Example 1 with ClientAuthorizationRequiredException
use of org.springframework.security.oauth2.client.ClientAuthorizationRequiredException in project spring-security by spring-projects.
the class OAuth2AuthorizationRequestRedirectWebFilterTests method filterWhenExceptionThenRedirected.
@Test
public void filterWhenExceptionThenRedirected() {
given(this.clientRepository.findByRegistrationId(this.registration.getRegistrationId())).willReturn(Mono.just(this.registration));
given(this.authzRequestRepository.saveAuthorizationRequest(any(), any())).willReturn(Mono.empty());
FilteringWebHandler webHandler = new FilteringWebHandler((e) -> Mono.error(new ClientAuthorizationRequiredException(this.registration.getRegistrationId())), Arrays.asList(this.filter));
// @formatter:off
this.client = WebTestClient.bindToWebHandler(webHandler).build();
FluxExchangeResult<String> result = this.client.get().uri("https://example.com/foo").exchange().expectStatus().is3xxRedirection().returnResult(String.class);
// @formatter:on
}
Also used :
FilteringWebHandler(org.springframework.web.server.handler.FilteringWebHandler)
ClientAuthorizationRequiredException(org.springframework.security.oauth2.client.ClientAuthorizationRequiredException)
Test(org.junit.jupiter.api.Test)
Example 2 with ClientAuthorizationRequiredException
use of org.springframework.security.oauth2.client.ClientAuthorizationRequiredException in project spring-security by spring-projects.
the class OAuth2AuthorizationRequestRedirectFilterTests method doFilterWhenNotAuthorizationRequestAndClientAuthorizationRequiredExceptionThrownButAuthorizationRequestNotResolvedThenStatusInternalServerError.
@Test
public void doFilterWhenNotAuthorizationRequestAndClientAuthorizationRequiredExceptionThrownButAuthorizationRequestNotResolvedThenStatusInternalServerError() throws Exception {
String requestUri = "/path";
MockHttpServletRequest request = new MockHttpServletRequest("GET", requestUri);
request.setServletPath(requestUri);
MockHttpServletResponse response = new MockHttpServletResponse();
FilterChain filterChain = mock(FilterChain.class);
willThrow(new ClientAuthorizationRequiredException(this.registration1.getRegistrationId())).given(filterChain).doFilter(any(ServletRequest.class), any(ServletResponse.class));
OAuth2AuthorizationRequestResolver resolver = mock(OAuth2AuthorizationRequestResolver.class);
OAuth2AuthorizationRequestRedirectFilter filter = new OAuth2AuthorizationRequestRedirectFilter(resolver);
filter.doFilter(request, response, filterChain);
verify(filterChain).doFilter(any(HttpServletRequest.class), any(HttpServletResponse.class));
verifyZeroInteractions(filterChain);
assertThat(response.getStatus()).isEqualTo(HttpStatus.INTERNAL_SERVER_ERROR.value());
assertThat(response.getErrorMessage()).isEqualTo(HttpStatus.INTERNAL_SERVER_ERROR.getReasonPhrase());
}
Also used :
HttpServletRequest(jakarta.servlet.http.HttpServletRequest)
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
HttpServletRequest(jakarta.servlet.http.HttpServletRequest)
ServletRequest(jakarta.servlet.ServletRequest)
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse)
ServletResponse(jakarta.servlet.ServletResponse)
HttpServletResponse(jakarta.servlet.http.HttpServletResponse)
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
FilterChain(jakarta.servlet.FilterChain)
ClientAuthorizationRequiredException(org.springframework.security.oauth2.client.ClientAuthorizationRequiredException)
MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse)
HttpServletResponse(jakarta.servlet.http.HttpServletResponse)
MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse)
Test(org.junit.jupiter.api.Test)
Example 3 with ClientAuthorizationRequiredException
use of org.springframework.security.oauth2.client.ClientAuthorizationRequiredException in project spring-security by spring-projects.
the class OAuth2AuthorizationRequestRedirectFilterTests method doFilterWhenNotAuthorizationRequestAndClientAuthorizationRequiredExceptionThrownThenRedirectForAuthorization.
