Search in sources :

Example 6 with ProviderDetails

use of org.springframework.security.oauth2.client.registration.ClientRegistration.ProviderDetails in project spring-boot by spring-projects.

the class OAuth2ClientPropertiesRegistrationAdapterTests method getClientRegistrationsWhenUsingDefinedProviderShouldAdapt.

@Test
void getClientRegistrationsWhenUsingDefinedProviderShouldAdapt() {
    OAuth2ClientProperties properties = new OAuth2ClientProperties();
    Provider provider = createProvider();
    provider.setUserInfoAuthenticationMethod("form");
    OAuth2ClientProperties.Registration registration = createRegistration("provider");
    registration.setClientName("clientName");
    properties.getRegistration().put("registration", registration);
    properties.getProvider().put("provider", provider);
    Map<String, ClientRegistration> registrations = OAuth2ClientPropertiesRegistrationAdapter.getClientRegistrations(properties);
    ClientRegistration adapted = registrations.get("registration");
    ProviderDetails adaptedProvider = adapted.getProviderDetails();
    assertThat(adaptedProvider.getAuthorizationUri()).isEqualTo("https://example.com/auth");
    assertThat(adaptedProvider.getTokenUri()).isEqualTo("https://example.com/token");
    UserInfoEndpoint userInfoEndpoint = adaptedProvider.getUserInfoEndpoint();
    assertThat(userInfoEndpoint.getUri()).isEqualTo("https://example.com/info");
    assertThat(userInfoEndpoint.getAuthenticationMethod()).isEqualTo(org.springframework.security.oauth2.core.AuthenticationMethod.FORM);
    assertThat(userInfoEndpoint.getUserNameAttributeName()).isEqualTo("sub");
    assertThat(adaptedProvider.getJwkSetUri()).isEqualTo("https://example.com/jwk");
    assertThat(adapted.getRegistrationId()).isEqualTo("registration");
    assertThat(adapted.getClientId()).isEqualTo("clientId");
    assertThat(adapted.getClientSecret()).isEqualTo("clientSecret");
    assertThat(adapted.getClientAuthenticationMethod()).isEqualTo(org.springframework.security.oauth2.core.ClientAuthenticationMethod.CLIENT_SECRET_POST);
    assertThat(adapted.getAuthorizationGrantType()).isEqualTo(org.springframework.security.oauth2.core.AuthorizationGrantType.AUTHORIZATION_CODE);
    assertThat(adapted.getRedirectUri()).isEqualTo("https://example.com/redirect");
    assertThat(adapted.getScopes()).containsExactly("user");
    assertThat(adapted.getClientName()).isEqualTo("clientName");
}
Also used : ClientRegistration(org.springframework.security.oauth2.client.registration.ClientRegistration) Registration(org.springframework.boot.autoconfigure.security.oauth2.client.OAuth2ClientProperties.Registration) UserInfoEndpoint(org.springframework.security.oauth2.client.registration.ClientRegistration.ProviderDetails.UserInfoEndpoint) ProviderDetails(org.springframework.security.oauth2.client.registration.ClientRegistration.ProviderDetails) Provider(org.springframework.boot.autoconfigure.security.oauth2.client.OAuth2ClientProperties.Provider) Test(org.junit.jupiter.api.Test)

Example 7 with ProviderDetails

use of org.springframework.security.oauth2.client.registration.ClientRegistration.ProviderDetails in project spring-boot by spring-projects.

the class OAuth2ClientPropertiesRegistrationAdapterTests method getClientRegistrationsWhenProviderNotSpecifiedShouldUseRegistrationId.

