use of org.company.oauth2.CustomOAuth2Authentication in project spring-security-oauth by spring-projects.
the class JdbcAuthorizationCodeServicesTests method testCustomImplementationWithCustomStrategy.
@Test
public void testCustomImplementationWithCustomStrategy() {
OAuth2Request storedOAuth2Request = RequestTokenFactory.createOAuth2Request("id", false);
OAuth2Authentication expectedAuthentication = new CustomOAuth2Authentication(storedOAuth2Request, new CustomAuthentication("test3", false));
AuthorizationCodeServices jdbcAuthorizationCodeServices = getAuthorizationCodeServices();
List<String> allowedClasses = new ArrayList<String>();
allowedClasses.add("java.util.");
allowedClasses.add("org.springframework.security.");
allowedClasses.add("org.company.oauth2.CustomOAuth2AccessToken");
allowedClasses.add("org.company.oauth2.CustomOAuth2Authentication");
allowedClasses.add("org.company.oauth2.CustomAuthentication");
WhitelistedSerializationStrategy newStrategy = new WhitelistedSerializationStrategy(allowedClasses);
SerializationStrategy oldStrategy = SerializationUtils.getSerializationStrategy();
try {
SerializationUtils.setSerializationStrategy(newStrategy);
String code = jdbcAuthorizationCodeServices.createAuthorizationCode(expectedAuthentication);
assertNotNull(code);
OAuth2Authentication actualAuthentication = getAuthorizationCodeServices().consumeAuthorizationCode(code);
assertEquals(expectedAuthentication, actualAuthentication);
} finally {
SerializationUtils.setSerializationStrategy(oldStrategy);
}
}
use of org.company.oauth2.CustomOAuth2Authentication in project spring-security-oauth by spring-projects.
the class JdbcAuthorizationCodeServicesTests method testNotAllowedCustomImplementation.
@Test(expected = IllegalArgumentException.class)
public void testNotAllowedCustomImplementation() {
OAuth2Request storedOAuth2Request = RequestTokenFactory.createOAuth2Request("id", false);
OAuth2Authentication expectedAuthentication = new CustomOAuth2Authentication(storedOAuth2Request, new CustomAuthentication("test2", false));
WhitelistedSerializationStrategy newStrategy = new WhitelistedSerializationStrategy();
SerializationStrategy oldStrategy = SerializationUtils.getSerializationStrategy();
try {
SerializationUtils.setSerializationStrategy(newStrategy);
String code = getAuthorizationCodeServices().createAuthorizationCode(expectedAuthentication);
assertNotNull(code);
getAuthorizationCodeServices().consumeAuthorizationCode(code);
} finally {
SerializationUtils.setSerializationStrategy(oldStrategy);
}
}
use of org.company.oauth2.CustomOAuth2Authentication in project spring-security-oauth by spring-projects.
the class CustomSerializationStrategyTests method loadCustomSerializationStrategy.
@Test
public void loadCustomSerializationStrategy() {
spy(SpringFactoriesLoader.class);
when(SpringFactoriesLoader.loadFactories(SerializationStrategy.class, SerializationUtils.class.getClassLoader())).thenReturn(Arrays.<SerializationStrategy>asList(new CustomSerializationStrategy()));
deserialize(new DefaultOAuth2AccessToken("access-token-" + UUID.randomUUID()));
deserialize(new OAuth2Authentication(new OAuth2Request(Collections.<String, String>emptyMap(), "clientId", Collections.<GrantedAuthority>emptyList(), false, Collections.<String>emptySet(), new HashSet<String>(Arrays.asList("resourceId-1", "resourceId-2")), "redirectUri", Collections.<String>emptySet(), Collections.<String, Serializable>emptyMap()), new UsernamePasswordAuthenticationToken("test", "N/A")));
deserialize(new DefaultExpiringOAuth2RefreshToken("access-token-" + UUID.randomUUID(), new Date()));
deserialize("xyz");
deserialize(new HashMap<String, String>());
deserialize(new CustomOAuth2AccessToken("xyz"));
deserialize(new CustomOAuth2Authentication(RequestTokenFactory.createOAuth2Request("id", false), new CustomAuthentication("test", false)));
}
Aggregations