Example 1 with Token
use of com.sap.cloud.security.xsuaa.token.Token in project cloud-security-xsuaa-integration by SAP.
the class InitializeSpringSecurityContextTest method initializeSecurityContext_succeeds.
@Test
public void initializeSecurityContext_succeeds() {
String jwt = new JwtGenerator(clientId, "subdomain").addScopes("openid", appId + ".Display", "otherXSAPP.Display").deriveAudiences(true).getToken().getTokenValue();
assertThat(SecurityContextHolder.getContext().getAuthentication(), is(nullValue()));
SpringSecurityContext.init(jwt, jwtDecoder, new LocalAuthoritiesExtractor(appId));
// test authentication - isAuthenticated()
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
assertThat(authentication, is(notNullValue()));
assertThat(authentication.isAuthenticated(), is(true));
// test authorities
Collection<GrantedAuthority> authorities = (Collection<GrantedAuthority>) authentication.getAuthorities();
Assert.assertThat(authorities.size(), is(1));
Assert.assertThat(authorities, hasItem(new SimpleGrantedAuthority("Display")));
Assert.assertThat(authorities, not(hasItem(new SimpleGrantedAuthority("Other"))));
// test principal (Token)
Token token = (Token) SecurityContextHolder.getContext().getAuthentication().getPrincipal();
assertThat(token.getAuthorities(), is(authorities));
assertThat(token.getClientId(), is(clientId));
}
Also used :
JwtGenerator(com.sap.cloud.security.xsuaa.test.JwtGenerator)
SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority)
LocalAuthoritiesExtractor(com.sap.cloud.security.xsuaa.extractor.LocalAuthoritiesExtractor)
Authentication(org.springframework.security.core.Authentication)
SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority)
GrantedAuthority(org.springframework.security.core.GrantedAuthority)
Collection(java.util.Collection)
Token(com.sap.cloud.security.xsuaa.token.Token)
Test(org.junit.Test)
SpringBootTest(org.springframework.boot.test.context.SpringBootTest)
Aggregations
LocalAuthoritiesExtractor (com.sap.cloud.security.xsuaa.extractor.LocalAuthoritiesExtractor)1
JwtGenerator (com.sap.cloud.security.xsuaa.test.JwtGenerator)1
Token (com.sap.cloud.security.xsuaa.token.Token)1
Collection (java.util.Collection)1
Test (org.junit.Test)1
SpringBootTest (org.springframework.boot.test.context.SpringBootTest)1
Authentication (org.springframework.security.core.Authentication)1
GrantedAuthority (org.springframework.security.core.GrantedAuthority)1
SimpleGrantedAuthority (org.springframework.security.core.authority.SimpleGrantedAuthority)1
