Search in sources :

Example 56 with MethodInvocation

use of org.aopalliance.intercept.MethodInvocation in project spring-security-oauth by spring-projects.

the class OAuth2MethodSecurityExpressionHandlerTests method testScopesInsufficient.

@Test(expected = AccessDeniedException.class)
public void testScopesInsufficient() throws Exception {
    AuthorizationRequest request = new AuthorizationRequest("foo", Collections.singleton("read"));
    request.setResourceIdsAndAuthoritiesFromClientDetails(new BaseClientDetails("foo", "bar", "", "client_credentials", "ROLE_CLIENT"));
    OAuth2Request clientAuthentication = request.createOAuth2Request();
    Authentication userAuthentication = new UsernamePasswordAuthenticationToken("user", "pass", AuthorityUtils.createAuthorityList("ROLE_USER"));
    OAuth2Authentication oAuth2Authentication = new OAuth2Authentication(clientAuthentication, userAuthentication);
    MethodInvocation invocation = new SimpleMethodInvocation(this, ReflectionUtils.findMethod(getClass(), "testOauthClient"));
    EvaluationContext context = handler.createEvaluationContext(oAuth2Authentication, invocation);
    Expression expression = handler.getExpressionParser().parseExpression("#oauth2.hasAnyScope('write')");
    expression.getValue(context);
}
Also used : BaseClientDetails(org.springframework.security.oauth2.provider.client.BaseClientDetails) OAuth2Request(org.springframework.security.oauth2.provider.OAuth2Request) AuthorizationRequest(org.springframework.security.oauth2.provider.AuthorizationRequest) SimpleMethodInvocation(org.springframework.security.util.SimpleMethodInvocation) Expression(org.springframework.expression.Expression) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) Authentication(org.springframework.security.core.Authentication) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken) SimpleMethodInvocation(org.springframework.security.util.SimpleMethodInvocation) MethodInvocation(org.aopalliance.intercept.MethodInvocation) EvaluationContext(org.springframework.expression.EvaluationContext) Test(org.junit.Test)

Example 57 with MethodInvocation

use of org.aopalliance.intercept.MethodInvocation in project spring-security-oauth by spring-projects.

the class OAuth2MethodSecurityExpressionHandlerTests method testStandardSecurityRoot.

@Test
public void testStandardSecurityRoot() throws Exception {
    Authentication clientAuthentication = new UsernamePasswordAuthenticationToken("foo", "bar", null);
    assertTrue(clientAuthentication.isAuthenticated());
    MethodInvocation invocation = new SimpleMethodInvocation(this, ReflectionUtils.findMethod(getClass(), "testStandardSecurityRoot"));
    EvaluationContext context = handler.createEvaluationContext(clientAuthentication, invocation);
    Expression expression = handler.getExpressionParser().parseExpression("isAuthenticated()");
    assertTrue((Boolean) expression.getValue(context));
}
Also used : SimpleMethodInvocation(org.springframework.security.util.SimpleMethodInvocation) Expression(org.springframework.expression.Expression) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) Authentication(org.springframework.security.core.Authentication) UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken) SimpleMethodInvocation(org.springframework.security.util.SimpleMethodInvocation) MethodInvocation(org.aopalliance.intercept.MethodInvocation) EvaluationContext(org.springframework.expression.EvaluationContext) Test(org.junit.Test)

Example 58 with MethodInvocation

use of org.aopalliance.intercept.MethodInvocation in project spring-security-oauth by spring-projects.

the class OAuth2MethodSecurityExpressionHandlerTests method testReEvaluationWithDifferentRoot.