@Test
void getClientRegistrationsWhenProviderNotSpecifiedShouldUseRegistrationId() {
    OAuth2ClientProperties properties = new OAuth2ClientProperties();
    OAuth2ClientProperties.Registration registration = new OAuth2ClientProperties.Registration();
    registration.setClientId("clientId");
    registration.setClientSecret("clientSecret");
    properties.getRegistration().put("google", registration);
    Map<String, ClientRegistration> registrations = OAuth2ClientPropertiesRegistrationAdapter.getClientRegistrations(properties);
    ClientRegistration adapted = registrations.get("google");
    ProviderDetails adaptedProvider = adapted.getProviderDetails();
    assertThat(adaptedProvider.getAuthorizationUri()).isEqualTo("https://accounts.google.com/o/oauth2/v2/auth");
    assertThat(adaptedProvider.getTokenUri()).isEqualTo("https://www.googleapis.com/oauth2/v4/token");
    UserInfoEndpoint userInfoEndpoint = adaptedProvider.getUserInfoEndpoint();
    assertThat(userInfoEndpoint.getUri()).isEqualTo("https://www.googleapis.com/oauth2/v3/userinfo");
    assertThat(userInfoEndpoint.getAuthenticationMethod()).isEqualTo(org.springframework.security.oauth2.core.AuthenticationMethod.HEADER);
    assertThat(adaptedProvider.getJwkSetUri()).isEqualTo("https://www.googleapis.com/oauth2/v3/certs");
    assertThat(adapted.getRegistrationId()).isEqualTo("google");
    assertThat(adapted.getClientId()).isEqualTo("clientId");
    assertThat(adapted.getClientSecret()).isEqualTo("clientSecret");
    assertThat(adapted.getClientAuthenticationMethod()).isEqualTo(org.springframework.security.oauth2.core.ClientAuthenticationMethod.CLIENT_SECRET_BASIC);
    assertThat(adapted.getAuthorizationGrantType()).isEqualTo(org.springframework.security.oauth2.core.AuthorizationGrantType.AUTHORIZATION_CODE);
    assertThat(adapted.getRedirectUri()).isEqualTo("{baseUrl}/{action}/oauth2/code/{registrationId}");
    assertThat(adapted.getScopes()).containsExactly("openid", "profile", "email");
    assertThat(adapted.getClientName()).isEqualTo("Google");
}
Also used : ClientRegistration(org.springframework.security.oauth2.client.registration.ClientRegistration) ClientRegistration(org.springframework.security.oauth2.client.registration.ClientRegistration) Registration(org.springframework.boot.autoconfigure.security.oauth2.client.OAuth2ClientProperties.Registration) Registration(org.springframework.boot.autoconfigure.security.oauth2.client.OAuth2ClientProperties.Registration) UserInfoEndpoint(org.springframework.security.oauth2.client.registration.ClientRegistration.ProviderDetails.UserInfoEndpoint) ProviderDetails(org.springframework.security.oauth2.client.registration.ClientRegistration.ProviderDetails) Test(org.junit.jupiter.api.Test)

Example 8 with ProviderDetails

use of org.springframework.security.oauth2.client.registration.ClientRegistration.ProviderDetails in project spring-boot by spring-projects.

the class OAuth2ClientPropertiesRegistrationAdapterTests method getClientRegistrationsWhenUsingCommonProviderWithOverrideShouldAdapt.

