Examples with JwtBearerGrantRequest org.springframework.security.oauth2.client.endpoint.JwtBearerGrantRequest used on opensource projects

Search in sources :

Example 6 with JwtBearerGrantRequest

use of org.springframework.security.oauth2.client.endpoint.JwtBearerGrantRequest in project spring-security by spring-projects.

the class WebClientReactiveJwtBearerTokenResponseClientTests method getTokenResponseWhenClientSecretBasicThenSuccess.

@Test
public void getTokenResponseWhenClientSecretBasicThenSuccess() throws Exception {
    ClientRegistration clientRegistration = this.clientRegistration.build();
    JwtBearerGrantRequest request = new JwtBearerGrantRequest(clientRegistration, this.jwtAssertion);
    enqueueJson(DEFAULT_ACCESS_TOKEN_RESPONSE);
    OAuth2AccessTokenResponse response = this.client.getTokenResponse(request).block();
    assertThat(response).isNotNull();
    assertThat(response.getAccessToken().getScopes()).containsExactly("read", "write");
    RecordedRequest actualRequest = this.server.takeRequest();
    assertThat(actualRequest.getHeader(HttpHeaders.AUTHORIZATION)).isEqualTo("Basic Y2xpZW50LWlkOmNsaWVudC1zZWNyZXQ=");
    assertThat(actualRequest.getBody().readUtf8()).isEqualTo("grant_type=urn%3Aietf%3Aparams%3Aoauth%3Agrant-type%3Ajwt-bearer&scope=read+write&assertion=token");
}
Also used : OAuth2AccessTokenResponse(org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse) RecordedRequest(okhttp3.mockwebserver.RecordedRequest) ClientRegistration(org.springframework.security.oauth2.client.registration.ClientRegistration) Test(org.junit.jupiter.api.Test)

Example 7 with JwtBearerGrantRequest

use of org.springframework.security.oauth2.client.endpoint.JwtBearerGrantRequest in project spring-security by spring-projects.

the class WebClientReactiveJwtBearerTokenResponseClientTests method getTokenResponseWhenErrorResponseThenThrowOAuth2AuthorizationException.

@Test
public void getTokenResponseWhenErrorResponseThenThrowOAuth2AuthorizationException() {
    // @formatter:off
    String accessTokenResponse = "{\n" + "  \"error\": \"invalid_grant\"\n" + "}\n";
    // @formatter:on
    ClientRegistration registration = this.clientRegistration.build();
    enqueueJson(accessTokenResponse);
    JwtBearerGrantRequest request = new JwtBearerGrantRequest(registration, this.jwtAssertion);
    assertThatExceptionOfType(OAuth2AuthorizationException.class).isThrownBy(() -> this.client.getTokenResponse(request).block()).satisfies((ex) -> assertThat(ex.getError().getErrorCode()).isEqualTo(OAuth2ErrorCodes.INVALID_GRANT)).withMessageContaining("[invalid_grant]");
}
Also used : OAuth2AuthorizationException(org.springframework.security.oauth2.core.OAuth2AuthorizationException) ArgumentMatchers.any(org.mockito.ArgumentMatchers.any) BeforeEach(org.junit.jupiter.api.BeforeEach) Assertions.assertThat(org.assertj.core.api.Assertions.assertThat) OAuth2AuthorizationException(org.springframework.security.oauth2.core.OAuth2AuthorizationException) WebClient(org.springframework.web.reactive.function.client.WebClient) BDDMockito.given(org.mockito.BDDMockito.given) ClientAuthenticationMethod(org.springframework.security.oauth2.core.ClientAuthenticationMethod) MockWebServer(okhttp3.mockwebserver.MockWebServer) Assertions.assertThatExceptionOfType(org.assertj.core.api.Assertions.assertThatExceptionOfType) Jwt(org.springframework.security.oauth2.jwt.Jwt) TestClientRegistrations(org.springframework.security.oauth2.client.registration.TestClientRegistrations) Converter(org.springframework.core.convert.converter.Converter) TestOAuth2AccessTokenResponses(org.springframework.security.oauth2.core.endpoint.TestOAuth2AccessTokenResponses) RecordedRequest(okhttp3.mockwebserver.RecordedRequest) HttpHeaders(org.springframework.http.HttpHeaders) MediaType(org.springframework.http.MediaType) TestJwts(org.springframework.security.oauth2.jwt.TestJwts) MultiValueMap(org.springframework.util.MultiValueMap) Mono(reactor.core.publisher.Mono) BodyExtractor(org.springframework.web.reactive.function.BodyExtractor) OAuth2ErrorCodes(org.springframework.security.oauth2.core.OAuth2ErrorCodes) OAuth2AccessTokenResponse(org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse) ClientRegistration(org.springframework.security.oauth2.client.registration.ClientRegistration) Mockito.verify(org.mockito.Mockito.verify) Test(org.junit.jupiter.api.Test) AfterEach(org.junit.jupiter.api.AfterEach) ReactiveHttpInputMessage(org.springframework.http.ReactiveHttpInputMessage) Assertions.assertThatIllegalArgumentException(org.assertj.core.api.Assertions.assertThatIllegalArgumentException) MockResponse(okhttp3.mockwebserver.MockResponse) Collections(java.util.Collections) AuthorizationGrantType(org.springframework.security.oauth2.core.AuthorizationGrantType) LinkedMultiValueMap(org.springframework.util.LinkedMultiValueMap) Mockito.mock(org.mockito.Mockito.mock) ClientRegistration(org.springframework.security.oauth2.client.registration.ClientRegistration) Test(org.junit.jupiter.api.Test)