@Test
public void testReEvaluationWithDifferentRoot() throws Exception {
    Expression expression = handler.getExpressionParser().parseExpression("#oauth2.isClient()");
    MethodInvocation invocation = new SimpleMethodInvocation(this, ReflectionUtils.findMethod(getClass(), "testNonOauthClient"));
    Authentication clientAuthentication = new UsernamePasswordAuthenticationToken("foo", "bar");
    EvaluationContext context = handler.createEvaluationContext(clientAuthentication, invocation);
    assertFalse((Boolean) expression.getValue(context));
    OAuth2Request storedOAuth2Request = RequestTokenFactory.createOAuth2Request("foo", true, Collections.singleton("read"));
    OAuth2Authentication oAuth2Authentication = new OAuth2Authentication(storedOAuth2Request, null);
    EvaluationContext anotherContext = handler.createEvaluationContext(oAuth2Authentication, invocation);
    assertTrue((Boolean) expression.getValue(anotherContext));
}
Also used : OAuth2Request(org.springframework.security.oauth2.provider.OAuth2Request) Expression(org.springframework.expression.Expression) SimpleMethodInvocation(org.springframework.security.util.SimpleMethodInvocation) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) Authentication(org.springframework.security.core.Authentication) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) SimpleMethodInvocation(org.springframework.security.util.SimpleMethodInvocation) MethodInvocation(org.aopalliance.intercept.MethodInvocation) UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken) EvaluationContext(org.springframework.expression.EvaluationContext) Test(org.junit.Test)

Example 59 with MethodInvocation

use of org.aopalliance.intercept.MethodInvocation in project spring-framework by spring-projects.

the class ThrowsAdviceInterceptorTests method testNotInvoked.

@Test
public void testNotInvoked() throws Throwable {
    MyThrowsHandler th = new MyThrowsHandler();
    ThrowsAdviceInterceptor ti = new ThrowsAdviceInterceptor(th);
    Object ret = new Object();
    MethodInvocation mi = mock(MethodInvocation.class);
    given(mi.proceed()).willReturn(ret);
    assertEquals(ret, ti.invoke(mi));
    assertEquals(0, th.getCalls());
}
Also used : MethodInvocation(org.aopalliance.intercept.MethodInvocation) Test(org.junit.Test)

Example 60 with MethodInvocation

use of org.aopalliance.intercept.MethodInvocation in project spring-framework by spring-projects.

the class ThrowsAdviceInterceptorTests method testCorrectHandlerUsed.

@Test
public void testCorrectHandlerUsed() throws Throwable {
    MyThrowsHandler th = new MyThrowsHandler();
    ThrowsAdviceInterceptor ti = new ThrowsAdviceInterceptor(th);
    FileNotFoundException ex = new FileNotFoundException();
    MethodInvocation mi = mock(MethodInvocation.class);
    given(mi.getMethod()).willReturn(Object.class.getMethod("hashCode"));
    given(mi.getThis()).willReturn(new Object());
    given(mi.proceed()).willThrow(ex);
    try {
        ti.invoke(mi);
        fail();
    } catch (Exception caught) {
        assertEquals(ex, caught);
    }
    assertEquals(1, th.getCalls());
    assertEquals(1, th.getCalls("ioException"));
}
Also used : FileNotFoundException(java.io.FileNotFoundException) MethodInvocation(org.aopalliance.intercept.MethodInvocation) IOException(java.io.IOException) FileNotFoundException(java.io.FileNotFoundException) ConnectException(java.rmi.ConnectException) RemoteException(java.rmi.RemoteException) Test(org.junit.Test)

Aggregations

MethodInvocation (org.aopalliance.intercept.MethodInvocation)84 Test (org.junit.Test)59 SimpleMethodInvocation (org.springframework.security.util.SimpleMethodInvocation)22 MethodInterceptor (org.aopalliance.intercept.MethodInterceptor)15 ITestBean (org.springframework.tests.sample.beans.ITestBean)13 Method (java.lang.reflect.Method)11 Log (org.apache.commons.logging.Log)9 EvaluationContext (org.springframework.expression.EvaluationContext)9 Expression (org.springframework.expression.Expression)9 PreInvocationExpressionAttribute (org.springframework.security.access.expression.method.PreInvocationExpressionAttribute)9 Authentication (org.springframework.security.core.Authentication)9 OAuth2Authentication (org.springframework.security.oauth2.provider.OAuth2Authentication)9 TestBean (org.springframework.tests.sample.beans.TestBean)9 IOException (java.io.IOException)8 OAuth2Request (org.springframework.security.oauth2.provider.OAuth2Request)7 FileNotFoundException (java.io.FileNotFoundException)6 UsernamePasswordAuthenticationToken (org.springframework.security.authentication.UsernamePasswordAuthenticationToken)5 AccessibleObject (java.lang.reflect.AccessibleObject)4 ConnectException (java.rmi.ConnectException)4 RemoteException (java.rmi.RemoteException)4