Search in sources :

Example 56 with Authentication

use of org.springframework.security.core.Authentication in project spring-security-oauth by spring-projects.

the class OAuth2SecurityExpressionMethodsTests method testInsufficientScope.

@Test(expected = AccessDeniedException.class)
public void testInsufficientScope() throws Exception {
    OAuth2Request clientAuthentication = RequestTokenFactory.createOAuth2Request("foo", false, Collections.singleton("read"));
    Authentication userAuthentication = null;
    OAuth2Authentication oAuth2Authentication = new OAuth2Authentication(clientAuthentication, userAuthentication);
    OAuth2SecurityExpressionMethods root = new OAuth2SecurityExpressionMethods(oAuth2Authentication);
    boolean hasAnyScope = root.hasAnyScope("foo");
    root.throwOnError(hasAnyScope);
}
Also used : OAuth2Request(org.springframework.security.oauth2.provider.OAuth2Request) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) Authentication(org.springframework.security.core.Authentication) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) Test(org.junit.Test)

Example 57 with Authentication

use of org.springframework.security.core.Authentication in project spring-security-oauth by spring-projects.

the class OAuth2SecurityExpressionMethodsTests method testScopesWithException.

@Test(expected = AccessDeniedException.class)
public void testScopesWithException() throws Exception {
    OAuth2Request clientAuthentication = RequestTokenFactory.createOAuth2Request("foo", false, Collections.singleton("read"));
    Authentication userAuthentication = null;
    OAuth2Authentication oAuth2Authentication = new OAuth2Authentication(clientAuthentication, userAuthentication);
    OAuth2SecurityExpressionMethods root = new OAuth2SecurityExpressionMethods(oAuth2Authentication);
    boolean hasAnyScope = root.hasAnyScope("foo");
    assertFalse(root.throwOnError(hasAnyScope));
}
Also used : OAuth2Request(org.springframework.security.oauth2.provider.OAuth2Request) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) Authentication(org.springframework.security.core.Authentication) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) Test(org.junit.Test)

Example 58 with Authentication

use of org.springframework.security.core.Authentication in project spring-security-oauth by spring-projects.

the class OAuth2SecurityExpressionMethodsTests method testSufficientScope.

@Test
public void testSufficientScope() throws Exception {
    OAuth2Request clientAuthentication = RequestTokenFactory.createOAuth2Request("foo", false, Collections.singleton("read"));
    Authentication userAuthentication = null;
    OAuth2Authentication oAuth2Authentication = new OAuth2Authentication(clientAuthentication, userAuthentication);
    assertTrue(new OAuth2SecurityExpressionMethods(oAuth2Authentication).hasAnyScope("read"));
    assertTrue(new OAuth2SecurityExpressionMethods(oAuth2Authentication).throwOnError(true));
}
Also used : OAuth2Request(org.springframework.security.oauth2.provider.OAuth2Request) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) Authentication(org.springframework.security.core.Authentication) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) Test(org.junit.Test)

Example 59 with Authentication

use of org.springframework.security.core.Authentication in project spring-security-oauth by spring-projects.

the class OAuth2SecurityExpressionMethodsTests method testScopesFalse.

@Test
public void testScopesFalse() throws Exception {
    OAuth2Request clientAuthentication = RequestTokenFactory.createOAuth2Request("foo", false, Collections.singleton("read"));
    Authentication userAuthentication = null;
    OAuth2Authentication oAuth2Authentication = new OAuth2Authentication(clientAuthentication, userAuthentication);
    OAuth2SecurityExpressionMethods root = new OAuth2SecurityExpressionMethods(oAuth2Authentication);
    assertFalse(root.hasAnyScope("write"));
}
Also used : OAuth2Request(org.springframework.security.oauth2.provider.OAuth2Request) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) Authentication(org.springframework.security.core.Authentication) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) Test(org.junit.Test)

Example 60 with Authentication

use of org.springframework.security.core.Authentication in project spring-security-oauth by spring-projects.

the class OAuth2WebSecurityExpressionHandlerTests method testScopes.

@Test
public void testScopes() throws Exception {
    OAuth2Request clientAuthentication = RequestTokenFactory.createOAuth2Request("foo", false, Collections.singleton("read"));
    Authentication userAuthentication = null;
    OAuth2Authentication oAuth2Authentication = new OAuth2Authentication(clientAuthentication, userAuthentication);
    FilterInvocation invocation = new FilterInvocation("/foo", "GET");
    Expression expression = handler.getExpressionParser().parseExpression("#oauth2.hasAnyScope('read')");
    assertTrue((Boolean) expression.getValue(handler.createEvaluationContext(oAuth2Authentication, invocation)));
}
Also used : OAuth2Request(org.springframework.security.oauth2.provider.OAuth2Request) Expression(org.springframework.expression.Expression) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) Authentication(org.springframework.security.core.Authentication) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) FilterInvocation(org.springframework.security.web.FilterInvocation) Test(org.junit.Test)

Aggregations

Authentication (org.springframework.security.core.Authentication)498 Test (org.junit.Test)192 UsernamePasswordAuthenticationToken (org.springframework.security.authentication.UsernamePasswordAuthenticationToken)114 OAuth2Authentication (org.springframework.security.oauth2.provider.OAuth2Authentication)98 TestingAuthenticationToken (org.springframework.security.authentication.TestingAuthenticationToken)75 SecurityContext (org.springframework.security.core.context.SecurityContext)63 OAuth2Request (org.springframework.security.oauth2.provider.OAuth2Request)57 GrantedAuthority (org.springframework.security.core.GrantedAuthority)50 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)47 SecurityContextImpl (org.springframework.security.core.context.SecurityContextImpl)42 MifosUser (org.mifos.security.MifosUser)38 MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)34 HttpServletRequest (javax.servlet.http.HttpServletRequest)32 SimpleGrantedAuthority (org.springframework.security.core.authority.SimpleGrantedAuthority)32 AuthenticationException (org.springframework.security.core.AuthenticationException)31 UserDetails (org.springframework.security.core.userdetails.UserDetails)31 MifosUserBuilder (org.mifos.builders.MifosUserBuilder)29 HashMap (java.util.HashMap)27 HttpServletResponse (javax.servlet.http.HttpServletResponse)27 OAuth2AccessToken (org.springframework.security.oauth2.common.OAuth2AccessToken)25