Search in sources :

Example 21 with OAuth2RefreshTokenGrantRequest

use of org.springframework.security.oauth2.client.endpoint.OAuth2RefreshTokenGrantRequest in project spring-security by spring-projects.

the class OAuth2RefreshTokenGrantRequestEntityConverterTests method convertWhenGrantRequestValidThenConverts.

@SuppressWarnings("unchecked")
@Test
public void convertWhenGrantRequestValidThenConverts() {
    ClientRegistration clientRegistration = TestClientRegistrations.clientRegistration().build();
    OAuth2AccessToken accessToken = TestOAuth2AccessTokens.scopes("read", "write");
    OAuth2RefreshToken refreshToken = TestOAuth2RefreshTokens.refreshToken();
    OAuth2RefreshTokenGrantRequest refreshTokenGrantRequest = new OAuth2RefreshTokenGrantRequest(clientRegistration, accessToken, refreshToken, Collections.singleton("read"));
    RequestEntity<?> requestEntity = this.converter.convert(refreshTokenGrantRequest);
    assertThat(requestEntity.getMethod()).isEqualTo(HttpMethod.POST);
    assertThat(requestEntity.getUrl().toASCIIString()).isEqualTo(clientRegistration.getProviderDetails().getTokenUri());
    HttpHeaders headers = requestEntity.getHeaders();
    assertThat(headers.getAccept()).contains(MediaType.APPLICATION_JSON_UTF8);
    assertThat(headers.getContentType()).isEqualTo(MediaType.valueOf(MediaType.APPLICATION_FORM_URLENCODED_VALUE + ";charset=UTF-8"));
    assertThat(headers.getFirst(HttpHeaders.AUTHORIZATION)).startsWith("Basic ");
    MultiValueMap<String, String> formParameters = (MultiValueMap<String, String>) requestEntity.getBody();
    assertThat(formParameters.getFirst(OAuth2ParameterNames.GRANT_TYPE)).isEqualTo(AuthorizationGrantType.REFRESH_TOKEN.getValue());
    assertThat(formParameters.getFirst(OAuth2ParameterNames.REFRESH_TOKEN)).isEqualTo(refreshToken.getTokenValue());
    assertThat(formParameters.getFirst(OAuth2ParameterNames.SCOPE)).isEqualTo("read");
}
Also used : HttpHeaders(org.springframework.http.HttpHeaders) ClientRegistration(org.springframework.security.oauth2.client.registration.ClientRegistration) OAuth2RefreshToken(org.springframework.security.oauth2.core.OAuth2RefreshToken) OAuth2AccessToken(org.springframework.security.oauth2.core.OAuth2AccessToken) MultiValueMap(org.springframework.util.MultiValueMap) Test(org.junit.jupiter.api.Test)

Aggregations

Test (org.junit.jupiter.api.Test)17 OAuth2AccessTokenResponse (org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse)13 ClientRegistration (org.springframework.security.oauth2.client.registration.ClientRegistration)12 RecordedRequest (okhttp3.mockwebserver.RecordedRequest)11 Instant (java.time.Instant)7 HttpHeaders (org.springframework.http.HttpHeaders)7 OAuth2AccessToken (org.springframework.security.oauth2.core.OAuth2AccessToken)7 OAuth2RefreshToken (org.springframework.security.oauth2.core.OAuth2RefreshToken)7 Collections (java.util.Collections)5 OAuth2AuthorizationException (org.springframework.security.oauth2.core.OAuth2AuthorizationException)5 JWK (com.nimbusds.jose.jwk.JWK)4 StandardCharsets (java.nio.charset.StandardCharsets)4 Function (java.util.function.Function)4 SecretKeySpec (javax.crypto.spec.SecretKeySpec)4 MockResponse (okhttp3.mockwebserver.MockResponse)4 MockWebServer (okhttp3.mockwebserver.MockWebServer)4 Assertions.assertThat (org.assertj.core.api.Assertions.assertThat)4 Assertions.assertThatExceptionOfType (org.assertj.core.api.Assertions.assertThatExceptionOfType)4 Assertions.assertThatIllegalArgumentException (org.assertj.core.api.Assertions.assertThatIllegalArgumentException)4 AfterEach (org.junit.jupiter.api.AfterEach)4