
|
|
383
|
+
assert_equal CLIENT_ID_ALIAS_ENABLED, obj.clientIdAliasEnabled
|
|
384
|
+
assert_equal CLIENT_SECRET, obj.clientSecret
|
|
385
|
+
assert_equal CLIENT_TYPE, obj.clientType
|
|
386
|
+
assert_equal REDIRECT_URIS, obj.redirectUris
|
|
387
|
+
assert_equal RESPONSE_TYPES, obj.responseTypes
|
|
388
|
+
assert_equal GRANT_TYPES, obj.grantTypes
|
|
389
|
+
assert_equal APPLICATION_TYPE, obj.applicationType
|
|
390
|
+
assert_equal CONTACTS, obj.contacts
|
|
391
|
+
assert_equal CLIENT_NAME, obj.clientName
|
|
392
|
+
assert_equal CLIENT_NAME_TAG, obj.clientNames[0].tag
|
|
393
|
+
assert_equal CLIENT_NAME_VALUE, obj.clientNames[0].value
|
|
394
|
+
assert_equal LOGO_URI, obj.logoUri
|
|
395
|
+
assert_equal LOGO_URI_TAG, obj.logoUris[0].tag
|
|
396
|
+
assert_equal LOGO_URI_VALUE, obj.logoUris[0].value
|
|
397
|
+
assert_equal CLIENT_URI, obj.clientUri
|
|
398
|
+
assert_equal CLIENT_URI_TAG, obj.clientUris[0].tag
|
|
399
|
+
assert_equal CLIENT_URI_VALUE, obj.clientUris[0].value
|
|
400
|
+
assert_equal POLICY_URI, obj.policyUri
|
|
401
|
+
assert_equal POLICY_URI_TAG, obj.policyUris[0].tag
|
|
402
|
+
assert_equal POLICY_URI_VALUE, obj.policyUris[0].value
|
|
403
|
+
assert_equal TOS_URI, obj.tosUri
|
|
404
|
+
assert_equal TOS_URI_TAG, obj.tosUris[0].tag
|
|
405
|
+
assert_equal TOS_URI_VALUE, obj.tosUris[0].value
|
|
406
|
+
assert_equal JWKS_URI, obj.jwksUri
|
|
407
|
+
assert_equal JWKS, obj.jwks
|
|
408
|
+
assert_equal DERIVED_SECTOR_IDENTIFIER, obj.derivedSectorIdentifier
|
|
409
|
+
assert_equal SECTOR_IDENTIFIER_URI, obj.sectorIdentifierUri
|
|
410
|
+
assert_equal SUBJECT_TYPE, obj.subjectType
|
|
411
|
+
assert_equal ID_TOKEN_SIGN_ALG, obj.idTokenSignAlg
|
|
412
|
+
assert_equal ID_TOKEN_ENCRYPTION_ALG, obj.idTokenEncryptionAlg
|
|
413
|
+
assert_equal ID_TOKEN_ENCRYPTION_ENC, obj.idTokenEncryptionEnc
|
|
414
|
+
assert_equal USER_INFO_SIGN_ALG, obj.userInfoSignAlg
|
|
415
|
+
assert_equal USER_INFO_ENCRYPTION_ALG, obj.userInfoEncryptionAlg
|
|
416
|
+
assert_equal USER_INFO_ENCRYPTION_ENC, obj.userInfoEncryptionEnc
|
|
417
|
+
assert_equal REQUEST_SIGN_ALG, obj.requestSignAlg
|
|
418
|
+
assert_equal REQUEST_ENCRYPTION_ALG, obj.requestEncryptionAlg
|
|
419
|
+
assert_equal REQUEST_ENCRYPTION_ENC, obj.requestEncryptionEnc
|
|
420
|
+
assert_equal TOKEN_AUTH_METHOD, obj.tokenAuthMethod
|
|
421
|
+
assert_equal TOKEN_AUTH_SIGN_ALG, obj.tokenAuthSignAlg
|
|
422
|
+
assert_equal DEFAULT_MAX_AGE, obj.defaultMaxAge
|
|
423
|
+
assert_equal DEFAULT_ACRS, obj.defaultAcrs
|
|
424
|
+
assert_equal AUTH_TIME_REQUIRED, obj.authTimeRequired
|
|
425
|
+
assert_equal LOGIN_URI, obj.loginUri
|
|
426
|
+
assert_equal REQUEST_URIS, obj.requestUris
