Examples with OAuth2RefreshTokenGrantRequest org.springframework.security.oauth2.client.endpoint.OAuth2RefreshTokenGrantRequest used on opensource projects

Example 11 with OAuth2RefreshTokenGrantRequest

use of org.springframework.security.oauth2.client.endpoint.OAuth2RefreshTokenGrantRequest in project spring-security by spring-projects.

the class DefaultRefreshTokenTokenResponseClientTests method getTokenResponseWhenAuthenticationPrivateKeyJwtThenFormParametersAreSent.

@Test
public void getTokenResponseWhenAuthenticationPrivateKeyJwtThenFormParametersAreSent() throws Exception {
    // @formatter:off
    String accessTokenSuccessResponse = "{\n" + "	\"access_token\": \"access-token-1234\",\n" + "   \"token_type\": \"bearer\",\n" + "   \"expires_in\": \"3600\"\n" + "}\n";
    // @formatter:on
    this.server.enqueue(jsonResponse(accessTokenSuccessResponse));
    // @formatter:off
    ClientRegistration clientRegistration = this.clientRegistration.clientAuthenticationMethod(ClientAuthenticationMethod.PRIVATE_KEY_JWT).build();
    // @formatter:on
    // Configure Jwt client authentication converter
    JWK jwk = TestJwks.DEFAULT_RSA_JWK;
    Function<ClientRegistration, JWK> jwkResolver = (registration) -> jwk;
    configureJwtClientAuthenticationConverter(jwkResolver);
    OAuth2RefreshTokenGrantRequest refreshTokenGrantRequest = new OAuth2RefreshTokenGrantRequest(clientRegistration, this.accessToken, this.refreshToken);
    this.tokenResponseClient.getTokenResponse(refreshTokenGrantRequest);
    RecordedRequest recordedRequest = this.server.takeRequest();
    assertThat(recordedRequest.getHeader(HttpHeaders.AUTHORIZATION)).isNull();
    String formParameters = recordedRequest.getBody().readUtf8();
    assertThat(formParameters).contains("client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer");
    assertThat(formParameters).contains("client_assertion=");
}

Example 12 with OAuth2RefreshTokenGrantRequest

use of org.springframework.security.oauth2.client.endpoint.OAuth2RefreshTokenGrantRequest in project spring-security by spring-projects.

the class DefaultRefreshTokenTokenResponseClientTests method getTokenResponseWhenAuthenticationClientSecretPostThenFormParametersAreSent.

@Test
public void getTokenResponseWhenAuthenticationClientSecretPostThenFormParametersAreSent() throws Exception {
    // @formatter:off
    String accessTokenSuccessResponse = "{\n" + "   \"access_token\": \"access-token-1234\",\n" + "   \"token_type\": \"bearer\",\n" + "   \"expires_in\": \"3600\"\n" + "}\n";
    // @formatter:on
    this.server.enqueue(jsonResponse(accessTokenSuccessResponse));
    ClientRegistration clientRegistration = this.clientRegistration.clientAuthenticationMethod(ClientAuthenticationMethod.CLIENT_SECRET_POST).build();
    OAuth2RefreshTokenGrantRequest refreshTokenGrantRequest = new OAuth2RefreshTokenGrantRequest(clientRegistration, this.accessToken, this.refreshToken);
    this.tokenResponseClient.getTokenResponse(refreshTokenGrantRequest);
    RecordedRequest recordedRequest = this.server.takeRequest();
    assertThat(recordedRequest.getHeader(HttpHeaders.AUTHORIZATION)).isNull();
    String formParameters = recordedRequest.getBody().readUtf8();
    assertThat(formParameters).contains("client_id=client-id");
    assertThat(formParameters).contains("client_secret=client-secret");
}

Example 13 with OAuth2RefreshTokenGrantRequest

use of org.springframework.security.oauth2.client.endpoint.OAuth2RefreshTokenGrantRequest in project spring-security by spring-projects.

the class RefreshTokenReactiveOAuth2AuthorizedClientProviderTests method authorizeWhenAuthorizedAndRequestScopeProvidedThenScopeRequested.

