Examples with OAuth2AuthenticationToken org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken used on opensource projects

Search in sources :

Example 31 with OAuth2AuthenticationToken

use of org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken in project spring-security by spring-projects.

the class SecurityMockServerConfigurersOAuth2LoginTests method oauth2LoginWhenNameSpecifiedThenUserHasName.

@Test
public void oauth2LoginWhenNameSpecifiedThenUserHasName() throws Exception {
    OAuth2User oauth2User = new DefaultOAuth2User(AuthorityUtils.commaSeparatedStringToAuthorityList("SCOPE_read"), Collections.singletonMap("custom-attribute", "test-subject"), "custom-attribute");
    this.client.mutateWith(SecurityMockServerConfigurers.mockOAuth2Login().oauth2User(oauth2User)).get().uri("/token").exchange().expectStatus().isOk();
    OAuth2AuthenticationToken token = this.controller.token;
    assertThat(token.getPrincipal().getName()).isEqualTo("test-subject");
    this.client.mutateWith(SecurityMockServerConfigurers.mockOAuth2Login().oauth2User(oauth2User)).get().uri("/client").exchange().expectStatus().isOk();
    OAuth2AuthorizedClient client = this.controller.authorizedClient;
    assertThat(client.getPrincipalName()).isEqualTo("test-subject");
}
Also used : DefaultOAuth2User(org.springframework.security.oauth2.core.user.DefaultOAuth2User) OAuth2User(org.springframework.security.oauth2.core.user.OAuth2User) OAuth2AuthenticationToken(org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken) DefaultOAuth2User(org.springframework.security.oauth2.core.user.DefaultOAuth2User) RegisteredOAuth2AuthorizedClient(org.springframework.security.oauth2.client.annotation.RegisteredOAuth2AuthorizedClient) OAuth2AuthorizedClient(org.springframework.security.oauth2.client.OAuth2AuthorizedClient) Test(org.junit.jupiter.api.Test)

Example 32 with OAuth2AuthenticationToken

use of org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken in project spring-security by spring-projects.

the class SecurityMockServerConfigurersOAuth2LoginTests method oauth2LoginWhenAttributeSpecifiedThenUserHasAttribute.

@Test
public void oauth2LoginWhenAttributeSpecifiedThenUserHasAttribute() {
    this.client.mutateWith(SecurityMockServerConfigurers.mockOAuth2Login().attributes((a) -> a.put("iss", "https://idp.example.org"))).get().uri("/token").exchange().expectStatus().isOk();
    OAuth2AuthenticationToken token = this.controller.token;
    assertThat(token.getPrincipal().getAttributes()).containsEntry("iss", "https://idp.example.org");
}
Also used : OAuth2AuthenticationToken(org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken) Test(org.junit.jupiter.api.Test)

Example 33 with OAuth2AuthenticationToken

use of org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken in project spring-security by spring-projects.

the class SecurityMockServerConfigurersOAuth2LoginTests method oauth2LoginWhenUsingDefaultsThenProducesDefaultAuthentication.

@Test
public void oauth2LoginWhenUsingDefaultsThenProducesDefaultAuthentication() {
    this.client.mutateWith(SecurityMockServerConfigurers.mockOAuth2Login()).get().uri("/token").exchange().expectStatus().isOk();
    OAuth2AuthenticationToken token = this.controller.token;
    assertThat(token).isNotNull();
    assertThat(token.getAuthorizedClientRegistrationId()).isEqualTo("test");
    assertThat(token.getPrincipal()).isInstanceOf(OAuth2User.class);
    assertThat(token.getPrincipal().getAttributes()).containsEntry("sub", "user");
    assertThat((Collection<GrantedAuthority>) token.getPrincipal().getAuthorities()).contains(new SimpleGrantedAuthority("SCOPE_read"));
}
Also used : SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority) OAuth2AuthenticationToken(org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken) Collection(java.util.Collection) Test(org.junit.jupiter.api.Test)

Example 34 with OAuth2AuthenticationToken

use of org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken in project spring-security by spring-projects.

the class SecurityMockServerConfigurersOidcLoginTests method oidcLoginWhenOidcUserSpecifiedThenLastCalledTakesPrecedence.

