use of org.springframework.security.oauth2.client.OAuth2AuthorizedClientProvider in project spring-security by spring-projects.
the class OAuth2AuthorizedClientArgumentResolverTests method setup.
@BeforeEach
public void setup() {
this.authentication = new TestingAuthenticationToken(this.principalName, "password");
SecurityContext securityContext = SecurityContextHolder.createEmptyContext();
securityContext.setAuthentication(this.authentication);
SecurityContextHolder.setContext(securityContext);
// @formatter:off
this.registration1 = ClientRegistration.withRegistrationId("client1").clientId("client-1").clientSecret("secret").clientAuthenticationMethod(ClientAuthenticationMethod.CLIENT_SECRET_BASIC).authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE).redirectUri("{baseUrl}/login/oauth2/code/{registrationId}").scope("user").authorizationUri("https://provider.com/oauth2/authorize").tokenUri("https://provider.com/oauth2/token").userInfoUri("https://provider.com/oauth2/user").userNameAttributeName("id").clientName("client-1").build();
this.registration2 = ClientRegistration.withRegistrationId("client2").clientId("client-2").clientSecret("secret").clientAuthenticationMethod(ClientAuthenticationMethod.CLIENT_SECRET_BASIC).authorizationGrantType(AuthorizationGrantType.CLIENT_CREDENTIALS).scope("read", "write").tokenUri("https://provider.com/oauth2/token").build();
this.registration3 = TestClientRegistrations.password().registrationId("client3").build();
// @formatter:on
this.clientRegistrationRepository = new InMemoryClientRegistrationRepository(this.registration1, this.registration2, this.registration3);
this.authorizedClientRepository = mock(OAuth2AuthorizedClientRepository.class);
OAuth2AuthorizedClientProvider authorizedClientProvider = OAuth2AuthorizedClientProviderBuilder.builder().authorizationCode().refreshToken().clientCredentials().build();
DefaultOAuth2AuthorizedClientManager authorizedClientManager = new DefaultOAuth2AuthorizedClientManager(this.clientRegistrationRepository, this.authorizedClientRepository);
authorizedClientManager.setAuthorizedClientProvider(authorizedClientProvider);
this.argumentResolver = new OAuth2AuthorizedClientArgumentResolver(authorizedClientManager);
this.authorizedClient1 = new OAuth2AuthorizedClient(this.registration1, this.principalName, mock(OAuth2AccessToken.class));
given(this.authorizedClientRepository.loadAuthorizedClient(eq(this.registration1.getRegistrationId()), any(Authentication.class), any(HttpServletRequest.class))).willReturn(this.authorizedClient1);
this.authorizedClient2 = new OAuth2AuthorizedClient(this.registration2, this.principalName, mock(OAuth2AccessToken.class));
given(this.authorizedClientRepository.loadAuthorizedClient(eq(this.registration2.getRegistrationId()), any(Authentication.class), any(HttpServletRequest.class))).willReturn(this.authorizedClient2);
this.request = new MockHttpServletRequest();
this.response = new MockHttpServletResponse();
}
use of org.springframework.security.oauth2.client.OAuth2AuthorizedClientProvider in project spring-security by spring-projects.
the class OAuth2AuthorizedClientProviderBuilderTests method buildWhenAllProvidersThenProvidersAuthorize.
@Test
public void buildWhenAllProvidersThenProvidersAuthorize() {
OAuth2AuthorizedClientProvider authorizedClientProvider = OAuth2AuthorizedClientProviderBuilder.builder().authorizationCode().refreshToken((configurer) -> configurer.accessTokenResponseClient(this.refreshTokenTokenResponseClient)).clientCredentials((configurer) -> configurer.accessTokenResponseClient(this.clientCredentialsTokenResponseClient)).password((configurer) -> configurer.accessTokenResponseClient(this.passwordTokenResponseClient)).build();
ClientRegistration clientRegistration = TestClientRegistrations.clientRegistration().build();
// authorization_code
// @formatter:off
OAuth2AuthorizationContext authorizationCodeContext = OAuth2AuthorizationContext.withClientRegistration(clientRegistration).principal(this.principal).build();
// @formatter:on
assertThatExceptionOfType(ClientAuthorizationRequiredException.class).isThrownBy(() -> authorizedClientProvider.authorize(authorizationCodeContext));
// refresh_token
OAuth2AuthorizedClient authorizedClient = new OAuth2AuthorizedClient(clientRegistration, this.principal.getName(), expiredAccessToken(), TestOAuth2RefreshTokens.refreshToken());
