Search in sources :

Example 6 with CustomOAuth2Authentication

use of org.company.oauth2.CustomOAuth2Authentication in project spring-security-oauth by spring-projects.

the class JdbcAuthorizationCodeServicesTests method testCustomImplementationWithCustomStrategy.

@Test
public void testCustomImplementationWithCustomStrategy() {
    OAuth2Request storedOAuth2Request = RequestTokenFactory.createOAuth2Request("id", false);
    OAuth2Authentication expectedAuthentication = new CustomOAuth2Authentication(storedOAuth2Request, new CustomAuthentication("test3", false));
    AuthorizationCodeServices jdbcAuthorizationCodeServices = getAuthorizationCodeServices();
    List<String> allowedClasses = new ArrayList<String>();
    allowedClasses.add("java.util.");
    allowedClasses.add("org.springframework.security.");
    allowedClasses.add("org.company.oauth2.CustomOAuth2AccessToken");
    allowedClasses.add("org.company.oauth2.CustomOAuth2Authentication");
    allowedClasses.add("org.company.oauth2.CustomAuthentication");
    WhitelistedSerializationStrategy newStrategy = new WhitelistedSerializationStrategy(allowedClasses);
    SerializationStrategy oldStrategy = SerializationUtils.getSerializationStrategy();
    try {
        SerializationUtils.setSerializationStrategy(newStrategy);
        String code = jdbcAuthorizationCodeServices.createAuthorizationCode(expectedAuthentication);
        assertNotNull(code);
        OAuth2Authentication actualAuthentication = getAuthorizationCodeServices().consumeAuthorizationCode(code);
        assertEquals(expectedAuthentication, actualAuthentication);
    } finally {
        SerializationUtils.setSerializationStrategy(oldStrategy);
    }
}
Also used : OAuth2Request(org.springframework.security.oauth2.provider.OAuth2Request) CustomOAuth2Authentication(org.company.oauth2.CustomOAuth2Authentication) CustomOAuth2Authentication(org.company.oauth2.CustomOAuth2Authentication) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) WhitelistedSerializationStrategy(org.springframework.security.oauth2.common.util.WhitelistedSerializationStrategy) ArrayList(java.util.ArrayList) SerializationStrategy(org.springframework.security.oauth2.common.util.SerializationStrategy) WhitelistedSerializationStrategy(org.springframework.security.oauth2.common.util.WhitelistedSerializationStrategy) CustomAuthentication(org.company.oauth2.CustomAuthentication) Test(org.junit.Test)

Example 7 with CustomOAuth2Authentication

use of org.company.oauth2.CustomOAuth2Authentication in project spring-security-oauth by spring-projects.

the class JdbcAuthorizationCodeServicesTests method testNotAllowedCustomImplementation.

@Test(expected = IllegalArgumentException.class)
public void testNotAllowedCustomImplementation() {
    OAuth2Request storedOAuth2Request = RequestTokenFactory.createOAuth2Request("id", false);
    OAuth2Authentication expectedAuthentication = new CustomOAuth2Authentication(storedOAuth2Request, new CustomAuthentication("test2", false));
    WhitelistedSerializationStrategy newStrategy = new WhitelistedSerializationStrategy();
    SerializationStrategy oldStrategy = SerializationUtils.getSerializationStrategy();
    try {
        SerializationUtils.setSerializationStrategy(newStrategy);
        String code = getAuthorizationCodeServices().createAuthorizationCode(expectedAuthentication);
        assertNotNull(code);
        getAuthorizationCodeServices().consumeAuthorizationCode(code);
    } finally {
        SerializationUtils.setSerializationStrategy(oldStrategy);
    }
}
Also used : OAuth2Request(org.springframework.security.oauth2.provider.OAuth2Request) CustomOAuth2Authentication(org.company.oauth2.CustomOAuth2Authentication) CustomOAuth2Authentication(org.company.oauth2.CustomOAuth2Authentication) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) WhitelistedSerializationStrategy(org.springframework.security.oauth2.common.util.WhitelistedSerializationStrategy) SerializationStrategy(org.springframework.security.oauth2.common.util.SerializationStrategy) WhitelistedSerializationStrategy(org.springframework.security.oauth2.common.util.WhitelistedSerializationStrategy) CustomAuthentication(org.company.oauth2.CustomAuthentication) Test(org.junit.Test)

Example 8 with CustomOAuth2Authentication

use of org.company.oauth2.CustomOAuth2Authentication in project spring-security-oauth by spring-projects.

the class CustomSerializationStrategyTests method loadCustomSerializationStrategy.