@Test
public void authorizeWhenAuthorizedAndRequestScopeProvidedThenScopeRequested() {
    OAuth2AccessTokenResponse accessTokenResponse = TestOAuth2AccessTokenResponses.accessTokenResponse().refreshToken("new-refresh-token").build();
    given(this.accessTokenResponseClient.getTokenResponse(any())).willReturn(Mono.just(accessTokenResponse));
    String[] requestScope = new String[] { "read", "write" };
    // @formatter:off
    OAuth2AuthorizationContext authorizationContext = OAuth2AuthorizationContext.withAuthorizedClient(this.authorizedClient).principal(this.principal).attribute(OAuth2AuthorizationContext.REQUEST_SCOPE_ATTRIBUTE_NAME, requestScope).build();
    // @formatter:on
    this.authorizedClientProvider.authorize(authorizationContext).block();
    ArgumentCaptor<OAuth2RefreshTokenGrantRequest> refreshTokenGrantRequestArgCaptor = ArgumentCaptor.forClass(OAuth2RefreshTokenGrantRequest.class);
    verify(this.accessTokenResponseClient).getTokenResponse(refreshTokenGrantRequestArgCaptor.capture());
    assertThat(refreshTokenGrantRequestArgCaptor.getValue().getScopes()).isEqualTo(new HashSet<>(Arrays.asList(requestScope)));
}

Example 14 with OAuth2RefreshTokenGrantRequest

use of org.springframework.security.oauth2.client.endpoint.OAuth2RefreshTokenGrantRequest in project spring-security by spring-projects.

the class RefreshTokenOAuth2AuthorizedClientProviderTests method authorizeWhenAuthorizedAndRequestScopeProvidedThenScopeRequested.

@Test
public void authorizeWhenAuthorizedAndRequestScopeProvidedThenScopeRequested() {
    // @formatter:off
    OAuth2AccessTokenResponse accessTokenResponse = TestOAuth2AccessTokenResponses.accessTokenResponse().refreshToken("new-refresh-token").build();
    // @formatter:on
    given(this.accessTokenResponseClient.getTokenResponse(any())).willReturn(accessTokenResponse);
    String[] requestScope = new String[] { "read", "write" };
    // @formatter:off
    OAuth2AuthorizationContext authorizationContext = OAuth2AuthorizationContext.withAuthorizedClient(this.authorizedClient).principal(this.principal).attribute(OAuth2AuthorizationContext.REQUEST_SCOPE_ATTRIBUTE_NAME, requestScope).build();
    // @formatter:on
    this.authorizedClientProvider.authorize(authorizationContext);
    ArgumentCaptor<OAuth2RefreshTokenGrantRequest> refreshTokenGrantRequestArgCaptor = ArgumentCaptor.forClass(OAuth2RefreshTokenGrantRequest.class);
    verify(this.accessTokenResponseClient).getTokenResponse(refreshTokenGrantRequestArgCaptor.capture());
    assertThat(refreshTokenGrantRequestArgCaptor.getValue().getScopes()).isEqualTo(new HashSet<>(Arrays.asList(requestScope)));
}

Example 15 with OAuth2RefreshTokenGrantRequest

use of org.springframework.security.oauth2.client.endpoint.OAuth2RefreshTokenGrantRequest in project spring-security by spring-projects.

the class OAuth2RefreshTokenGrantRequestEntityConverter method createParameters.

@Override
protected MultiValueMap<String, String> createParameters(OAuth2RefreshTokenGrantRequest refreshTokenGrantRequest) {
    ClientRegistration clientRegistration = refreshTokenGrantRequest.getClientRegistration();
    MultiValueMap<String, String> parameters = new LinkedMultiValueMap<>();
    parameters.add(OAuth2ParameterNames.GRANT_TYPE, refreshTokenGrantRequest.getGrantType().getValue());
    parameters.add(OAuth2ParameterNames.REFRESH_TOKEN, refreshTokenGrantRequest.getRefreshToken().getTokenValue());
    if (!CollectionUtils.isEmpty(refreshTokenGrantRequest.getScopes())) {
        parameters.add(OAuth2ParameterNames.SCOPE, StringUtils.collectionToDelimitedString(refreshTokenGrantRequest.getScopes(), " "));
    }
    if (ClientAuthenticationMethod.CLIENT_SECRET_POST.equals(clientRegistration.getClientAuthenticationMethod()) || ClientAuthenticationMethod.POST.equals(clientRegistration.getClientAuthenticationMethod())) {
        parameters.add(OAuth2ParameterNames.CLIENT_ID, clientRegistration.getClientId());
        parameters.add(OAuth2ParameterNames.CLIENT_SECRET, clientRegistration.getClientSecret());
    }
    return parameters;
}