use of org.springframework.security.oauth2.client.OAuth2AuthorizationContext in project spring-security by spring-projects.
the class DelegatingReactiveOAuth2AuthorizedClientProviderTests method authorizeWhenProviderCanAuthorizeThenReturnAuthorizedClient.
@Test
public void authorizeWhenProviderCanAuthorizeThenReturnAuthorizedClient() {
Authentication principal = new TestingAuthenticationToken("principal", "password");
ClientRegistration clientRegistration = TestClientRegistrations.clientRegistration().build();
OAuth2AuthorizedClient authorizedClient = new OAuth2AuthorizedClient(clientRegistration, principal.getName(), TestOAuth2AccessTokens.noScopes());
ReactiveOAuth2AuthorizedClientProvider authorizedClientProvider1 = mock(ReactiveOAuth2AuthorizedClientProvider.class);
given(authorizedClientProvider1.authorize(any())).willReturn(Mono.empty());
ReactiveOAuth2AuthorizedClientProvider authorizedClientProvider2 = mock(ReactiveOAuth2AuthorizedClientProvider.class);
given(authorizedClientProvider2.authorize(any())).willReturn(Mono.empty());
ReactiveOAuth2AuthorizedClientProvider authorizedClientProvider3 = mock(ReactiveOAuth2AuthorizedClientProvider.class);
given(authorizedClientProvider3.authorize(any())).willReturn(Mono.just(authorizedClient));
DelegatingReactiveOAuth2AuthorizedClientProvider delegate = new DelegatingReactiveOAuth2AuthorizedClientProvider(authorizedClientProvider1, authorizedClientProvider2, authorizedClientProvider3);
OAuth2AuthorizationContext context = OAuth2AuthorizationContext.withClientRegistration(clientRegistration).principal(principal).build();
OAuth2AuthorizedClient reauthorizedClient = delegate.authorize(context).block();
assertThat(reauthorizedClient).isSameAs(authorizedClient);
}
use of org.springframework.security.oauth2.client.OAuth2AuthorizationContext in project spring-security by spring-projects.
the class AuthorizationCodeOAuth2AuthorizedClientProviderTests method authorizeWhenNotAuthorizationCodeThenUnableToAuthorize.
@Test
public void authorizeWhenNotAuthorizationCodeThenUnableToAuthorize() {
ClientRegistration clientCredentialsClient = TestClientRegistrations.clientCredentials().build();
// @formatter:off
OAuth2AuthorizationContext authorizationContext = OAuth2AuthorizationContext.withClientRegistration(clientCredentialsClient).principal(this.principal).build();
// @formatter:on
assertThat(this.authorizedClientProvider.authorize(authorizationContext)).isNull();
}
use of org.springframework.security.oauth2.client.OAuth2AuthorizationContext in project spring-security by spring-projects.
the class ClientCredentialsOAuth2AuthorizedClientProviderTests method authorizeWhenClientCredentialsAndTokenExpiredThenReauthorize.
@Test
public void authorizeWhenClientCredentialsAndTokenExpiredThenReauthorize() {
Instant issuedAt = Instant.now().minus(Duration.ofDays(1));
Instant expiresAt = issuedAt.plus(Duration.ofMinutes(60));
OAuth2AccessToken accessToken = new OAuth2AccessToken(OAuth2AccessToken.TokenType.BEARER, "access-token-1234", issuedAt, expiresAt);
OAuth2AuthorizedClient authorizedClient = new OAuth2AuthorizedClient(this.clientRegistration, this.principal.getName(), accessToken);
OAuth2AccessTokenResponse accessTokenResponse = TestOAuth2AccessTokenResponses.accessTokenResponse().build();
given(this.accessTokenResponseClient.getTokenResponse(any())).willReturn(accessTokenResponse);
// @formatter:off
OAuth2AuthorizationContext authorizationContext = OAuth2AuthorizationContext.withAuthorizedClient(authorizedClient).principal(this.principal).build();
// @formatter:on
authorizedClient = this.authorizedClientProvider.authorize(authorizationContext);
assertThat(authorizedClient.getClientRegistration()).isSameAs(this.clientRegistration);
assertThat(authorizedClient.getPrincipalName()).isEqualTo(this.principal.getName());
assertThat(authorizedClient.getAccessToken()).isEqualTo(accessTokenResponse.getAccessToken());
}
use of org.springframework.security.oauth2.client.OAuth2AuthorizationContext in project spring-security by spring-projects.
the class ClientCredentialsOAuth2AuthorizedClientProviderTests method authorizeWhenClientCredentialsAndTokenNotExpiredButClockSkewForcesExpiryThenReauthorize.
// gh-7511
@Test
public void authorizeWhenClientCredentialsAndTokenNotExpiredButClockSkewForcesExpiryThenReauthorize() {
Instant now = Instant.now();
Instant issuedAt = now.minus(Duration.ofMinutes(60));
Instant expiresAt = now.minus(Duration.ofMinutes(1));
OAuth2AccessToken expiresInOneMinAccessToken = new OAuth2AccessToken(OAuth2AccessToken.TokenType.BEARER, "access-token-1234", issuedAt, expiresAt);
OAuth2AuthorizedClient authorizedClient = new OAuth2AuthorizedClient(this.clientRegistration, this.principal.getName(), expiresInOneMinAccessToken);
// Shorten the lifespan of the access token by 90 seconds, which will ultimately
// force it to expire on the client
this.authorizedClientProvider.setClockSkew(Duration.ofSeconds(90));
OAuth2AccessTokenResponse accessTokenResponse = TestOAuth2AccessTokenResponses.accessTokenResponse().build();
given(this.accessTokenResponseClient.getTokenResponse(any())).willReturn(accessTokenResponse);
// @formatter:off
OAuth2AuthorizationContext authorizationContext = OAuth2AuthorizationContext.withAuthorizedClient(authorizedClient).principal(this.principal).build();
// @formatter:on
OAuth2AuthorizedClient reauthorizedClient = this.authorizedClientProvider.authorize(authorizationContext);
assertThat(reauthorizedClient.getClientRegistration()).isSameAs(this.clientRegistration);
assertThat(reauthorizedClient.getPrincipalName()).isEqualTo(this.principal.getName());
assertThat(reauthorizedClient.getAccessToken()).isEqualTo(accessTokenResponse.getAccessToken());
}
use of org.springframework.security.oauth2.client.OAuth2AuthorizationContext in project spring-security by spring-projects.
the class DelegatingOAuth2AuthorizedClientProviderTests method authorizeWhenProviderCantAuthorizeThenReturnNull.
@Test
public void authorizeWhenProviderCantAuthorizeThenReturnNull() {
ClientRegistration clientRegistration = TestClientRegistrations.clientRegistration().build();
OAuth2AuthorizationContext context = OAuth2AuthorizationContext.withClientRegistration(clientRegistration).principal(new TestingAuthenticationToken("principal", "password")).build();
DelegatingOAuth2AuthorizedClientProvider delegate = new DelegatingOAuth2AuthorizedClientProvider(mock(OAuth2AuthorizedClientProvider.class), mock(OAuth2AuthorizedClientProvider.class));
assertThat(delegate.authorize(context)).isNull();
}
Aggregations