Example 11 with Jwt
use of org.springframework.security.oauth2.jwt.Jwt in project spring-security by spring-projects.
the class OAuth2LoginBeanDefinitionParserTests method requestWhenOidcAuthenticationResponseValidThenJwtDecoderFactoryCalled.
@Test
public void requestWhenOidcAuthenticationResponseValidThenJwtDecoderFactoryCalled() throws Exception {
this.spring.configLocations(this.xml("SingleClientRegistration-WithJwtDecoderFactoryAndDefaultSuccessHandler")).autowire();
Map<String, Object> attributes = new HashMap<>();
attributes.put(OAuth2ParameterNames.REGISTRATION_ID, "google-login");
OAuth2AuthorizationRequest authorizationRequest = TestOAuth2AuthorizationRequests.oidcRequest().attributes(attributes).build();
given(this.authorizationRequestRepository.removeAuthorizationRequest(any(), any())).willReturn(authorizationRequest);
OAuth2AccessTokenResponse accessTokenResponse = TestOAuth2AccessTokenResponses.oidcAccessTokenResponse().build();
given(this.accessTokenResponseClient.getTokenResponse(any())).willReturn(accessTokenResponse);
Jwt jwt = TestJwts.user();
given(this.jwtDecoderFactory.createDecoder(any())).willReturn((token) -> jwt);
MultiValueMap<String, String> params = new LinkedMultiValueMap<>();
params.add("code", "code123");
params.add("state", authorizationRequest.getState());
// @formatter:off
this.mvc.perform(get("/login/oauth2/code/google-login").params(params)).andExpect(status().is3xxRedirection()).andExpect(redirectedUrl("/"));
// @formatter:on
verify(this.jwtDecoderFactory).createDecoder(any());
verify(this.requestCache).getRequest(any(), any());
}
Also used :
OAuth2AccessTokenResponse(org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse)
HashMap(java.util.HashMap)
LinkedMultiValueMap(org.springframework.util.LinkedMultiValueMap)
Jwt(org.springframework.security.oauth2.jwt.Jwt)
OAuth2AuthorizationRequest(org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest)
Test(org.junit.jupiter.api.Test)
Example 12 with Jwt
use of org.springframework.security.oauth2.jwt.Jwt in project spring-security by spring-projects.
the class JwtIssuerReactiveAuthenticationManagerResolverTests method resolveWhenBearerTokenMalformedThenException.
@Test
public void resolveWhenBearerTokenMalformedThenException() {
JwtIssuerReactiveAuthenticationManagerResolver authenticationManagerResolver = new JwtIssuerReactiveAuthenticationManagerResolver("trusted");
Authentication token = withBearerToken("jwt");
// @formatter:off
assertThatExceptionOfType(OAuth2AuthenticationException.class).isThrownBy(() -> authenticationManagerResolver.resolve(null).flatMap((manager) -> manager.authenticate(token)).block()).withMessageNotContaining("Invalid issuer");
// @formatter:on
}
Also used :
Assertions.assertThat(org.assertj.core.api.Assertions.assertThat)
JWTClaimsSet(com.nimbusds.jwt.JWTClaimsSet)
HashMap(java.util.HashMap)
JWSObject(com.nimbusds.jose.JWSObject)
BDDMockito.any(org.mockito.BDDMockito.any)
PlainJWT(com.nimbusds.jwt.PlainJWT)
BDDMockito.verify(org.mockito.BDDMockito.verify)
BDDMockito.given(org.mockito.BDDMockito.given)
Map(java.util.Map)
MockWebServer(okhttp3.mockwebserver.MockWebServer)
Assertions.assertThatExceptionOfType(org.assertj.core.api.Assertions.assertThatExceptionOfType)
ReactiveAuthenticationManager(org.springframework.security.authentication.ReactiveAuthenticationManager)
ReactiveAuthenticationManagerResolver(org.springframework.security.authentication.ReactiveAuthenticationManagerResolver)
TrustedIssuerJwtAuthenticationManagerResolver(org.springframework.security.oauth2.server.resource.authentication.JwtIssuerReactiveAuthenticationManagerResolver.TrustedIssuerJwtAuthenticationManagerResolver)
TestKeys(org.springframework.security.oauth2.jose.TestKeys)
Collection(java.util.Collection)
OAuth2AuthenticationException(org.springframework.security.oauth2.core.OAuth2AuthenticationException)
JWSAlgorithm(com.nimbusds.jose.JWSAlgorithm)
Mono(reactor.core.publisher.Mono)
JWSHeader(com.nimbusds.jose.JWSHeader)
JwtClaimNames(org.springframework.security.oauth2.jwt.JwtClaimNames)
Test(org.junit.jupiter.api.Test)
Payload(com.nimbusds.jose.Payload)
RSASSASigner(com.nimbusds.jose.crypto.RSASSASigner)
JSONObject(net.minidev.json.JSONObject)
Assertions.assertThatIllegalArgumentException(org.assertj.core.api.Assertions.assertThatIllegalArgumentException)
BearerTokenAuthenticationToken(org.springframework.security.oauth2.server.resource.BearerTokenAuthenticationToken)
BDDMockito.mock(org.mockito.BDDMockito.mock)
MockResponse(okhttp3.mockwebserver.MockResponse)
Authentication(org.springframework.security.core.Authentication)
Collections(java.util.Collections)
Authentication(org.springframework.security.core.Authentication)
Test(org.junit.jupiter.api.Test)
Example 13 with Jwt
use of org.springframework.security.oauth2.jwt.Jwt in project spring-security by spring-projects.
the class DelegatingJwtGrantedAuthoritiesConverterTests method convertWhenMultipleConvertersThenDuplicatesRemoved.
