Examples with OAuth2LoginAuthenticationToken org.springframework.security.oauth2.client.authentication.OAuth2LoginAuthenticationToken used on opensource projects

Example 6 with OAuth2LoginAuthenticationToken

use of org.springframework.security.oauth2.client.authentication.OAuth2LoginAuthenticationToken in project spring-security by spring-projects.

the class OAuth2LoginTests method oauth2LoginWhenCustomObjectsInLambdaThenUsed.

@Test
public void oauth2LoginWhenCustomObjectsInLambdaThenUsed() {
    this.spring.register(OAuth2LoginWithSingleClientRegistrations.class, OAuth2LoginMockAuthenticationManagerInLambdaConfig.class).autowire();
    String redirectLocation = "/custom-redirect-location";
    WebTestClient webTestClient = WebTestClientBuilder.bindToWebFilters(this.springSecurity).build();
    OAuth2LoginMockAuthenticationManagerInLambdaConfig config = this.spring.getContext().getBean(OAuth2LoginMockAuthenticationManagerInLambdaConfig.class);
    ServerAuthenticationConverter converter = config.authenticationConverter;
    ReactiveAuthenticationManager manager = config.manager;
    ServerWebExchangeMatcher matcher = config.matcher;
    ServerOAuth2AuthorizationRequestResolver resolver = config.resolver;
    ServerAuthenticationSuccessHandler successHandler = config.successHandler;
    OAuth2AuthorizationExchange exchange = TestOAuth2AuthorizationExchanges.success();
    OAuth2User user = TestOAuth2Users.create();
    OAuth2AccessToken accessToken = TestOAuth2AccessTokens.noScopes();
    OAuth2LoginAuthenticationToken result = new OAuth2LoginAuthenticationToken(github, exchange, user, user.getAuthorities(), accessToken);
    given(converter.convert(any())).willReturn(Mono.just(new TestingAuthenticationToken("a", "b", "c")));
    given(manager.authenticate(any())).willReturn(Mono.just(result));
    given(matcher.matches(any())).willReturn(ServerWebExchangeMatcher.MatchResult.match());
    given(resolver.resolve(any())).willReturn(Mono.empty());
    given(successHandler.onAuthenticationSuccess(any(), any())).willAnswer((Answer<Mono<Void>>) (invocation) -> {
        WebFilterExchange webFilterExchange = invocation.getArgument(0);
        Authentication authentication = invocation.getArgument(1);
        return new RedirectServerAuthenticationSuccessHandler(redirectLocation).onAuthenticationSuccess(webFilterExchange, authentication);
    });
    // @formatter:off
    webTestClient.get().uri("/login/oauth2/code/github").exchange().expectStatus().is3xxRedirection().expectHeader().valueEquals("Location", redirectLocation);
    // @formatter:on
    verify(converter).convert(any());
    verify(manager).authenticate(any());
    verify(matcher).matches(any());
    verify(resolver).resolve(any());
    verify(successHandler).onAuthenticationSuccess(any(), any());
}

Example 7 with OAuth2LoginAuthenticationToken

use of org.springframework.security.oauth2.client.authentication.OAuth2LoginAuthenticationToken in project spring-security by spring-projects.

the class OAuth2LoginTests method oauth2LoginWhenCustomObjectsThenUsed.

@Test
public void oauth2LoginWhenCustomObjectsThenUsed() {
    this.spring.register(OAuth2LoginWithSingleClientRegistrations.class, OAuth2LoginMockAuthenticationManagerConfig.class).autowire();
    String redirectLocation = "/custom-redirect-location";
    WebTestClient webTestClient = WebTestClientBuilder.bindToWebFilters(this.springSecurity).build();
    OAuth2LoginMockAuthenticationManagerConfig config = this.spring.getContext().getBean(OAuth2LoginMockAuthenticationManagerConfig.class);
    ServerAuthenticationConverter converter = config.authenticationConverter;
    ReactiveAuthenticationManager manager = config.manager;
    ServerWebExchangeMatcher matcher = config.matcher;
    ServerOAuth2AuthorizationRequestResolver resolver = config.resolver;
    ServerAuthenticationSuccessHandler successHandler = config.successHandler;
    OAuth2AuthorizationExchange exchange = TestOAuth2AuthorizationExchanges.success();
    OAuth2User user = TestOAuth2Users.create();
    OAuth2AccessToken accessToken = TestOAuth2AccessTokens.noScopes();
    OAuth2LoginAuthenticationToken result = new OAuth2LoginAuthenticationToken(github, exchange, user, user.getAuthorities(), accessToken);
    given(converter.convert(any())).willReturn(Mono.just(new TestingAuthenticationToken("a", "b", "c")));
    given(manager.authenticate(any())).willReturn(Mono.just(result));
    given(matcher.matches(any())).willReturn(ServerWebExchangeMatcher.MatchResult.match());
    given(resolver.resolve(any())).willReturn(Mono.empty());
    given(successHandler.onAuthenticationSuccess(any(), any())).willAnswer((Answer<Mono<Void>>) (invocation) -> {
        WebFilterExchange webFilterExchange = invocation.getArgument(0);
        Authentication authentication = invocation.getArgument(1);
        return new RedirectServerAuthenticationSuccessHandler(redirectLocation).onAuthenticationSuccess(webFilterExchange, authentication);
    });
    // @formatter:off
    webTestClient.get().uri("/login/oauth2/code/github").exchange().expectStatus().is3xxRedirection().expectHeader().valueEquals("Location", redirectLocation);
    // @formatter:on
    verify(converter).convert(any());
    verify(manager).authenticate(any());
    verify(matcher).matches(any());
    verify(resolver).resolve(any());
    verify(successHandler).onAuthenticationSuccess(any(), any());
}

Example 8 with OAuth2LoginAuthenticationToken

use of org.springframework.security.oauth2.client.authentication.OAuth2LoginAuthenticationToken in project spring-security by spring-projects.

the class OidcAuthorizationCodeAuthenticationProviderTests method authenticateWhenJwkSetUriNotSetThenThrowOAuth2AuthenticationException.

@Test
public void authenticateWhenJwkSetUriNotSetThenThrowOAuth2AuthenticationException() {
    // @formatter:off
    ClientRegistration clientRegistration = TestClientRegistrations.clientRegistration().jwkSetUri(null).build();
    // @formatter:on
    assertThatExceptionOfType(OAuth2AuthenticationException.class).isThrownBy(() -> this.authenticationProvider.authenticate(new OAuth2LoginAuthenticationToken(clientRegistration, this.authorizationExchange))).withMessageContaining("missing_signature_verifier");
}

Example 9 with OAuth2LoginAuthenticationToken

use of org.springframework.security.oauth2.client.authentication.OAuth2LoginAuthenticationToken in project spring-security by spring-projects.

the class OidcAuthorizationCodeAuthenticationProviderTests method authenticateWhenLoginSuccessThenReturnAuthentication.

@Test
public void authenticateWhenLoginSuccessThenReturnAuthentication() {
    Map<String, Object> claims = new HashMap<>();
    claims.put(IdTokenClaimNames.ISS, "https://provider.com");
    claims.put(IdTokenClaimNames.SUB, "subject1");
    claims.put(IdTokenClaimNames.AUD, Arrays.asList("client1", "client2"));
    claims.put(IdTokenClaimNames.AZP, "client1");
    claims.put(IdTokenClaimNames.NONCE, this.nonceHash);
    this.setUpIdToken(claims);
    OidcUser principal = mock(OidcUser.class);
    List<GrantedAuthority> authorities = AuthorityUtils.createAuthorityList("ROLE_USER");
    given(principal.getAuthorities()).willAnswer((Answer<List<GrantedAuthority>>) (invocation) -> authorities);
    given(this.userService.loadUser(any())).willReturn(principal);
    OAuth2LoginAuthenticationToken authentication = (OAuth2LoginAuthenticationToken) this.authenticationProvider.authenticate(new OAuth2LoginAuthenticationToken(this.clientRegistration, this.authorizationExchange));
    assertThat(authentication.isAuthenticated()).isTrue();
    assertThat(authentication.getPrincipal()).isEqualTo(principal);
    assertThat(authentication.getCredentials()).isEqualTo("");
    assertThat(authentication.getAuthorities()).isEqualTo(authorities);
    assertThat(authentication.getClientRegistration()).isEqualTo(this.clientRegistration);
    assertThat(authentication.getAuthorizationExchange()).isEqualTo(this.authorizationExchange);
    assertThat(authentication.getAccessToken()).isEqualTo(this.accessTokenResponse.getAccessToken());
    assertThat(authentication.getRefreshToken()).isEqualTo(this.accessTokenResponse.getRefreshToken());
}

Example 10 with OAuth2LoginAuthenticationToken

use of org.springframework.security.oauth2.client.authentication.OAuth2LoginAuthenticationToken in project spring-security by spring-projects.

the class OidcAuthorizationCodeAuthenticationProviderTests method authenticateWhenIdTokenInvalidNonceThenThrowOAuth2AuthenticationException.

@Test
public void authenticateWhenIdTokenInvalidNonceThenThrowOAuth2AuthenticationException() {
    Map<String, Object> claims = new HashMap<>();
    claims.put(IdTokenClaimNames.ISS, "https://provider.com");
    claims.put(IdTokenClaimNames.SUB, "subject1");
    claims.put(IdTokenClaimNames.AUD, Arrays.asList("client1", "client2"));
    claims.put(IdTokenClaimNames.AZP, "client1");
    claims.put(IdTokenClaimNames.NONCE, "invalid-nonce-hash");
    this.setUpIdToken(claims);
    assertThatExceptionOfType(OAuth2AuthenticationException.class).isThrownBy(() -> this.authenticationProvider.authenticate(new OAuth2LoginAuthenticationToken(this.clientRegistration, this.authorizationExchange))).withMessageContaining("[invalid_nonce]");
}