Examples with Jwt - org.springframework.security.oauth2.jwt.Jwt

Example 26 with Jwt

use of org.springframework.security.oauth2.jwt.Jwt in project spring-security by spring-projects.

the class JwtAuthenticationTokenTests method getNameWhenJwtHasSubjectThenReturnsSubject.

@Test
public void getNameWhenJwtHasSubjectThenReturnsSubject() {
    Jwt jwt = builder().subject("Carl").build();
    JwtAuthenticationToken token = new JwtAuthenticationToken(jwt);
    assertThat(token.getName()).isEqualTo("Carl");
}

Also used : Jwt(org.springframework.security.oauth2.jwt.Jwt) Test(org.junit.jupiter.api.Test)

Example 27 with Jwt

use of org.springframework.security.oauth2.jwt.Jwt in project spring-security by spring-projects.

the class JwtAuthenticationTokenTests method getNameWhenJwtHasNoSubjectThenReturnsNull.

@Test
public void getNameWhenJwtHasNoSubjectThenReturnsNull() {
    Jwt jwt = builder().claim("claim", "value").build();
    JwtAuthenticationToken token = new JwtAuthenticationToken(jwt);
    assertThat(token.getName()).isNull();
}

Also used : Jwt(org.springframework.security.oauth2.jwt.Jwt) Test(org.junit.jupiter.api.Test)

Example 28 with Jwt

use of org.springframework.security.oauth2.jwt.Jwt in project spring-security by spring-projects.

the class JwtGrantedAuthoritiesConverterTests method convertWhenTokenHasUnsupportedTypeForScopeThenTranslatesToNoAuthorities.

@Test
public void convertWhenTokenHasUnsupportedTypeForScopeThenTranslatesToNoAuthorities() {
    // @formatter:off
    Jwt jwt = TestJwts.jwt().claim("scope", new String[] { "message:read", "message:write" }).build();
    // @formatter:on
    JwtGrantedAuthoritiesConverter jwtGrantedAuthoritiesConverter = new JwtGrantedAuthoritiesConverter();
    Collection<GrantedAuthority> authorities = jwtGrantedAuthoritiesConverter.convert(jwt);
    assertThat(authorities).isEmpty();
}

Also used : Jwt(org.springframework.security.oauth2.jwt.Jwt) SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority) GrantedAuthority(org.springframework.security.core.GrantedAuthority) Test(org.junit.jupiter.api.Test)

Example 29 with Jwt

use of org.springframework.security.oauth2.jwt.Jwt in project spring-security by spring-projects.

the class JwtGrantedAuthoritiesConverterTests method convertWhenTokenHasEmptyCustomClaimNameThenCustomClaimNameAttributeIsTranslatedToNoAuthorities.

@Test
public void convertWhenTokenHasEmptyCustomClaimNameThenCustomClaimNameAttributeIsTranslatedToNoAuthorities() {
    // @formatter:off
    Jwt jwt = TestJwts.jwt().claim("roles", Collections.emptyList()).claim("scope", "missive:read missive:write").build();
    // @formatter:on
    JwtGrantedAuthoritiesConverter jwtGrantedAuthoritiesConverter = new JwtGrantedAuthoritiesConverter();
    jwtGrantedAuthoritiesConverter.setAuthoritiesClaimName("roles");
    Collection<GrantedAuthority> authorities = jwtGrantedAuthoritiesConverter.convert(jwt);
    assertThat(authorities).isEmpty();
}

Example 30 with Jwt

use of org.springframework.security.oauth2.jwt.Jwt in project spring-security by spring-projects.

the class JwtGrantedAuthoritiesConverterTests method convertWhenTokenHasEmptyScopeAndEmptyScpAttributeThenTranslatesToNoAuthorities.

@Test
public void convertWhenTokenHasEmptyScopeAndEmptyScpAttributeThenTranslatesToNoAuthorities() {
    // @formatter:off
    Jwt jwt = TestJwts.jwt().claim("scp", Collections.emptyList()).claim("scope", Collections.emptyList()).build();
    // @formatter:on
    JwtGrantedAuthoritiesConverter jwtGrantedAuthoritiesConverter = new JwtGrantedAuthoritiesConverter();
    Collection<GrantedAuthority> authorities = jwtGrantedAuthoritiesConverter.convert(jwt);
    assertThat(authorities).isEmpty();
}

Aggregations

Test (org.junit.jupiter.api.Test)139 Jwt (org.springframework.security.oauth2.jwt.Jwt)83 GrantedAuthority (org.springframework.security.core.GrantedAuthority)47 Assertions.assertThat (org.assertj.core.api.Assertions.assertThat)37 SimpleGrantedAuthority (org.springframework.security.core.authority.SimpleGrantedAuthority)36 ClientRegistration (org.springframework.security.oauth2.client.registration.ClientRegistration)36 OAuth2AccessTokenResponse (org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse)30 Assertions.assertThatIllegalArgumentException (org.assertj.core.api.Assertions.assertThatIllegalArgumentException)29 BeforeEach (org.junit.jupiter.api.BeforeEach)29 Assertions.assertThatExceptionOfType (org.assertj.core.api.Assertions.assertThatExceptionOfType)27 TestClientRegistrations (org.springframework.security.oauth2.client.registration.TestClientRegistrations)24 Instant (java.time.Instant)23 HttpHeaders (org.springframework.http.HttpHeaders)22 OAuth2AccessToken (org.springframework.security.oauth2.core.OAuth2AccessToken)22 JwtDecoder (org.springframework.security.oauth2.jwt.JwtDecoder)22 Collections (java.util.Collections)21 MediaType (org.springframework.http.MediaType)21 NimbusJwtDecoder (org.springframework.security.oauth2.jwt.NimbusJwtDecoder)21 MockWebServer (okhttp3.mockwebserver.MockWebServer)20 OAuth2Error (org.springframework.security.oauth2.core.OAuth2Error)20