@Test
void getClientRegistrationsWhenUsingCommonProviderWithOverrideShouldAdapt() {
    OAuth2ClientProperties properties = new OAuth2ClientProperties();
    OAuth2ClientProperties.Registration registration = createRegistration("google");
    registration.setClientName("clientName");
    properties.getRegistration().put("registration", registration);
    Map<String, ClientRegistration> registrations = OAuth2ClientPropertiesRegistrationAdapter.getClientRegistrations(properties);
    ClientRegistration adapted = registrations.get("registration");
    ProviderDetails adaptedProvider = adapted.getProviderDetails();
    assertThat(adaptedProvider.getAuthorizationUri()).isEqualTo("https://accounts.google.com/o/oauth2/v2/auth");
    assertThat(adaptedProvider.getTokenUri()).isEqualTo("https://www.googleapis.com/oauth2/v4/token");
    UserInfoEndpoint userInfoEndpoint = adaptedProvider.getUserInfoEndpoint();
    assertThat(userInfoEndpoint.getUri()).isEqualTo("https://www.googleapis.com/oauth2/v3/userinfo");
    assertThat(userInfoEndpoint.getUserNameAttributeName()).isEqualTo(IdTokenClaimNames.SUB);
    assertThat(userInfoEndpoint.getAuthenticationMethod()).isEqualTo(org.springframework.security.oauth2.core.AuthenticationMethod.HEADER);
    assertThat(adaptedProvider.getJwkSetUri()).isEqualTo("https://www.googleapis.com/oauth2/v3/certs");
    assertThat(adapted.getRegistrationId()).isEqualTo("registration");
    assertThat(adapted.getClientId()).isEqualTo("clientId");
    assertThat(adapted.getClientSecret()).isEqualTo("clientSecret");
    assertThat(adapted.getClientAuthenticationMethod()).isEqualTo(org.springframework.security.oauth2.core.ClientAuthenticationMethod.CLIENT_SECRET_POST);
    assertThat(adapted.getAuthorizationGrantType()).isEqualTo(org.springframework.security.oauth2.core.AuthorizationGrantType.AUTHORIZATION_CODE);
    assertThat(adapted.getRedirectUri()).isEqualTo("https://example.com/redirect");
    assertThat(adapted.getScopes()).containsExactly("user");
    assertThat(adapted.getClientName()).isEqualTo("clientName");
}
Also used : ClientRegistration(org.springframework.security.oauth2.client.registration.ClientRegistration) Registration(org.springframework.boot.autoconfigure.security.oauth2.client.OAuth2ClientProperties.Registration) UserInfoEndpoint(org.springframework.security.oauth2.client.registration.ClientRegistration.ProviderDetails.UserInfoEndpoint) ProviderDetails(org.springframework.security.oauth2.client.registration.ClientRegistration.ProviderDetails) Test(org.junit.jupiter.api.Test)

Example 9 with ProviderDetails

use of org.springframework.security.oauth2.client.registration.ClientRegistration.ProviderDetails in project spring-boot by spring-projects.

the class OAuth2ClientPropertiesRegistrationAdapterTests method oidcProviderConfigurationWithCustomConfigurationOverridesProviderDefaults.

@Test
void oidcProviderConfigurationWithCustomConfigurationOverridesProviderDefaults() throws Exception {
    this.server = new MockWebServer();
    this.server.start();
    String issuer = this.server.url("").toString();
    setupMockResponse(issuer);
    OAuth2ClientProperties.Registration registration = createRegistration("okta-oidc");
    Provider provider = createProvider();
    provider.setIssuerUri(issuer);
    OAuth2ClientProperties properties = new OAuth2ClientProperties();
    properties.getProvider().put("okta-oidc", provider);
    properties.getRegistration().put("okta", registration);
    Map<String, ClientRegistration> registrations = OAuth2ClientPropertiesRegistrationAdapter.getClientRegistrations(properties);
    ClientRegistration adapted = registrations.get("okta");
    ProviderDetails providerDetails = adapted.getProviderDetails();
    assertThat(adapted.getClientAuthenticationMethod()).isEqualTo(ClientAuthenticationMethod.CLIENT_SECRET_POST);
    assertThat(adapted.getAuthorizationGrantType()).isEqualTo(AuthorizationGrantType.AUTHORIZATION_CODE);
    assertThat(adapted.getRegistrationId()).isEqualTo("okta");
    assertThat(adapted.getClientName()).isEqualTo(issuer);
    assertThat(adapted.getScopes()).containsOnly("user");
    assertThat(adapted.getRedirectUri()).isEqualTo("https://example.com/redirect");
    assertThat(providerDetails.getAuthorizationUri()).isEqualTo("https://example.com/auth");
    assertThat(providerDetails.getTokenUri()).isEqualTo("https://example.com/token");
    assertThat(providerDetails.getJwkSetUri()).isEqualTo("https://example.com/jwk");
    UserInfoEndpoint userInfoEndpoint = providerDetails.getUserInfoEndpoint();
    assertThat(userInfoEndpoint.getUri()).isEqualTo("https://example.com/info");
    assertThat(userInfoEndpoint.getUserNameAttributeName()).isEqualTo("sub");
}
Also used : ClientRegistration(org.springframework.security.oauth2.client.registration.ClientRegistration) MockWebServer(okhttp3.mockwebserver.MockWebServer) Registration(org.springframework.boot.autoconfigure.security.oauth2.client.OAuth2ClientProperties.Registration) UserInfoEndpoint(org.springframework.security.oauth2.client.registration.ClientRegistration.ProviderDetails.UserInfoEndpoint) ProviderDetails(org.springframework.security.oauth2.client.registration.ClientRegistration.ProviderDetails) Provider(org.springframework.boot.autoconfigure.security.oauth2.client.OAuth2ClientProperties.Provider) Test(org.junit.jupiter.api.Test)