@Test
public void doFilterWhenNotAuthorizationRequestAndClientAuthorizationRequiredExceptionThrownThenRedirectForAuthorization() throws Exception {
String requestUri = "/path";
MockHttpServletRequest request = new MockHttpServletRequest("GET", requestUri);
request.setServletPath(requestUri);
MockHttpServletResponse response = new MockHttpServletResponse();
FilterChain filterChain = mock(FilterChain.class);
willThrow(new ClientAuthorizationRequiredException(this.registration1.getRegistrationId())).given(filterChain).doFilter(any(ServletRequest.class), any(ServletResponse.class));
this.filter.doFilter(request, response, filterChain);
verify(filterChain).doFilter(any(HttpServletRequest.class), any(HttpServletResponse.class));
assertThat(response.getRedirectedUrl()).matches("https://example.com/login/oauth/authorize\\?" + "response_type=code&client_id=client-id&" + "scope=read:user&state=.{15,}&" + "redirect_uri=http://localhost/authorize/oauth2/code/registration-id");
verify(this.requestCache).saveRequest(any(HttpServletRequest.class), any(HttpServletResponse.class));
}
Also used :
HttpServletRequest(jakarta.servlet.http.HttpServletRequest)
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
HttpServletRequest(jakarta.servlet.http.HttpServletRequest)
ServletRequest(jakarta.servlet.ServletRequest)
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse)
ServletResponse(jakarta.servlet.ServletResponse)
HttpServletResponse(jakarta.servlet.http.HttpServletResponse)
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
FilterChain(jakarta.servlet.FilterChain)
ClientAuthorizationRequiredException(org.springframework.security.oauth2.client.ClientAuthorizationRequiredException)
MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse)
HttpServletResponse(jakarta.servlet.http.HttpServletResponse)
MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse)
Test(org.junit.jupiter.api.Test)
Example 4 with ClientAuthorizationRequiredException
use of org.springframework.security.oauth2.client.ClientAuthorizationRequiredException in project midpoint by Evolveum.
the class OidcAuthorizationRequestRedirectFilter method doFilterInternal.
@Override
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
if (authentication instanceof MidpointAuthentication) {
MidpointAuthentication mpAuthentication = (MidpointAuthentication) authentication;
OidcClientModuleAuthenticationImpl moduleAuthentication = (OidcClientModuleAuthenticationImpl) mpAuthentication.getProcessingModuleAuthentication();
try {
OAuth2AuthorizationRequest authorizationRequest = this.authorizationRequestResolver.resolve(request);
if (authorizationRequest != null) {
this.sendRedirectForAuthorization(request, response, authorizationRequest);
moduleAuthentication.setRequestState(RequestState.SENDED);
return;
}
} catch (Exception ex) {
unsuccessfulAuthentication(request, response, new InternalAuthenticationServiceException("web.security.provider.invalid", ex));
return;
}
try {
filterChain.doFilter(request, response);
} catch (IOException ex) {
throw ex;
} catch (Exception ex) {
// Check to see if we need to handle ClientAuthorizationRequiredException
Throwable[] causeChain = this.throwableAnalyzer.determineCauseChain(ex);
ClientAuthorizationRequiredException authzEx = (ClientAuthorizationRequiredException) this.throwableAnalyzer.getFirstThrowableOfType(ClientAuthorizationRequiredException.class, causeChain);
if (authzEx != null) {
try {
OAuth2AuthorizationRequest authorizationRequest = this.authorizationRequestResolver.resolve(request, authzEx.getClientRegistrationId());
if (authorizationRequest == null) {
throw authzEx;
}
this.sendRedirectForAuthorization(request, response, authorizationRequest);
moduleAuthentication.setRequestState(RequestState.SENDED);
this.requestCache.saveRequest(request, response);
} catch (Exception failed) {
unsuccessfulAuthentication(request, response, new InternalAuthenticationServiceException("web.security.provider.invalid", failed));
}
return;
}
if (ex instanceof ServletException) {
throw (ServletException) ex;
}
if (ex instanceof RuntimeException) {
throw (RuntimeException) ex;
}
throw new RuntimeException(ex);
}
} else {
throw new AuthenticationServiceException("Unsupported type of Authentication");
}
}
Also used :
ServletException(javax.servlet.ServletException)
