Examples with OAuth2RefreshTokenGrantRequest org.springframework.security.oauth2.client.endpoint.OAuth2RefreshTokenGrantRequest used on opensource projects

Example 6 with OAuth2RefreshTokenGrantRequest

use of org.springframework.security.oauth2.client.endpoint.OAuth2RefreshTokenGrantRequest in project spring-security by spring-projects.

the class OAuth2RefreshTokenGrantRequestEntityConverterTests method convertWhenHeadersConverterSetThenCalled.

@Test
public void convertWhenHeadersConverterSetThenCalled() {
    Converter<OAuth2RefreshTokenGrantRequest, HttpHeaders> headersConverter1 = mock(Converter.class);
    this.converter.setHeadersConverter(headersConverter1);
    Converter<OAuth2RefreshTokenGrantRequest, HttpHeaders> headersConverter2 = mock(Converter.class);
    this.converter.addHeadersConverter(headersConverter2);
    ClientRegistration clientRegistration = TestClientRegistrations.clientRegistration().build();
    OAuth2AccessToken accessToken = TestOAuth2AccessTokens.scopes("read", "write");
    OAuth2RefreshToken refreshToken = TestOAuth2RefreshTokens.refreshToken();
    OAuth2RefreshTokenGrantRequest refreshTokenGrantRequest = new OAuth2RefreshTokenGrantRequest(clientRegistration, accessToken, refreshToken);
    this.converter.convert(refreshTokenGrantRequest);
    InOrder inOrder = inOrder(headersConverter1, headersConverter2);
    inOrder.verify(headersConverter1).convert(any(OAuth2RefreshTokenGrantRequest.class));
    inOrder.verify(headersConverter2).convert(any(OAuth2RefreshTokenGrantRequest.class));
}

Example 7 with OAuth2RefreshTokenGrantRequest

use of org.springframework.security.oauth2.client.endpoint.OAuth2RefreshTokenGrantRequest in project spring-security by spring-projects.

the class OAuth2RefreshTokenGrantRequestEntityConverterTests method convertWhenParametersConverterSetThenCalled.

@Test
public void convertWhenParametersConverterSetThenCalled() {
    Converter<OAuth2RefreshTokenGrantRequest, MultiValueMap<String, String>> parametersConverter1 = mock(Converter.class);
    this.converter.setParametersConverter(parametersConverter1);
    Converter<OAuth2RefreshTokenGrantRequest, MultiValueMap<String, String>> parametersConverter2 = mock(Converter.class);
    this.converter.addParametersConverter(parametersConverter2);
    ClientRegistration clientRegistration = TestClientRegistrations.clientRegistration().build();
    OAuth2AccessToken accessToken = TestOAuth2AccessTokens.scopes("read", "write");
    OAuth2RefreshToken refreshToken = TestOAuth2RefreshTokens.refreshToken();
    OAuth2RefreshTokenGrantRequest refreshTokenGrantRequest = new OAuth2RefreshTokenGrantRequest(clientRegistration, accessToken, refreshToken);
    this.converter.convert(refreshTokenGrantRequest);
    InOrder inOrder = inOrder(parametersConverter1, parametersConverter2);
    inOrder.verify(parametersConverter1).convert(any(OAuth2RefreshTokenGrantRequest.class));
    inOrder.verify(parametersConverter2).convert(any(OAuth2RefreshTokenGrantRequest.class));
}

Example 8 with OAuth2RefreshTokenGrantRequest

use of org.springframework.security.oauth2.client.endpoint.OAuth2RefreshTokenGrantRequest in project spring-security by spring-projects.

the class DefaultRefreshTokenTokenResponseClientTests method getTokenResponseWhenAuthenticationClientSecretJwtThenFormParametersAreSent.

@Test
public void getTokenResponseWhenAuthenticationClientSecretJwtThenFormParametersAreSent() throws Exception {
    // @formatter:off
    String accessTokenSuccessResponse = "{\n" + "	\"access_token\": \"access-token-1234\",\n" + "   \"token_type\": \"bearer\",\n" + "   \"expires_in\": \"3600\"\n" + "}\n";
    // @formatter:on
    this.server.enqueue(jsonResponse(accessTokenSuccessResponse));
    // @formatter:off
    ClientRegistration clientRegistration = this.clientRegistration.clientAuthenticationMethod(ClientAuthenticationMethod.CLIENT_SECRET_JWT).clientSecret(TestKeys.DEFAULT_ENCODED_SECRET_KEY).build();
    // @formatter:on
    // Configure Jwt client authentication converter
    SecretKeySpec secretKey = new SecretKeySpec(clientRegistration.getClientSecret().getBytes(StandardCharsets.UTF_8), "HmacSHA256");
    JWK jwk = TestJwks.jwk(secretKey).build();
    Function<ClientRegistration, JWK> jwkResolver = (registration) -> jwk;
    configureJwtClientAuthenticationConverter(jwkResolver);
    OAuth2RefreshTokenGrantRequest refreshTokenGrantRequest = new OAuth2RefreshTokenGrantRequest(clientRegistration, this.accessToken, this.refreshToken);
    this.tokenResponseClient.getTokenResponse(refreshTokenGrantRequest);
    RecordedRequest recordedRequest = this.server.takeRequest();
    assertThat(recordedRequest.getHeader(HttpHeaders.AUTHORIZATION)).isNull();
    String formParameters = recordedRequest.getBody().readUtf8();
    assertThat(formParameters).contains("client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer");
    assertThat(formParameters).contains("client_assertion=");
}

Example 9 with OAuth2RefreshTokenGrantRequest

use of org.springframework.security.oauth2.client.endpoint.OAuth2RefreshTokenGrantRequest in project spring-security by spring-projects.

the class DefaultRefreshTokenTokenResponseClientTests method getTokenResponseWhenSuccessResponseIncludesScopeThenAccessTokenHasResponseScope.

@Test
public void getTokenResponseWhenSuccessResponseIncludesScopeThenAccessTokenHasResponseScope() throws Exception {
    // @formatter:off
    String accessTokenSuccessResponse = "{\n" + "   \"access_token\": \"access-token-1234\",\n" + "   \"token_type\": \"bearer\",\n" + "   \"expires_in\": \"3600\",\n" + "   \"scope\": \"read\"\n" + "}\n";
    // @formatter:on
    this.server.enqueue(jsonResponse(accessTokenSuccessResponse));
    OAuth2RefreshTokenGrantRequest refreshTokenGrantRequest = new OAuth2RefreshTokenGrantRequest(this.clientRegistration.build(), this.accessToken, this.refreshToken, Collections.singleton("read"));
    OAuth2AccessTokenResponse accessTokenResponse = this.tokenResponseClient.getTokenResponse(refreshTokenGrantRequest);
    RecordedRequest recordedRequest = this.server.takeRequest();
    String formParameters = recordedRequest.getBody().readUtf8();
    assertThat(formParameters).contains("scope=read");
    assertThat(accessTokenResponse.getAccessToken().getScopes()).containsExactly("read");
}

Example 10 with OAuth2RefreshTokenGrantRequest

use of org.springframework.security.oauth2.client.endpoint.OAuth2RefreshTokenGrantRequest in project spring-security by spring-projects.

the class DefaultRefreshTokenTokenResponseClientTests method getTokenResponseWhenSuccessResponseThenReturnAccessTokenResponse.

@Test
public void getTokenResponseWhenSuccessResponseThenReturnAccessTokenResponse() throws Exception {
    // @formatter:off
    String accessTokenSuccessResponse = "{\n" + "   \"access_token\": \"access-token-1234\",\n" + "   \"token_type\": \"bearer\",\n" + "   \"expires_in\": \"3600\"\n" + "}\n";
    // @formatter:on
    this.server.enqueue(jsonResponse(accessTokenSuccessResponse));
    Instant expiresAtBefore = Instant.now().plusSeconds(3600);
    OAuth2RefreshTokenGrantRequest refreshTokenGrantRequest = new OAuth2RefreshTokenGrantRequest(this.clientRegistration.build(), this.accessToken, this.refreshToken);
    OAuth2AccessTokenResponse accessTokenResponse = this.tokenResponseClient.getTokenResponse(refreshTokenGrantRequest);
    Instant expiresAtAfter = Instant.now().plusSeconds(3600);
    RecordedRequest recordedRequest = this.server.takeRequest();
    assertThat(recordedRequest.getMethod()).isEqualTo(HttpMethod.POST.toString());
    assertThat(recordedRequest.getHeader(HttpHeaders.ACCEPT)).isEqualTo(MediaType.APPLICATION_JSON_UTF8_VALUE);
    assertThat(recordedRequest.getHeader(HttpHeaders.CONTENT_TYPE)).isEqualTo(MediaType.APPLICATION_FORM_URLENCODED_VALUE + ";charset=UTF-8");
    assertThat(recordedRequest.getHeader(HttpHeaders.AUTHORIZATION)).startsWith("Basic ");
    String formParameters = recordedRequest.getBody().readUtf8();
    assertThat(formParameters).contains("grant_type=refresh_token");
    assertThat(formParameters).contains("refresh_token=refresh-token");
    assertThat(accessTokenResponse.getAccessToken().getTokenValue()).isEqualTo("access-token-1234");
    assertThat(accessTokenResponse.getAccessToken().getTokenType()).isEqualTo(OAuth2AccessToken.TokenType.BEARER);
    assertThat(accessTokenResponse.getAccessToken().getExpiresAt()).isBetween(expiresAtBefore, expiresAtAfter);
    assertThat(accessTokenResponse.getAccessToken().getScopes()).containsExactly(this.accessToken.getScopes().toArray(new String[0]));
    assertThat(accessTokenResponse.getRefreshToken().getTokenValue()).isEqualTo(this.refreshToken.getTokenValue());
}