OAuth2AuthorizationContext refreshTokenContext = OAuth2AuthorizationContext.withAuthorizedClient(authorizedClient).principal(this.principal).build();
OAuth2AuthorizedClient reauthorizedClient = authorizedClientProvider.authorize(refreshTokenContext);
assertThat(reauthorizedClient).isNotNull();
verify(this.accessTokenClient, times(1)).exchange(any(RequestEntity.class), eq(OAuth2AccessTokenResponse.class));
// client_credentials
// @formatter:off
OAuth2AuthorizationContext clientCredentialsContext = OAuth2AuthorizationContext.withClientRegistration(TestClientRegistrations.clientCredentials().build()).principal(this.principal).build();
// @formatter:on
authorizedClient = authorizedClientProvider.authorize(clientCredentialsContext);
assertThat(authorizedClient).isNotNull();
verify(this.accessTokenClient, times(2)).exchange(any(RequestEntity.class), eq(OAuth2AccessTokenResponse.class));
// password
// @formatter:off
OAuth2AuthorizationContext passwordContext = OAuth2AuthorizationContext.withClientRegistration(TestClientRegistrations.password().build()).principal(this.principal).attribute(OAuth2AuthorizationContext.USERNAME_ATTRIBUTE_NAME, "username").attribute(OAuth2AuthorizationContext.PASSWORD_ATTRIBUTE_NAME, "password").build();
// @formatter:on
authorizedClient = authorizedClientProvider.authorize(passwordContext);
assertThat(authorizedClient).isNotNull();
verify(this.accessTokenClient, times(3)).exchange(any(RequestEntity.class), eq(OAuth2AccessTokenResponse.class));
}
use of org.springframework.security.oauth2.client.OAuth2AuthorizedClientProvider in project spring-security by spring-projects.
the class ServletOAuth2AuthorizedClientExchangeFilterFunctionTests method setup.
@BeforeEach
public void setup() {
this.authentication = new TestingAuthenticationToken("test", "this");
JwtBearerOAuth2AuthorizedClientProvider jwtBearerAuthorizedClientProvider = new JwtBearerOAuth2AuthorizedClientProvider();
jwtBearerAuthorizedClientProvider.setAccessTokenResponseClient(this.jwtBearerTokenResponseClient);
// @formatter:off
OAuth2AuthorizedClientProvider authorizedClientProvider = OAuth2AuthorizedClientProviderBuilder.builder().authorizationCode().refreshToken((configurer) -> configurer.accessTokenResponseClient(this.refreshTokenTokenResponseClient)).clientCredentials((configurer) -> configurer.accessTokenResponseClient(this.clientCredentialsTokenResponseClient)).password((configurer) -> configurer.accessTokenResponseClient(this.passwordTokenResponseClient)).provider(jwtBearerAuthorizedClientProvider).build();
// @formatter:on
this.authorizedClientManager = new DefaultOAuth2AuthorizedClientManager(this.clientRegistrationRepository, this.authorizedClientRepository);
this.authorizedClientManager.setAuthorizedClientProvider(authorizedClientProvider);
this.function = new ServletOAuth2AuthorizedClientExchangeFilterFunction(this.authorizedClientManager);
}
use of org.springframework.security.oauth2.client.OAuth2AuthorizedClientProvider in project spring-security by spring-projects.
the class OAuth2AuthorizedClientArgumentResolver method updateDefaultAuthorizedClientManager.
private void updateDefaultAuthorizedClientManager(OAuth2AccessTokenResponseClient<OAuth2ClientCredentialsGrantRequest> clientCredentialsTokenResponseClient) {
// @formatter:off
OAuth2AuthorizedClientProvider authorizedClientProvider = OAuth2AuthorizedClientProviderBuilder.builder().authorizationCode().refreshToken().clientCredentials((configurer) -> configurer.accessTokenResponseClient(clientCredentialsTokenResponseClient)).password().build();
// @formatter:on
((DefaultOAuth2AuthorizedClientManager) this.authorizedClientManager).setAuthorizedClientProvider(authorizedClientProvider);
}
use of org.springframework.security.oauth2.client.OAuth2AuthorizedClientProvider in project spring-security by spring-projects.
the class ServletOAuth2AuthorizedClientExchangeFilterFunction method updateDefaultAuthorizedClientManager.
private void updateDefaultAuthorizedClientManager() {
// @formatter:off
OAuth2AuthorizedClientProvider authorizedClientProvider = OAuth2AuthorizedClientProviderBuilder.builder().authorizationCode().refreshToken((configurer) -> configurer.clockSkew(this.accessTokenExpiresSkew)).clientCredentials(this::updateClientCredentialsProvider).password((configurer) -> configurer.clockSkew(this.accessTokenExpiresSkew)).build();
// @formatter:on
((DefaultOAuth2AuthorizedClientManager) this.authorizedClientManager).setAuthorizedClientProvider(authorizedClientProvider);
}
Aggregations