@Test
public void loadCustomSerializationStrategy() {
    spy(SpringFactoriesLoader.class);
    when(SpringFactoriesLoader.loadFactories(SerializationStrategy.class, SerializationUtils.class.getClassLoader())).thenReturn(Arrays.<SerializationStrategy>asList(new CustomSerializationStrategy()));
    deserialize(new DefaultOAuth2AccessToken("access-token-" + UUID.randomUUID()));
    deserialize(new OAuth2Authentication(new OAuth2Request(Collections.<String, String>emptyMap(), "clientId", Collections.<GrantedAuthority>emptyList(), false, Collections.<String>emptySet(), new HashSet<String>(Arrays.asList("resourceId-1", "resourceId-2")), "redirectUri", Collections.<String>emptySet(), Collections.<String, Serializable>emptyMap()), new UsernamePasswordAuthenticationToken("test", "N/A")));
    deserialize(new DefaultExpiringOAuth2RefreshToken("access-token-" + UUID.randomUUID(), new Date()));
    deserialize("xyz");
    deserialize(new HashMap<String, String>());
    deserialize(new CustomOAuth2AccessToken("xyz"));
    deserialize(new CustomOAuth2Authentication(RequestTokenFactory.createOAuth2Request("id", false), new CustomAuthentication("test", false)));
}
Also used : CustomOAuth2Authentication(org.company.oauth2.CustomOAuth2Authentication) CustomOAuth2AccessToken(org.company.oauth2.CustomOAuth2AccessToken) UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken) DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken) OAuth2Request(org.springframework.security.oauth2.provider.OAuth2Request) CustomOAuth2Authentication(org.company.oauth2.CustomOAuth2Authentication) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) DefaultExpiringOAuth2RefreshToken(org.springframework.security.oauth2.common.DefaultExpiringOAuth2RefreshToken) CustomAuthentication(org.company.oauth2.CustomAuthentication) Test(org.junit.Test) PrepareForTest(org.powermock.core.classloader.annotations.PrepareForTest)

Aggregations

CustomOAuth2Authentication (org.company.oauth2.CustomOAuth2Authentication)8 Test (org.junit.Test)8 OAuth2Authentication (org.springframework.security.oauth2.provider.OAuth2Authentication)8 CustomAuthentication (org.company.oauth2.CustomAuthentication)5 CustomOAuth2AccessToken (org.company.oauth2.CustomOAuth2AccessToken)5 SerializationStrategy (org.springframework.security.oauth2.common.util.SerializationStrategy)5 WhitelistedSerializationStrategy (org.springframework.security.oauth2.common.util.WhitelistedSerializationStrategy)5 OAuth2Request (org.springframework.security.oauth2.provider.OAuth2Request)5 DefaultOAuth2AccessToken (org.springframework.security.oauth2.common.DefaultOAuth2AccessToken)4 OAuth2AccessToken (org.springframework.security.oauth2.common.OAuth2AccessToken)4 ArrayList (java.util.ArrayList)2 DefaultSerializationStrategy (org.springframework.security.oauth2.common.util.DefaultSerializationStrategy)2 PrepareForTest (org.powermock.core.classloader.annotations.PrepareForTest)1 TestingAuthenticationToken (org.springframework.security.authentication.TestingAuthenticationToken)1 UsernamePasswordAuthenticationToken (org.springframework.security.authentication.UsernamePasswordAuthenticationToken)1 DefaultExpiringOAuth2RefreshToken (org.springframework.security.oauth2.common.DefaultExpiringOAuth2RefreshToken)1