@Test
public void convertWhenMultipleConvertersThenDuplicatesRemoved() {
Converter<Jwt, Collection<GrantedAuthority>> one = (jwt) -> AuthorityUtils.createAuthorityList("one", "two");
Converter<Jwt, Collection<GrantedAuthority>> two = (jwt) -> AuthorityUtils.createAuthorityList("one", "three");
DelegatingJwtGrantedAuthoritiesConverter composite = new DelegatingJwtGrantedAuthoritiesConverter(one, two);
Jwt jwt = TestJwts.jwt().build();
Collection<GrantedAuthority> authorities = composite.convert(jwt);
assertThat(authorityListToOrderedSet(authorities)).containsExactly("one", "two", "three");
}
Also used :
Test(org.junit.jupiter.api.Test)
Converter(org.springframework.core.convert.converter.Converter)
Collection(java.util.Collection)
Assertions.assertThat(org.assertj.core.api.Assertions.assertThat)
Assertions.assertThatExceptionOfType(org.assertj.core.api.Assertions.assertThatExceptionOfType)
TestJwts(org.springframework.security.oauth2.jwt.TestJwts)
Jwt(org.springframework.security.oauth2.jwt.Jwt)
AuthorityUtils(org.springframework.security.core.authority.AuthorityUtils)
LinkedHashSet(java.util.LinkedHashSet)
GrantedAuthority(org.springframework.security.core.GrantedAuthority)
Jwt(org.springframework.security.oauth2.jwt.Jwt)
GrantedAuthority(org.springframework.security.core.GrantedAuthority)
Collection(java.util.Collection)
Test(org.junit.jupiter.api.Test)
Example 14 with Jwt
use of org.springframework.security.oauth2.jwt.Jwt in project spring-security by spring-projects.
the class JwtAuthenticationProviderTests method authenticateWhenConverterReturnsAuthenticationThenProviderPropagatesIt.
@Test
public void authenticateWhenConverterReturnsAuthenticationThenProviderPropagatesIt() {
BearerTokenAuthenticationToken token = this.authentication();
Object details = mock(Object.class);
token.setDetails(details);
Jwt jwt = TestJwts.jwt().build();
JwtAuthenticationToken authentication = new JwtAuthenticationToken(jwt);
given(this.jwtDecoder.decode(token.getToken())).willReturn(jwt);
given(this.jwtAuthenticationConverter.convert(jwt)).willReturn(authentication);
// @formatter:off
assertThat(this.provider.authenticate(token)).isEqualTo(authentication).hasFieldOrPropertyWithValue("details", details);
// @formatter:on
}
Also used :
Jwt(org.springframework.security.oauth2.jwt.Jwt)
BearerTokenAuthenticationToken(org.springframework.security.oauth2.server.resource.BearerTokenAuthenticationToken)
Test(org.junit.jupiter.api.Test)
Example 15 with Jwt
use of org.springframework.security.oauth2.jwt.Jwt in project spring-security by spring-projects.
the class JwtAuthenticationProviderTests method authenticateWhenJwtDecodesThenAuthenticationHasAttributesContainedInJwt.
@Test
public void authenticateWhenJwtDecodesThenAuthenticationHasAttributesContainedInJwt() {
BearerTokenAuthenticationToken token = this.authentication();
Jwt jwt = TestJwts.jwt().claim("name", "value").build();
given(this.jwtDecoder.decode("token")).willReturn(jwt);
given(this.jwtAuthenticationConverter.convert(jwt)).willReturn(new JwtAuthenticationToken(jwt));
JwtAuthenticationToken authentication = (JwtAuthenticationToken) this.provider.authenticate(token);
assertThat(authentication.getTokenAttributes()).containsEntry("name", "value");
}
Also used :
Jwt(org.springframework.security.oauth2.jwt.Jwt)
BearerTokenAuthenticationToken(org.springframework.security.oauth2.server.resource.BearerTokenAuthenticationToken)
Test(org.junit.jupiter.api.Test)
Aggregations
Test (org.junit.jupiter.api.Test)139
Jwt (org.springframework.security.oauth2.jwt.Jwt)83
GrantedAuthority (org.springframework.security.core.GrantedAuthority)47
Assertions.assertThat (org.assertj.core.api.Assertions.assertThat)37
SimpleGrantedAuthority (org.springframework.security.core.authority.SimpleGrantedAuthority)36
ClientRegistration (org.springframework.security.oauth2.client.registration.ClientRegistration)36
OAuth2AccessTokenResponse (org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse)30
Assertions.assertThatIllegalArgumentException (org.assertj.core.api.Assertions.assertThatIllegalArgumentException)29
BeforeEach (org.junit.jupiter.api.BeforeEach)29
Assertions.assertThatExceptionOfType (org.assertj.core.api.Assertions.assertThatExceptionOfType)27
TestClientRegistrations (org.springframework.security.oauth2.client.registration.TestClientRegistrations)24
Instant (java.time.Instant)23
HttpHeaders (org.springframework.http.HttpHeaders)22
OAuth2AccessToken (org.springframework.security.oauth2.core.OAuth2AccessToken)22
JwtDecoder (org.springframework.security.oauth2.jwt.JwtDecoder)22
Collections (java.util.Collections)21
MediaType (org.springframework.http.MediaType)21
NimbusJwtDecoder (org.springframework.security.oauth2.jwt.NimbusJwtDecoder)21
MockWebServer (okhttp3.mockwebserver.MockWebServer)20
OAuth2Error (org.springframework.security.oauth2.core.OAuth2Error)20