Example 8 with JwtBearerGrantRequest

use of org.springframework.security.oauth2.client.endpoint.JwtBearerGrantRequest in project spring-security by spring-projects.

the class WebClientReactiveJwtBearerTokenResponseClientTests method convertWhenParametersConverterSetThenCalled.

@Test
public void convertWhenParametersConverterSetThenCalled() throws Exception {
    ClientRegistration clientRegistration = this.clientRegistration.build();
    JwtBearerGrantRequest request = new JwtBearerGrantRequest(clientRegistration, this.jwtAssertion);
    Converter<JwtBearerGrantRequest, MultiValueMap<String, String>> parametersConverter = mock(Converter.class);
    MultiValueMap<String, String> parameters = new LinkedMultiValueMap<>();
    parameters.add("custom-parameter-name", "custom-parameter-value");
    given(parametersConverter.convert(request)).willReturn(parameters);
    this.client.setParametersConverter(parametersConverter);
    enqueueJson(DEFAULT_ACCESS_TOKEN_RESPONSE);
    this.client.getTokenResponse(request).block();
    verify(parametersConverter).convert(request);
    RecordedRequest actualRequest = this.server.takeRequest();
    assertThat(actualRequest.getBody().readUtf8()).contains("custom-parameter-name=custom-parameter-value");
}
Also used : RecordedRequest(okhttp3.mockwebserver.RecordedRequest) ClientRegistration(org.springframework.security.oauth2.client.registration.ClientRegistration) LinkedMultiValueMap(org.springframework.util.LinkedMultiValueMap) MultiValueMap(org.springframework.util.MultiValueMap) LinkedMultiValueMap(org.springframework.util.LinkedMultiValueMap) Test(org.junit.jupiter.api.Test)

Example 9 with JwtBearerGrantRequest

use of org.springframework.security.oauth2.client.endpoint.JwtBearerGrantRequest in project spring-security by spring-projects.

the class DefaultJwtBearerTokenResponseClientTests method getTokenResponseWhenSuccessResponseThenReturnAccessTokenResponse.

@Test
public void getTokenResponseWhenSuccessResponseThenReturnAccessTokenResponse() throws Exception {
    // @formatter:off
    String accessTokenSuccessResponse = "{\n" + "   \"access_token\": \"access-token-1234\",\n" + "   \"token_type\": \"bearer\",\n" + "   \"expires_in\": \"3600\"\n" + "}\n";
    // @formatter:on
    this.server.enqueue(jsonResponse(accessTokenSuccessResponse));
    Instant expiresAtBefore = Instant.now().plusSeconds(3600);
    ClientRegistration clientRegistration = this.clientRegistration.build();
    JwtBearerGrantRequest jwtBearerGrantRequest = new JwtBearerGrantRequest(clientRegistration, this.jwtAssertion);
    OAuth2AccessTokenResponse accessTokenResponse = this.tokenResponseClient.getTokenResponse(jwtBearerGrantRequest);
    Instant expiresAtAfter = Instant.now().plusSeconds(3600);
    RecordedRequest recordedRequest = this.server.takeRequest();
    assertThat(recordedRequest.getMethod()).isEqualTo(HttpMethod.POST.toString());
    assertThat(recordedRequest.getHeader(HttpHeaders.ACCEPT)).isEqualTo(MediaType.APPLICATION_JSON_UTF8_VALUE);
    assertThat(recordedRequest.getHeader(HttpHeaders.CONTENT_TYPE)).isEqualTo(MediaType.APPLICATION_FORM_URLENCODED_VALUE + ";charset=UTF-8");
    String formParameters = recordedRequest.getBody().readUtf8();
    assertThat(formParameters).contains("grant_type=" + URLEncoder.encode(AuthorizationGrantType.JWT_BEARER.getValue(), "UTF-8"));
    assertThat(formParameters).contains("scope=read+write");
    assertThat(accessTokenResponse.getAccessToken().getTokenValue()).isEqualTo("access-token-1234");
    assertThat(accessTokenResponse.getAccessToken().getTokenType()).isEqualTo(OAuth2AccessToken.TokenType.BEARER);
    assertThat(accessTokenResponse.getAccessToken().getExpiresAt()).isBetween(expiresAtBefore, expiresAtAfter);
    assertThat(accessTokenResponse.getAccessToken().getScopes()).containsExactlyInAnyOrder("read", "write");
    assertThat(accessTokenResponse.getRefreshToken()).isNull();
}
Also used : OAuth2AccessTokenResponse(org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse) RecordedRequest(okhttp3.mockwebserver.RecordedRequest) ClientRegistration(org.springframework.security.oauth2.client.registration.ClientRegistration) Instant(java.time.Instant) Test(org.junit.jupiter.api.Test)

Example 10 with JwtBearerGrantRequest

use of org.springframework.security.oauth2.client.endpoint.JwtBearerGrantRequest in project spring-security by spring-projects.

the class DefaultJwtBearerTokenResponseClientTests method getTokenResponseWhenSuccessResponseDoesNotIncludeScopeThenAccessTokenHasDefaultScope.

@Test
public void getTokenResponseWhenSuccessResponseDoesNotIncludeScopeThenAccessTokenHasDefaultScope() {
    // @formatter:off
    String accessTokenSuccessResponse = "{\n" + "   \"access_token\": \"access-token-1234\",\n" + "   \"token_type\": \"bearer\",\n" + "   \"expires_in\": \"3600\"\n" + "}\n";
    // @formatter:on
    this.server.enqueue(jsonResponse(accessTokenSuccessResponse));
    JwtBearerGrantRequest jwtBearerGrantRequest = new JwtBearerGrantRequest(this.clientRegistration.build(), this.jwtAssertion);
    OAuth2AccessTokenResponse accessTokenResponse = this.tokenResponseClient.getTokenResponse(jwtBearerGrantRequest);
    assertThat(accessTokenResponse.getAccessToken().getScopes()).containsExactly("read", "write");
}
Also used : OAuth2AccessTokenResponse(org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse) Test(org.junit.jupiter.api.Test)

Aggregations

ClientRegistration (org.springframework.security.oauth2.client.registration.ClientRegistration)22 Test (org.junit.jupiter.api.Test)21 OAuth2AccessTokenResponse (org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse)12 RecordedRequest (okhttp3.mockwebserver.RecordedRequest)11 Jwt (org.springframework.security.oauth2.jwt.Jwt)8 HttpHeaders (org.springframework.http.HttpHeaders)7 MultiValueMap (org.springframework.util.MultiValueMap)7 LinkedMultiValueMap (org.springframework.util.LinkedMultiValueMap)6 Mono (reactor.core.publisher.Mono)5 ReactiveHttpInputMessage (org.springframework.http.ReactiveHttpInputMessage)4 AuthorizationGrantType (org.springframework.security.oauth2.core.AuthorizationGrantType)4 OAuth2AuthorizationException (org.springframework.security.oauth2.core.OAuth2AuthorizationException)4 WebClient (org.springframework.web.reactive.function.client.WebClient)4 Collections (java.util.Collections)3 MockResponse (okhttp3.mockwebserver.MockResponse)3 MockWebServer (okhttp3.mockwebserver.MockWebServer)3 Assertions.assertThat (org.assertj.core.api.Assertions.assertThat)3 Assertions.assertThatExceptionOfType (org.assertj.core.api.Assertions.assertThatExceptionOfType)3 Assertions.assertThatIllegalArgumentException (org.assertj.core.api.Assertions.assertThatIllegalArgumentException)3 AfterEach (org.junit.jupiter.api.AfterEach)3
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial