Example 41 with OAuth2AuthorizeRequest
use of org.springframework.security.oauth2.client.OAuth2AuthorizeRequest in project spring-security by spring-projects.
the class DefaultReactiveOAuth2AuthorizedClientManagerTests method reauthorizeWhenRequestParameterScopeThenMappedToContext.
@Test
public void reauthorizeWhenRequestParameterScopeThenMappedToContext() {
OAuth2AuthorizedClient reauthorizedClient = new OAuth2AuthorizedClient(this.clientRegistration, this.principal.getName(), TestOAuth2AccessTokens.noScopes(), TestOAuth2RefreshTokens.refreshToken());
given(this.authorizedClientProvider.authorize(any(OAuth2AuthorizationContext.class))).willReturn(Mono.just(reauthorizedClient));
// Override the mock with the default
this.authorizedClientManager.setContextAttributesMapper(new DefaultReactiveOAuth2AuthorizedClientManager.DefaultContextAttributesMapper());
this.serverWebExchange = MockServerWebExchange.builder(MockServerHttpRequest.get("/").queryParam(OAuth2ParameterNames.SCOPE, "read write")).build();
this.context = Context.of(ServerWebExchange.class, this.serverWebExchange);
OAuth2AuthorizeRequest reauthorizeRequest = OAuth2AuthorizeRequest.withAuthorizedClient(this.authorizedClient).principal(this.principal).build();
this.authorizedClientManager.authorize(reauthorizeRequest).subscriberContext(this.context).block();
verify(this.authorizedClientProvider).authorize(this.authorizationContextCaptor.capture());
OAuth2AuthorizationContext authorizationContext = this.authorizationContextCaptor.getValue();
String[] requestScopeAttribute = authorizationContext.getAttribute(OAuth2AuthorizationContext.REQUEST_SCOPE_ATTRIBUTE_NAME);
assertThat(requestScopeAttribute).contains("read", "write");
}
Also used :
ServerWebExchange(org.springframework.web.server.ServerWebExchange)
MockServerWebExchange(org.springframework.mock.web.server.MockServerWebExchange)
OAuth2AuthorizationContext(org.springframework.security.oauth2.client.OAuth2AuthorizationContext)
OAuth2AuthorizeRequest(org.springframework.security.oauth2.client.OAuth2AuthorizeRequest)
OAuth2AuthorizedClient(org.springframework.security.oauth2.client.OAuth2AuthorizedClient)
ArgumentMatchers.anyString(org.mockito.ArgumentMatchers.anyString)
Test(org.junit.jupiter.api.Test)
Aggregations
Test (org.junit.jupiter.api.Test)34
OAuth2AuthorizeRequest (org.springframework.security.oauth2.client.OAuth2AuthorizeRequest)32
OAuth2AuthorizationContext (org.springframework.security.oauth2.client.OAuth2AuthorizationContext)25
OAuth2Error (org.springframework.security.oauth2.core.OAuth2Error)23
OAuth2AuthorizedClient (org.springframework.security.oauth2.client.OAuth2AuthorizedClient)20
Authentication (org.springframework.security.core.Authentication)18
HttpServletRequest (jakarta.servlet.http.HttpServletRequest)14
HttpServletResponse (jakarta.servlet.http.HttpServletResponse)14
Map (java.util.Map)14
Function (java.util.function.Function)14
ClientAuthorizationException (org.springframework.security.oauth2.client.ClientAuthorizationException)14
ClientRegistration (org.springframework.security.oauth2.client.registration.ClientRegistration)14
HashMap (java.util.HashMap)13
OAuth2ParameterNames (org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames)13
OAuth2ErrorCodes (org.springframework.security.oauth2.core.OAuth2ErrorCodes)12
StringUtils (org.springframework.util.StringUtils)12
Assertions.assertThat (org.assertj.core.api.Assertions.assertThat)11
Assertions.assertThatExceptionOfType (org.assertj.core.api.Assertions.assertThatExceptionOfType)11
Assertions.assertThatIllegalArgumentException (org.assertj.core.api.Assertions.assertThatIllegalArgumentException)11
BeforeEach (org.junit.jupiter.api.BeforeEach)11