Example 10 with ProviderDetails

use of org.springframework.security.oauth2.client.registration.ClientRegistration.ProviderDetails in project spring-boot by spring-projects.

the class OAuth2ClientPropertiesRegistrationAdapterTests method testIssuerConfiguration.

private void testIssuerConfiguration(OAuth2ClientProperties.Registration registration, String providerId, int errorResponseCount, int numberOfRequests) throws Exception {
    this.server = new MockWebServer();
    this.server.start();
    String issuer = this.server.url("").toString();
    setupMockResponsesWithErrors(issuer, errorResponseCount);
    OAuth2ClientProperties properties = new OAuth2ClientProperties();
    Provider provider = new Provider();
    provider.setIssuerUri(issuer);
    properties.getProvider().put(providerId, provider);
    properties.getRegistration().put("okta", registration);
    Map<String, ClientRegistration> registrations = OAuth2ClientPropertiesRegistrationAdapter.getClientRegistrations(properties);
    ClientRegistration adapted = registrations.get("okta");
    ProviderDetails providerDetails = adapted.getProviderDetails();
    assertThat(adapted.getClientAuthenticationMethod()).isEqualTo(ClientAuthenticationMethod.CLIENT_SECRET_BASIC);
    assertThat(adapted.getAuthorizationGrantType()).isEqualTo(AuthorizationGrantType.AUTHORIZATION_CODE);
    assertThat(adapted.getRegistrationId()).isEqualTo("okta");
    assertThat(adapted.getClientName()).isEqualTo(issuer);
    assertThat(adapted.getScopes()).isNull();
    assertThat(providerDetails.getAuthorizationUri()).isEqualTo("https://example.com/o/oauth2/v2/auth");
    assertThat(providerDetails.getTokenUri()).isEqualTo("https://example.com/oauth2/v4/token");
    assertThat(providerDetails.getJwkSetUri()).isEqualTo("https://example.com/oauth2/v3/certs");
    UserInfoEndpoint userInfoEndpoint = providerDetails.getUserInfoEndpoint();
    assertThat(userInfoEndpoint.getUri()).isEqualTo("https://example.com/oauth2/v3/userinfo");
    assertThat(userInfoEndpoint.getAuthenticationMethod()).isEqualTo(org.springframework.security.oauth2.core.AuthenticationMethod.HEADER);
    assertThat(this.server.getRequestCount()).isEqualTo(numberOfRequests);
}
Also used : ClientRegistration(org.springframework.security.oauth2.client.registration.ClientRegistration) MockWebServer(okhttp3.mockwebserver.MockWebServer) UserInfoEndpoint(org.springframework.security.oauth2.client.registration.ClientRegistration.ProviderDetails.UserInfoEndpoint) ProviderDetails(org.springframework.security.oauth2.client.registration.ClientRegistration.ProviderDetails) Provider(org.springframework.boot.autoconfigure.security.oauth2.client.OAuth2ClientProperties.Provider)

Aggregations

ProviderDetails (org.springframework.security.oauth2.client.registration.ClientRegistration.ProviderDetails)14 ClientRegistration (org.springframework.security.oauth2.client.registration.ClientRegistration)12 Test (org.junit.jupiter.api.Test)11 UserInfoEndpoint (org.springframework.security.oauth2.client.registration.ClientRegistration.ProviderDetails.UserInfoEndpoint)6 Registration (org.springframework.boot.autoconfigure.security.oauth2.client.OAuth2ClientProperties.Registration)5 MockWebServer (okhttp3.mockwebserver.MockWebServer)3 Provider (org.springframework.boot.autoconfigure.security.oauth2.client.OAuth2ClientProperties.Provider)3 DefaultOidcUser (org.springframework.security.oauth2.core.oidc.user.DefaultOidcUser)1