Examples with MockServerWebExchange org.springframework.mock.web.server.MockServerWebExchange used on opensource projects

Example 6 with MockServerWebExchange

use of org.springframework.mock.web.server.MockServerWebExchange in project spring-security by spring-projects.

the class OAuth2AuthorizationCodeGrantWebFilterTests method filterWhenAuthenticationManagerThrowsOAuth2AuthorizationExceptionThenMappedToOAuth2AuthenticationException.

// gh-8609
@Test
public void filterWhenAuthenticationManagerThrowsOAuth2AuthorizationExceptionThenMappedToOAuth2AuthenticationException() {
    ClientRegistration clientRegistration = TestClientRegistrations.clientRegistration().build();
    given(this.clientRegistrationRepository.findByRegistrationId(any())).willReturn(Mono.just(clientRegistration));
    MockServerHttpRequest authorizationRequest = createAuthorizationRequest("/authorization/callback");
    OAuth2AuthorizationRequest oauth2AuthorizationRequest = createOAuth2AuthorizationRequest(authorizationRequest, clientRegistration);
    given(this.authorizationRequestRepository.loadAuthorizationRequest(any())).willReturn(Mono.just(oauth2AuthorizationRequest));
    given(this.authorizationRequestRepository.removeAuthorizationRequest(any())).willReturn(Mono.just(oauth2AuthorizationRequest));
    given(this.authenticationManager.authenticate(any())).willReturn(Mono.error(new OAuth2AuthorizationException(new OAuth2Error("authorization_error"))));
    MockServerHttpRequest authorizationResponse = createAuthorizationResponse(authorizationRequest);
    MockServerWebExchange exchange = MockServerWebExchange.from(authorizationResponse);
    DefaultWebFilterChain chain = new DefaultWebFilterChain((e) -> e.getResponse().setComplete(), Collections.emptyList());
    assertThatExceptionOfType(OAuth2AuthenticationException.class).isThrownBy(() -> this.filter.filter(exchange, chain).block()).satisfies((ex) -> assertThat(ex.getError()).extracting("errorCode").isEqualTo("authorization_error"));
}

Example 7 with MockServerWebExchange

use of org.springframework.mock.web.server.MockServerWebExchange in project spring-security by spring-projects.

the class OAuth2AuthorizationCodeGrantWebFilterTests method filterWhenNotMatchThenAuthenticationManagerNotCalled.

@Test
public void filterWhenNotMatchThenAuthenticationManagerNotCalled() {
    MockServerWebExchange exchange = MockServerWebExchange.from(MockServerHttpRequest.get("/"));
    DefaultWebFilterChain chain = new DefaultWebFilterChain((e) -> e.getResponse().setComplete(), Collections.emptyList());
    this.filter.filter(exchange, chain).block();
    verifyNoInteractions(this.authenticationManager);
}

Example 8 with MockServerWebExchange

use of org.springframework.mock.web.server.MockServerWebExchange in project spring-security by spring-projects.

the class OAuth2AuthorizationCodeGrantWebFilterTests method filterWhenMatchThenAuthorizedClientSaved.

@Test
public void filterWhenMatchThenAuthorizedClientSaved() {
    ClientRegistration clientRegistration = TestClientRegistrations.clientRegistration().build();
    given(this.clientRegistrationRepository.findByRegistrationId(any())).willReturn(Mono.just(clientRegistration));
    MockServerHttpRequest authorizationRequest = createAuthorizationRequest("/authorization/callback");
    OAuth2AuthorizationRequest oauth2AuthorizationRequest = createOAuth2AuthorizationRequest(authorizationRequest, clientRegistration);
    given(this.authorizationRequestRepository.loadAuthorizationRequest(any())).willReturn(Mono.just(oauth2AuthorizationRequest));
    given(this.authorizationRequestRepository.removeAuthorizationRequest(any())).willReturn(Mono.just(oauth2AuthorizationRequest));
    given(this.authorizedClientRepository.saveAuthorizedClient(any(), any(), any())).willReturn(Mono.empty());
    given(this.authenticationManager.authenticate(any())).willReturn(Mono.just(TestOAuth2AuthorizationCodeAuthenticationTokens.authenticated()));
    MockServerHttpRequest authorizationResponse = createAuthorizationResponse(authorizationRequest);
    MockServerWebExchange exchange = MockServerWebExchange.from(authorizationResponse);
    DefaultWebFilterChain chain = new DefaultWebFilterChain((e) -> e.getResponse().setComplete(), Collections.emptyList());
    this.filter.filter(exchange, chain).block();
    verify(this.authorizedClientRepository).saveAuthorizedClient(any(), any(AnonymousAuthenticationToken.class), any());
}

Example 9 with MockServerWebExchange

use of org.springframework.mock.web.server.MockServerWebExchange in project spring-security by spring-projects.

the class SwitchUserWebFilterTests method setExitUserUrlWhenDefinedThenChangeDefaultValue.

@Test
public void setExitUserUrlWhenDefinedThenChangeDefaultValue() {
    final MockServerWebExchange exchange = MockServerWebExchange.from(MockServerHttpRequest.post("/logout/impersonate"));
    final ServerWebExchangeMatcher oldExitUserMatcher = (ServerWebExchangeMatcher) ReflectionTestUtils.getField(this.switchUserWebFilter, "exitUserMatcher");
    assertThat(oldExitUserMatcher.matches(exchange).block().isMatch()).isTrue();
    this.switchUserWebFilter.setExitUserUrl("/exit-url");
    final MockServerWebExchange newExchange = MockServerWebExchange.from(MockServerHttpRequest.post("/exit-url"));
    final ServerWebExchangeMatcher newExitUserMatcher = (ServerWebExchangeMatcher) ReflectionTestUtils.getField(this.switchUserWebFilter, "exitUserMatcher");
    assertThat(newExitUserMatcher.matches(newExchange).block().isMatch()).isTrue();
}

Example 10 with MockServerWebExchange

use of org.springframework.mock.web.server.MockServerWebExchange in project spring-security by spring-projects.

the class SwitchUserWebFilterTests method switchUser.

@Test
public void switchUser() {
    final String targetUsername = "TEST_USERNAME";
    final UserDetails switchUserDetails = switchUserDetails(targetUsername, true);
    final MockServerWebExchange exchange = MockServerWebExchange.from(MockServerHttpRequest.post("/login/impersonate?username={targetUser}", targetUsername));
    final WebFilterChain chain = mock(WebFilterChain.class);
    final Authentication originalAuthentication = new UsernamePasswordAuthenticationToken("principal", "credentials");
    final SecurityContextImpl securityContext = new SecurityContextImpl(originalAuthentication);
    given(this.userDetailsService.findByUsername(targetUsername)).willReturn(Mono.just(switchUserDetails));
    given(this.serverSecurityContextRepository.save(eq(exchange), any(SecurityContext.class))).willReturn(Mono.empty());
    given(this.successHandler.onAuthenticationSuccess(any(WebFilterExchange.class), any(Authentication.class))).willReturn(Mono.empty());
    this.switchUserWebFilter.filter(exchange, chain).subscriberContext(ReactiveSecurityContextHolder.withSecurityContext(Mono.just(securityContext))).block();
    verifyNoInteractions(chain);
    verify(this.userDetailsService).findByUsername(targetUsername);
    final ArgumentCaptor<SecurityContext> securityContextCaptor = ArgumentCaptor.forClass(SecurityContext.class);
    verify(this.serverSecurityContextRepository).save(eq(exchange), securityContextCaptor.capture());
    final SecurityContext savedSecurityContext = securityContextCaptor.getValue();
    final ArgumentCaptor<Authentication> authenticationCaptor = ArgumentCaptor.forClass(Authentication.class);
    verify(this.successHandler).onAuthenticationSuccess(any(WebFilterExchange.class), authenticationCaptor.capture());
    final Authentication switchUserAuthentication = authenticationCaptor.getValue();
    assertThat(switchUserAuthentication).isSameAs(savedSecurityContext.getAuthentication());
    assertThat(switchUserAuthentication.getName()).isEqualTo(targetUsername);
    assertThat(switchUserAuthentication.getAuthorities()).anyMatch(SwitchUserGrantedAuthority.class::isInstance);
    assertThat(switchUserAuthentication.getAuthorities()).anyMatch((a) -> a.getAuthority().contains(SwitchUserWebFilter.ROLE_PREVIOUS_ADMINISTRATOR));
    assertThat(switchUserAuthentication.getAuthorities().stream().filter((a) -> a instanceof SwitchUserGrantedAuthority).map((a) -> ((SwitchUserGrantedAuthority) a).getSource()).map(Principal::getName)).contains(originalAuthentication.getName());
}