use of org.springframework.security.authentication.UsernamePasswordAuthenticationToken in project spring-security by spring-projects.
the class BasicAuthenticationFilterTests method setUp.
// ~ Methods
// ========================================================================================================
@Before
public void setUp() throws Exception {
SecurityContextHolder.clearContext();
UsernamePasswordAuthenticationToken rodRequest = new UsernamePasswordAuthenticationToken("rod", "koala");
rodRequest.setDetails(new WebAuthenticationDetails(new MockHttpServletRequest()));
Authentication rod = new UsernamePasswordAuthenticationToken("rod", "koala", AuthorityUtils.createAuthorityList("ROLE_1"));
manager = mock(AuthenticationManager.class);
when(manager.authenticate(rodRequest)).thenReturn(rod);
when(manager.authenticate(not(eq(rodRequest)))).thenThrow(new BadCredentialsException(""));
filter = new BasicAuthenticationFilter(manager, new BasicAuthenticationEntryPoint());
}
use of org.springframework.security.authentication.UsernamePasswordAuthenticationToken in project spring-security by spring-projects.
the class PreAuthenticatedAuthenticationProviderTests method authenticateInvalidToken.
@Test
public final void authenticateInvalidToken() throws Exception {
UserDetails ud = new User("dummyUser", "dummyPwd", true, true, true, true, AuthorityUtils.NO_AUTHORITIES);
PreAuthenticatedAuthenticationProvider provider = getProvider(ud);
Authentication request = new UsernamePasswordAuthenticationToken("dummyUser", "dummyPwd");
Authentication result = provider.authenticate(request);
assertThat(result).isNull();
}
use of org.springframework.security.authentication.UsernamePasswordAuthenticationToken in project spring-security-oauth by spring-projects.
the class TokenEndpointAuthenticationFilterTests method testPasswordGrantWithUnAuthenticatedClient.
@Test
public void testPasswordGrantWithUnAuthenticatedClient() throws Exception {
SecurityContextHolder.getContext().setAuthentication(new UsernamePasswordAuthenticationToken("client", "secret"));
request.setParameter("grant_type", "password");
Mockito.when(authenticationManager.authenticate(Mockito.<Authentication>any())).thenReturn(new UsernamePasswordAuthenticationToken("foo", "bar", AuthorityUtils.commaSeparatedStringToAuthorityList("ROLE_USER")));
TokenEndpointAuthenticationFilter filter = new TokenEndpointAuthenticationFilter(authenticationManager, oAuth2RequestFactory);
filter.doFilter(request, response, chain);
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
assertTrue(authentication instanceof OAuth2Authentication);
assertFalse(authentication.isAuthenticated());
}
use of org.springframework.security.authentication.UsernamePasswordAuthenticationToken in project spring-security-oauth by spring-projects.
the class TokenEndpointTests method testGetAccessTokenWithNoClientId.
@Test
public void testGetAccessTokenWithNoClientId() throws HttpRequestMethodNotSupportedException {
HashMap<String, String> parameters = new HashMap<String, String>();
parameters.put(OAuth2Utils.GRANT_TYPE, "authorization_code");
OAuth2AccessToken expectedToken = new DefaultOAuth2AccessToken("FOO");
when(tokenGranter.grant(Mockito.eq("authorization_code"), Mockito.any(TokenRequest.class))).thenReturn(expectedToken);
@SuppressWarnings("unchecked") Map<String, String> anyMap = Mockito.any(Map.class);
when(authorizationRequestFactory.createTokenRequest(anyMap, Mockito.any(ClientDetails.class))).thenReturn(createFromParameters(parameters));
clientAuthentication = new UsernamePasswordAuthenticationToken(null, null, Collections.singleton(new SimpleGrantedAuthority("ROLE_CLIENT")));
ResponseEntity<OAuth2AccessToken> response = endpoint.postAccessToken(clientAuthentication, parameters);
assertNotNull(response);
assertEquals(HttpStatus.OK, response.getStatusCode());
OAuth2AccessToken body = response.getBody();
assertEquals(body, expectedToken);
assertTrue("Wrong body: " + body, body.getTokenType() != null);
}
use of org.springframework.security.authentication.UsernamePasswordAuthenticationToken in project spring-security-oauth by spring-projects.
the class OAuth2MethodSecurityExpressionHandlerTests method testNonOauthClient.
@Test
public void testNonOauthClient() throws Exception {
Authentication clientAuthentication = new UsernamePasswordAuthenticationToken("foo", "bar");
MethodInvocation invocation = new SimpleMethodInvocation(this, ReflectionUtils.findMethod(getClass(), "testNonOauthClient"));
EvaluationContext context = handler.createEvaluationContext(clientAuthentication, invocation);
Expression expression = handler.getExpressionParser().parseExpression("#oauth2.clientHasAnyRole()");
assertFalse((Boolean) expression.getValue(context));
}
Aggregations