|
|
427
|
+
assert_equal DESCRIPTION, obj.description
|
|
428
|
+
assert_equal DESCRIPTION_TAG, obj.descriptions[0].tag
|
|
429
|
+
assert_equal DESCRIPTION_VALUE, obj.descriptions[0].value
|
|
430
|
+
assert_equal CREATED_AT, obj.createdAt
|
|
431
|
+
assert_equal MODIFIED_AT, obj.modifiedAt
|
|
432
|
+
assert_equal REQUESTABLE_SCOPES, obj.extension.requestableScopes
|
|
433
|
+
assert_equal REQUESTABLE_SCOPES_ENABLED, obj.extension.requestableScopesEnabled
|
|
434
|
+
assert_equal ACCESS_TOKEN_DURATION, obj.extension.accessTokenDuration
|
|
435
|
+
assert_equal REFRESH_TOKEN_DURATION, obj.extension.refreshTokenDuration
|
|
436
|
+
assert_equal TLS_CLIENT_AUTH_SUBJECT_DN, obj.tlsClientAuthSubjectDn
|
|
437
|
+
assert_equal TLS_CLIENT_AUTH_SAN_DNS, obj.tlsClientAuthSanDns
|
|
438
|
+
assert_equal TLS_CLIENT_AUTH_SAN_URI, obj.tlsClientAuthSanUri
|
|
439
|
+
assert_equal TLS_CLIENT_AUTH_SAN_IP, obj.tlsClientAuthSanIp
|
|
440
|
+
assert_equal TLS_CLIENT_AUTH_SAN_EMAIL, obj.tlsClientAuthSanEmail
|
|
441
|
+
assert_equal TLS_CLIENT_CERTIFICATE_BOUND_ACCESS_TOKENS, obj.tlsClientCertificateBoundAccessTokens
|
|
442
|
+
assert_equal SELF_SIGNED_CERTIFICATE_KEY_ID, obj.selfSignedCertificateKeyId
|
|
443
|
+
assert_equal AUTHORIZATION_SIGN_ALG, obj.authorizationSignAlg
|
|
444
|
+
assert_equal AUTHORIZATION_ENCRYPTION_ALG, obj.authorizationEncryptionAlg
|
|
445
|
+
assert_equal AUTHORIZATION_ENCRYPTION_ENC, obj.authorizationEncryptionEnc
|
|
446
|
+
assert_equal BC_DELIVERY_MODE, obj.bcDeliveryMode
|
|
447
|
+
assert_equal BC_NOTIFICATION_ENDPOINT, obj.bcNotificationEndpoint
|
|
448
|
+
assert_equal BC_REQUEST_SIGN_ALG, obj.bcRequestSignAlg
|
|
449
|
+
assert_equal BC_USER_CODE_REQUIRED, obj.bcUserCodeRequired
|
|
450
|
+
assert_equal DYNAMICALLY_REGISTERED, obj.dynamicallyRegistered
|
|
451
|
+
assert_equal REGISTRATION_ACCESS_TOKEN_HASH, obj.registrationAccessTokenHash
|
|
452
|
+
assert_equal AUTHORIZATION_DETAILS_TYPES, obj.authorizationDetailsTypes
|
|
453
|
+
assert_equal PAR_REQUIRED, obj.parRequired
|
|
454
|
+
assert_equal REQUEST_OBJECT_REQUIRED, obj.requestObjectRequired
|
|
455
|
+
assert_equal ATTRIBUTE_KEY, obj.attributes[0].key
|
|
456
|
+
assert_equal ATTRIBUTE_VALUE, obj.attributes[0].value
|
|
457
|
+
assert_equal CUSTOM_METADATA, obj.customMetadata
|
|
458
|
+
assert_equal FRONT_CHANNEL_REQUEST_OBJECT_ENCRYPTION_REQUIRED, obj.frontChannelRequestObjectEncryptionRequired
|
|
459
|
+
assert_equal REQUEST_OBJECT_ENCRYPTION_ALG_MATCH_REQUIRED, obj.requestObjectEncryptionAlgMatchRequired
|
|
460
|
+
assert_equal REQUEST_OBJECT_ENCRYPTION_ENC_MATCH_REQUIRED, obj.requestObjectEncryptionEncMatchRequired
|
|
433
461
|
end
|
|
434
462
|
|
|
435
463
|
|