MidpointAuthentication(com.evolveum.midpoint.authentication.api.config.MidpointAuthentication)
Authentication(org.springframework.security.core.Authentication)
OidcClientModuleAuthenticationImpl(com.evolveum.midpoint.authentication.impl.module.authentication.OidcClientModuleAuthenticationImpl)
ClientAuthorizationRequiredException(org.springframework.security.oauth2.client.ClientAuthorizationRequiredException)
InternalAuthenticationServiceException(org.springframework.security.authentication.InternalAuthenticationServiceException)
IOException(java.io.IOException)
MidpointAuthentication(com.evolveum.midpoint.authentication.api.config.MidpointAuthentication)
OAuth2AuthorizationRequest(org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest)
ServletException(javax.servlet.ServletException)
InternalAuthenticationServiceException(org.springframework.security.authentication.InternalAuthenticationServiceException)
AuthenticationException(org.springframework.security.core.AuthenticationException)
AuthenticationServiceException(org.springframework.security.authentication.AuthenticationServiceException)
ClientAuthorizationRequiredException(org.springframework.security.oauth2.client.ClientAuthorizationRequiredException)
IOException(java.io.IOException)
InternalAuthenticationServiceException(org.springframework.security.authentication.InternalAuthenticationServiceException)
AuthenticationServiceException(org.springframework.security.authentication.AuthenticationServiceException)
Example 5 with ClientAuthorizationRequiredException
use of org.springframework.security.oauth2.client.ClientAuthorizationRequiredException in project spring-security by spring-projects.
the class OAuth2AuthorizationRequestRedirectWebFilterTests method filterWhenExceptionThenSaveRequestSessionAttribute.
@Test
public void filterWhenExceptionThenSaveRequestSessionAttribute() {
given(this.clientRepository.findByRegistrationId(this.registration.getRegistrationId())).willReturn(Mono.just(this.registration));
given(this.authzRequestRepository.saveAuthorizationRequest(any(), any())).willReturn(Mono.empty());
this.filter.setRequestCache(this.requestCache);
given(this.requestCache.saveRequest(any())).willReturn(Mono.empty());
FilteringWebHandler webHandler = new FilteringWebHandler((e) -> Mono.error(new ClientAuthorizationRequiredException(this.registration.getRegistrationId())), Arrays.asList(this.filter));
// @formatter:off
this.client = WebTestClient.bindToWebHandler(webHandler).build();
this.client.get().uri("https://example.com/foo").exchange().expectStatus().is3xxRedirection().returnResult(String.class);
// @formatter:on
verify(this.requestCache).saveRequest(any());
}
Also used :
FilteringWebHandler(org.springframework.web.server.handler.FilteringWebHandler)
ClientAuthorizationRequiredException(org.springframework.security.oauth2.client.ClientAuthorizationRequiredException)
Test(org.junit.jupiter.api.Test)
Aggregations
ClientAuthorizationRequiredException (org.springframework.security.oauth2.client.ClientAuthorizationRequiredException)5
Test (org.junit.jupiter.api.Test)4
FilterChain (jakarta.servlet.FilterChain)2
ServletRequest (jakarta.servlet.ServletRequest)2
ServletResponse (jakarta.servlet.ServletResponse)2
HttpServletRequest (jakarta.servlet.http.HttpServletRequest)2
HttpServletResponse (jakarta.servlet.http.HttpServletResponse)2
MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)2
MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)2
FilteringWebHandler (org.springframework.web.server.handler.FilteringWebHandler)2
MidpointAuthentication (com.evolveum.midpoint.authentication.api.config.MidpointAuthentication)1
OidcClientModuleAuthenticationImpl (com.evolveum.midpoint.authentication.impl.module.authentication.OidcClientModuleAuthenticationImpl)1
IOException (java.io.IOException)1
ServletException (javax.servlet.ServletException)1
AuthenticationServiceException (org.springframework.security.authentication.AuthenticationServiceException)1
InternalAuthenticationServiceException (org.springframework.security.authentication.InternalAuthenticationServiceException)1
Authentication (org.springframework.security.core.Authentication)1
AuthenticationException (org.springframework.security.core.AuthenticationException)1
OAuth2AuthorizationRequest (org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest)1