// gh-7794
@Test
public void oidcLoginWhenOidcUserSpecifiedThenLastCalledTakesPrecedence() throws Exception {
    OidcUser oidcUser = new DefaultOidcUser(AuthorityUtils.createAuthorityList("SCOPE_read"), TestOidcIdTokens.idToken().build());
    this.client.mutateWith(SecurityMockServerConfigurers.mockOidcLogin().idToken((i) -> i.subject("foo")).oidcUser(oidcUser)).get().uri("/token").exchange().expectStatus().isOk();
    OAuth2AuthenticationToken token = this.controller.token;
    assertThat(token.getPrincipal().getAttributes()).containsEntry("sub", "subject");
    this.client.mutateWith(SecurityMockServerConfigurers.mockOidcLogin().oidcUser(oidcUser).idToken((i) -> i.subject("bar"))).get().uri("/token").exchange().expectStatus().isOk();
    token = this.controller.token;
    assertThat(token.getPrincipal().getAttributes()).containsEntry("sub", "bar");
}
Also used : BeforeEach(org.junit.jupiter.api.BeforeEach) OidcUser(org.springframework.security.oauth2.core.oidc.user.OidcUser) Mock(org.mockito.Mock) RegisteredOAuth2AuthorizedClient(org.springframework.security.oauth2.client.annotation.RegisteredOAuth2AuthorizedClient) Assertions.assertThat(org.assertj.core.api.Assertions.assertThat) SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority) WebTestClient(org.springframework.test.web.reactive.server.WebTestClient) ExtendWith(org.junit.jupiter.api.extension.ExtendWith) GetMapping(org.springframework.web.bind.annotation.GetMapping) SecurityContextServerWebExchangeWebFilter(org.springframework.security.web.server.context.SecurityContextServerWebExchangeWebFilter) OidcIdToken(org.springframework.security.oauth2.core.oidc.OidcIdToken) MockitoExtension(org.mockito.junit.jupiter.MockitoExtension) ReactiveClientRegistrationRepository(org.springframework.security.oauth2.client.registration.ReactiveClientRegistrationRepository) TestOidcIdTokens(org.springframework.security.oauth2.core.oidc.TestOidcIdTokens) HttpHeaders(org.springframework.http.HttpHeaders) Collection(java.util.Collection) MediaType(org.springframework.http.MediaType) OAuth2AuthorizedClientArgumentResolver(org.springframework.security.oauth2.client.web.reactive.result.method.annotation.OAuth2AuthorizedClientArgumentResolver) OAuth2AuthenticationToken(org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken) RestController(org.springframework.web.bind.annotation.RestController) OAuth2AuthorizedClient(org.springframework.security.oauth2.client.OAuth2AuthorizedClient) DefaultOidcUser(org.springframework.security.oauth2.core.oidc.user.DefaultOidcUser) GrantedAuthority(org.springframework.security.core.GrantedAuthority) Test(org.junit.jupiter.api.Test) AuthorityUtils(org.springframework.security.core.authority.AuthorityUtils) ServerOAuth2AuthorizedClientRepository(org.springframework.security.oauth2.client.web.server.ServerOAuth2AuthorizedClientRepository) OAuth2AuthenticationToken(org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken) DefaultOidcUser(org.springframework.security.oauth2.core.oidc.user.DefaultOidcUser) OidcUser(org.springframework.security.oauth2.core.oidc.user.OidcUser) DefaultOidcUser(org.springframework.security.oauth2.core.oidc.user.DefaultOidcUser) Test(org.junit.jupiter.api.Test)

Example 35 with OAuth2AuthenticationToken

use of org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken in project spring-security by spring-projects.

the class SecurityMockServerConfigurersOidcLoginTests method oidcLoginWhenUsingDefaultsThenProducesDefaultAuthentication.

@Test
public void oidcLoginWhenUsingDefaultsThenProducesDefaultAuthentication() {
    this.client.mutateWith(SecurityMockServerConfigurers.mockOidcLogin()).get().uri("/token").exchange().expectStatus().isOk();
    OAuth2AuthenticationToken token = this.controller.token;
    assertThat(token).isNotNull();
    assertThat(token.getAuthorizedClientRegistrationId()).isEqualTo("test");
    assertThat(token.getPrincipal()).isInstanceOf(OidcUser.class);
    assertThat(token.getPrincipal().getAttributes()).containsEntry("sub", "user");
    assertThat((Collection<GrantedAuthority>) token.getPrincipal().getAuthorities()).contains(new SimpleGrantedAuthority("SCOPE_read"));
    assertThat(((OidcUser) token.getPrincipal()).getIdToken().getTokenValue()).isEqualTo("id-token");
}
Also used : SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority) OAuth2AuthenticationToken(org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken) Collection(java.util.Collection) Test(org.junit.jupiter.api.Test)

Aggregations

OAuth2AuthenticationToken (org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken)41 Test (org.junit.jupiter.api.Test)34 OAuth2AuthorizedClient (org.springframework.security.oauth2.client.OAuth2AuthorizedClient)11 Collection (java.util.Collection)6 SimpleGrantedAuthority (org.springframework.security.core.authority.SimpleGrantedAuthority)6 DefaultOidcUser (org.springframework.security.oauth2.core.oidc.user.DefaultOidcUser)6 DefaultOAuth2User (org.springframework.security.oauth2.core.user.DefaultOAuth2User)6 RegisteredOAuth2AuthorizedClient (org.springframework.security.oauth2.client.annotation.RegisteredOAuth2AuthorizedClient)5 ClientRegistration (org.springframework.security.oauth2.client.registration.ClientRegistration)5 OAuth2User (org.springframework.security.oauth2.core.user.OAuth2User)5 WebFilterExchange (org.springframework.security.web.server.WebFilterExchange)5 HttpHeaders (org.springframework.http.HttpHeaders)4 URI (java.net.URI)3 Assertions.assertThat (org.assertj.core.api.Assertions.assertThat)3 BeforeEach (org.junit.jupiter.api.BeforeEach)3 ExtendWith (org.junit.jupiter.api.extension.ExtendWith)3 Mock (org.mockito.Mock)3 MockitoExtension (org.mockito.junit.jupiter.MockitoExtension)3 GrantedAuthority (org.springframework.security.core.GrantedAuthority)3 AuthorityUtils (org.springframework.security.core.authority.AuthorityUtils)3
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial