Examples with JwtGenerator com.sap.cloud.security.xsuaa.test.JwtGenerator used on opensource projects

Search in sources :

Example 1 with JwtGenerator

use of com.sap.cloud.security.xsuaa.test.JwtGenerator in project cloud-security-xsuaa-integration by SAP.

the class TokenAuthenticationConverterTest method extractAuthoritiesIgnoresForeignScopes.

@Test
public void extractAuthoritiesIgnoresForeignScopes() {
    Jwt jwt = new JwtGenerator().addScopes(scopeAdmin, scopeOther, scopeRead).getToken();
    AbstractAuthenticationToken authenticationToken = tokenConverterLocalScopesOnly.convert(jwt);
    assertThat(authenticationToken.getAuthorities().size(), is(2));
    assertThat(authenticationToken.getAuthorities(), not(hasItem(new SimpleGrantedAuthority("Other"))));
}
Also used : JwtGenerator(com.sap.cloud.security.xsuaa.test.JwtGenerator) AbstractAuthenticationToken(org.springframework.security.authentication.AbstractAuthenticationToken) SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority) Jwt(org.springframework.security.oauth2.jwt.Jwt) Test(org.junit.Test)

Example 2 with JwtGenerator

use of com.sap.cloud.security.xsuaa.test.JwtGenerator in project cloud-security-xsuaa-integration by SAP.

the class TokenAuthenticationConverterTest method authoritiesHaveLocalScopesWithoutAppIdPrefix.

@Test
public void authoritiesHaveLocalScopesWithoutAppIdPrefix() {
    String scopeWithNamespace = xsAppName + ".iot.Delete";
    String scopeWithOtherAppId = "anyAppId!t200." + xsAppName + ".Delete";
    Jwt jwt = new JwtGenerator().addScopes(xsAppName + "." + scopeAdmin, scopeRead, scopeWithNamespace, scopeWithOtherAppId).getToken();
    AbstractAuthenticationToken authenticationToken = tokenConverterLocalScopesOnly.convert(jwt);
    assertThat(authenticationToken.getAuthorities().size(), is(3));
    assertThat(authenticationToken.getAuthorities(), hasItem(new SimpleGrantedAuthority(scopeAdmin)));
    assertThat(authenticationToken.getAuthorities(), hasItem(new SimpleGrantedAuthority("iot.Delete")));
    assertThat(authenticationToken.getAuthorities(), hasItem(new SimpleGrantedAuthority("Read")));
}
Also used : JwtGenerator(com.sap.cloud.security.xsuaa.test.JwtGenerator) AbstractAuthenticationToken(org.springframework.security.authentication.AbstractAuthenticationToken) SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority) Jwt(org.springframework.security.oauth2.jwt.Jwt) Test(org.junit.Test)

Example 3 with JwtGenerator

use of com.sap.cloud.security.xsuaa.test.JwtGenerator in project cloud-security-xsuaa-integration by SAP.

the class TokenAuthenticationConverterTest method extractAuthoritiesWithScopes.

@Test
public void extractAuthoritiesWithScopes() {
    Jwt jwt = new JwtGenerator().addScopes(scopeAdmin, scopeRead, scopeOther).getToken();
    AbstractAuthenticationToken authenticationToken = tokenConverterDefault.convert(jwt);
    assertThat(authenticationToken.getAuthorities().size(), is(3));
    assertThat(authenticationToken.getAuthorities(), hasItem(new SimpleGrantedAuthority(scopeRead)));
    assertThat(authenticationToken.getAuthorities(), hasItem(new SimpleGrantedAuthority(scopeAdmin)));
    assertThat(authenticationToken.getAuthorities(), hasItem(new SimpleGrantedAuthority(scopeOther)));
}
Also used : JwtGenerator(com.sap.cloud.security.xsuaa.test.JwtGenerator) AbstractAuthenticationToken(org.springframework.security.authentication.AbstractAuthenticationToken) SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority) Jwt(org.springframework.security.oauth2.jwt.Jwt) Test(org.junit.Test)

Example 4 with JwtGenerator

use of com.sap.cloud.security.xsuaa.test.JwtGenerator in project cloud-security-xsuaa-integration by SAP.

the class XsuaaAudienceValidatorTest method setup.

@Before
public void setup() throws IOException {
    serviceConfigurationSameClientId = new DummyXsuaaServiceConfiguration("sb-test1!t1", "test1!t1");
    serviceConfigurationOtherGrantedClientId = new DummyXsuaaServiceConfiguration("sb-test2!t1", "test2!t1");
    serviceConfigurationUnGrantedClientId = new DummyXsuaaServiceConfiguration("sb-test3!t1", "test3!t1");
    serviceConfigurationBrokerPlan = new DummyXsuaaServiceConfiguration("sb-test3!b1", "test3!b1");
    tokenWithAudience = new JwtGenerator().createFromTemplate("/audience_1.txt");
    tokenWithoutAudience = new JwtGenerator().createFromTemplate("/audience_2.txt");
    cloneTokenWithAudience = new JwtGenerator().createFromTemplate("/audience_3.txt");
    claimsBuilder = new JWTClaimsSet.Builder().issueTime(new Date()).expirationTime(JwtGenerator.NO_EXPIRE_DATE);
    claimsBuilder.claim(TokenClaims.CLAIM_CLIENT_ID, "sb-test1!t1");
}
Also used : JwtGenerator(com.sap.cloud.security.xsuaa.test.JwtGenerator) JWTClaimsSet(com.nimbusds.jwt.JWTClaimsSet) Date(java.util.Date) DummyXsuaaServiceConfiguration(com.sap.cloud.security.xsuaa.DummyXsuaaServiceConfiguration) Before(org.junit.Before)

Example 5 with JwtGenerator

use of com.sap.cloud.security.xsuaa.test.JwtGenerator in project cloud-security-xsuaa-integration by SAP.

the class TestControllerTest method unauthorizedRequest.

@Test
public void unauthorizedRequest() {
    JwtGenerator jwtGenerator = new JwtGenerator("WrongClientId");
    webClient.method(HttpMethod.GET).uri("/v1/sayHello").contentType(MediaType.APPLICATION_JSON_UTF8).header(HttpHeaders.AUTHORIZATION, jwtGenerator.getTokenForAuthorizationHeader()).exchange().expectStatus().isUnauthorized();
}
Also used : JwtGenerator(com.sap.cloud.security.xsuaa.test.JwtGenerator) Test(org.junit.Test) SpringBootTest(org.springframework.boot.test.context.SpringBootTest)

Aggregations

JwtGenerator (com.sap.cloud.security.xsuaa.test.JwtGenerator)18 Test (org.junit.Test)16 SpringBootTest (org.springframework.boot.test.context.SpringBootTest)8 Jwt (org.springframework.security.oauth2.jwt.Jwt)8 SimpleGrantedAuthority (org.springframework.security.core.authority.SimpleGrantedAuthority)6 AbstractAuthenticationToken (org.springframework.security.authentication.AbstractAuthenticationToken)5 LocalAuthoritiesExtractor (com.sap.cloud.security.xsuaa.extractor.LocalAuthoritiesExtractor)2 Date (java.util.Date)2 Before (org.junit.Before)2 JWTClaimsSet (com.nimbusds.jwt.JWTClaimsSet)1 DummyXsuaaServiceConfiguration (com.sap.cloud.security.xsuaa.DummyXsuaaServiceConfiguration)1 DefaultAuthoritiesExtractor (com.sap.cloud.security.xsuaa.extractor.DefaultAuthoritiesExtractor)1 Token (com.sap.cloud.security.xsuaa.token.Token)1 Instant (java.time.Instant)1 Collection (java.util.Collection)1 HashMap (java.util.HashMap)1 Map (java.util.Map)1 CoreMatchers.containsString (org.hamcrest.CoreMatchers.containsString)1 Ignore (org.junit.Ignore)1 TestingAuthenticationToken (org.springframework.security.authentication.TestingAuthenticationToken)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial