Examples with OAuth2PasswordGrantRequest org.springframework.security.oauth2.client.endpoint.OAuth2PasswordGrantRequest used on opensource projects

Example 11 with OAuth2PasswordGrantRequest

use of org.springframework.security.oauth2.client.endpoint.OAuth2PasswordGrantRequest in project spring-security by spring-projects.

the class WebClientReactivePasswordTokenResponseClientTests method convertWhenHeadersConverterSetThenCalled.

// gh-10130
@Test
public void convertWhenHeadersConverterSetThenCalled() throws Exception {
    OAuth2PasswordGrantRequest request = new OAuth2PasswordGrantRequest(this.clientRegistrationBuilder.build(), this.username, this.password);
    ClientRegistration clientRegistration = request.getClientRegistration();
    Converter<OAuth2PasswordGrantRequest, HttpHeaders> headersConverter = mock(Converter.class);
    HttpHeaders headers = new HttpHeaders();
    headers.setBasicAuth(clientRegistration.getClientId(), clientRegistration.getClientSecret());
    given(headersConverter.convert(request)).willReturn(headers);
    this.tokenResponseClient.setHeadersConverter(headersConverter);
    // @formatter:off
    String accessTokenSuccessResponse = "{\n" + "   \"access_token\": \"access-token-1234\",\n" + "   \"token_type\": \"bearer\",\n" + "   \"expires_in\": \"3600\",\n" + "   \"scope\": \"read\"\n" + "}\n";
    // @formatter:on
    this.server.enqueue(jsonResponse(accessTokenSuccessResponse));
    this.tokenResponseClient.getTokenResponse(request).block();
    verify(headersConverter).convert(request);
    RecordedRequest actualRequest = this.server.takeRequest();
    assertThat(actualRequest.getHeader(HttpHeaders.AUTHORIZATION)).isEqualTo("Basic Y2xpZW50LWlkOmNsaWVudC1zZWNyZXQ=");
}

Example 12 with OAuth2PasswordGrantRequest

use of org.springframework.security.oauth2.client.endpoint.OAuth2PasswordGrantRequest in project spring-security by spring-projects.

the class WebClientReactivePasswordTokenResponseClientTests method getTokenResponseWhenClientAuthenticationPostThenFormParametersAreSent.

@Test
public void getTokenResponseWhenClientAuthenticationPostThenFormParametersAreSent() throws Exception {
    // @formatter:off
    String accessTokenSuccessResponse = "{\n" + "   \"access_token\": \"access-token-1234\",\n" + "   \"token_type\": \"bearer\",\n" + "   \"expires_in\": \"3600\"\n" + "}\n";
    // @formatter:on
    this.server.enqueue(jsonResponse(accessTokenSuccessResponse));
    ClientRegistration clientRegistration = this.clientRegistrationBuilder.clientAuthenticationMethod(ClientAuthenticationMethod.CLIENT_SECRET_POST).build();
    OAuth2PasswordGrantRequest passwordGrantRequest = new OAuth2PasswordGrantRequest(clientRegistration, this.username, this.password);
    this.tokenResponseClient.getTokenResponse(passwordGrantRequest).block();
    RecordedRequest recordedRequest = this.server.takeRequest();
    assertThat(recordedRequest.getHeader(HttpHeaders.AUTHORIZATION)).isNull();
    String formParameters = recordedRequest.getBody().readUtf8();
    assertThat(formParameters).contains("client_id=client-id");
    assertThat(formParameters).contains("client_secret=client-secret");
}

Example 13 with OAuth2PasswordGrantRequest

use of org.springframework.security.oauth2.client.endpoint.OAuth2PasswordGrantRequest in project spring-security by spring-projects.

the class OAuth2PasswordGrantRequestTests method constructorWhenClientRegistrationInvalidGrantTypeThenThrowIllegalArgumentException.

@Test
public void constructorWhenClientRegistrationInvalidGrantTypeThenThrowIllegalArgumentException() {
    ClientRegistration registration = TestClientRegistrations.clientCredentials().build();
    assertThatIllegalArgumentException().isThrownBy(() -> new OAuth2PasswordGrantRequest(registration, this.username, this.password)).withMessage("clientRegistration.authorizationGrantType must be AuthorizationGrantType.PASSWORD");
}

Example 14 with OAuth2PasswordGrantRequest

use of org.springframework.security.oauth2.client.endpoint.OAuth2PasswordGrantRequest in project spring-security by spring-projects.

the class DefaultPasswordTokenResponseClientTests method getTokenResponseWhenSuccessResponseThenReturnAccessTokenResponse.

@Test
public void getTokenResponseWhenSuccessResponseThenReturnAccessTokenResponse() throws Exception {
    // @formatter:off
    String accessTokenSuccessResponse = "{\n" + "   \"access_token\": \"access-token-1234\",\n" + "   \"token_type\": \"bearer\",\n" + "   \"expires_in\": \"3600\"\n" + "}\n";
    // @formatter:on
    this.server.enqueue(jsonResponse(accessTokenSuccessResponse));
    Instant expiresAtBefore = Instant.now().plusSeconds(3600);
    ClientRegistration clientRegistration = this.clientRegistration.build();
    OAuth2PasswordGrantRequest passwordGrantRequest = new OAuth2PasswordGrantRequest(clientRegistration, this.username, this.password);
    OAuth2AccessTokenResponse accessTokenResponse = this.tokenResponseClient.getTokenResponse(passwordGrantRequest);
    Instant expiresAtAfter = Instant.now().plusSeconds(3600);
    RecordedRequest recordedRequest = this.server.takeRequest();
    assertThat(recordedRequest.getMethod()).isEqualTo(HttpMethod.POST.toString());
    assertThat(recordedRequest.getHeader(HttpHeaders.ACCEPT)).isEqualTo(MediaType.APPLICATION_JSON_UTF8_VALUE);
    assertThat(recordedRequest.getHeader(HttpHeaders.CONTENT_TYPE)).isEqualTo(MediaType.APPLICATION_FORM_URLENCODED_VALUE + ";charset=UTF-8");
    String formParameters = recordedRequest.getBody().readUtf8();
    assertThat(formParameters).contains("grant_type=password");
    assertThat(formParameters).contains("username=user1");
    assertThat(formParameters).contains("password=password");
    assertThat(formParameters).contains("scope=read+write");
    assertThat(accessTokenResponse.getAccessToken().getTokenValue()).isEqualTo("access-token-1234");
    assertThat(accessTokenResponse.getAccessToken().getTokenType()).isEqualTo(OAuth2AccessToken.TokenType.BEARER);
    assertThat(accessTokenResponse.getAccessToken().getExpiresAt()).isBetween(expiresAtBefore, expiresAtAfter);
    assertThat(accessTokenResponse.getAccessToken().getScopes()).containsExactly(clientRegistration.getScopes().toArray(new String[0]));
    assertThat(accessTokenResponse.getRefreshToken()).isNull();
}

Example 15 with OAuth2PasswordGrantRequest

use of org.springframework.security.oauth2.client.endpoint.OAuth2PasswordGrantRequest in project spring-security by spring-projects.

the class DefaultPasswordTokenResponseClientTests method getTokenResponseWhenSuccessResponseIncludesScopeThenAccessTokenHasResponseScope.

@Test
public void getTokenResponseWhenSuccessResponseIncludesScopeThenAccessTokenHasResponseScope() throws Exception {
    // @formatter:off
    String accessTokenSuccessResponse = "{\n" + "   \"access_token\": \"access-token-1234\",\n" + "   \"token_type\": \"bearer\",\n" + "   \"expires_in\": \"3600\",\n" + "   \"scope\": \"read\"\n" + "}\n";
    // @formatter:on
    this.server.enqueue(jsonResponse(accessTokenSuccessResponse));
    OAuth2PasswordGrantRequest passwordGrantRequest = new OAuth2PasswordGrantRequest(this.clientRegistration.build(), this.username, this.password);
    OAuth2AccessTokenResponse accessTokenResponse = this.tokenResponseClient.getTokenResponse(passwordGrantRequest);
    RecordedRequest recordedRequest = this.server.takeRequest();
    String formParameters = recordedRequest.getBody().readUtf8();
    assertThat(formParameters).contains("scope=read");
    assertThat(accessTokenResponse.getAccessToken().getScopes()).containsExactly("read");
}