Search in sources :

Example 51 with ClientRegistration

use of org.springframework.security.oauth2.client.registration.ClientRegistration in project spring-security by spring-projects.

the class DefaultOAuth2AuthorizationRequestResolverTests method resolveWhenAuthorizationRequestRedirectUriTemplatedThenHttpsRedirectUriWithExtraVarsExpanded.

@Test
public void resolveWhenAuthorizationRequestRedirectUriTemplatedThenHttpsRedirectUriWithExtraVarsExpanded() {
    ClientRegistration clientRegistration = this.fineRedirectUriTemplateRegistration;
    String requestUri = this.authorizationRequestBaseUri + "/" + clientRegistration.getRegistrationId();
    MockHttpServletRequest request = new MockHttpServletRequest("GET", requestUri);
    request.setScheme("https");
    request.setServerPort(8081);
    request.setServletPath(requestUri);
    OAuth2AuthorizationRequest authorizationRequest = this.resolver.resolve(request);
    assertThat(authorizationRequest.getRedirectUri()).isNotEqualTo(clientRegistration.getRedirectUri());
    assertThat(authorizationRequest.getRedirectUri()).isEqualTo("https://localhost:8081/login/oauth2/code/" + clientRegistration.getRegistrationId());
}
Also used : ClientRegistration(org.springframework.security.oauth2.client.registration.ClientRegistration) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) OAuth2AuthorizationRequest(org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest) Test(org.junit.jupiter.api.Test)

Example 52 with ClientRegistration

use of org.springframework.security.oauth2.client.registration.ClientRegistration in project spring-security by spring-projects.

the class DefaultOAuth2AuthorizationRequestResolverTests method resolveWhenClientAuthorizationRequiredExceptionAvailableThenResolves.

@Test
public void resolveWhenClientAuthorizationRequiredExceptionAvailableThenResolves() {
    ClientRegistration clientRegistration = this.registration2;
    String requestUri = "/path";
    MockHttpServletRequest request = new MockHttpServletRequest("GET", requestUri);
    request.setServletPath(requestUri);
    OAuth2AuthorizationRequest authorizationRequest = this.resolver.resolve(request, clientRegistration.getRegistrationId());
    assertThat(authorizationRequest).isNotNull();
    assertThat(authorizationRequest.getAttributes()).containsExactly(entry(OAuth2ParameterNames.REGISTRATION_ID, clientRegistration.getRegistrationId()));
}
Also used : ClientRegistration(org.springframework.security.oauth2.client.registration.ClientRegistration) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) OAuth2AuthorizationRequest(org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest) Test(org.junit.jupiter.api.Test)

Example 53 with ClientRegistration

use of org.springframework.security.oauth2.client.registration.ClientRegistration in project spring-security by spring-projects.

the class DefaultOAuth2AuthorizationRequestResolverTests method resolveWhenAuthorizationRequestRedirectUriTemplatedThenRedirectUriExpandedExcludesQueryString.

// gh-5520
@Test
public void resolveWhenAuthorizationRequestRedirectUriTemplatedThenRedirectUriExpandedExcludesQueryString() {
    ClientRegistration clientRegistration = this.registration2;
    String requestUri = this.authorizationRequestBaseUri + "/" + clientRegistration.getRegistrationId();
    MockHttpServletRequest request = new MockHttpServletRequest("GET", requestUri);
    request.setServletPath(requestUri);
    request.setQueryString("foo=bar");
    OAuth2AuthorizationRequest authorizationRequest = this.resolver.resolve(request);
    assertThat(authorizationRequest.getRedirectUri()).isNotEqualTo(clientRegistration.getRedirectUri());
    assertThat(authorizationRequest.getRedirectUri()).isEqualTo("http://localhost/login/oauth2/code/" + clientRegistration.getRegistrationId());
}
Also used : ClientRegistration(org.springframework.security.oauth2.client.registration.ClientRegistration) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) OAuth2AuthorizationRequest(org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest) Test(org.junit.jupiter.api.Test)

Example 54 with ClientRegistration

use of org.springframework.security.oauth2.client.registration.ClientRegistration in project spring-security by spring-projects.

the class DefaultOAuth2AuthorizationRequestResolverTests method resolveWhenAuthorizationRequestHasActionParameterLoginThenRedirectUriIsLogin.

@Test
public void resolveWhenAuthorizationRequestHasActionParameterLoginThenRedirectUriIsLogin() {
    ClientRegistration clientRegistration = this.registration2;
    String requestUri = this.authorizationRequestBaseUri + "/" + clientRegistration.getRegistrationId();
    MockHttpServletRequest request = new MockHttpServletRequest("GET", requestUri);
    request.addParameter("action", "login");
    request.setServletPath(requestUri);
    OAuth2AuthorizationRequest authorizationRequest = this.resolver.resolve(request);
    assertThat(authorizationRequest.getAuthorizationRequestUri()).matches("https://example.com/login/oauth/authorize\\?" + "response_type=code&client_id=client-id-2&" + "scope=read:user&state=.{15,}&" + "redirect_uri=http://localhost/login/oauth2/code/registration-id-2");
}
Also used : ClientRegistration(org.springframework.security.oauth2.client.registration.ClientRegistration) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) OAuth2AuthorizationRequest(org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest) Test(org.junit.jupiter.api.Test)

Example 55 with ClientRegistration

use of org.springframework.security.oauth2.client.registration.ClientRegistration in project spring-security by spring-projects.

the class DefaultOAuth2AuthorizationRequestResolverTests method resolveWhenAuthorizationRequestRedirectUriTemplatedThenRedirectUriExpanded.

@Test
public void resolveWhenAuthorizationRequestRedirectUriTemplatedThenRedirectUriExpanded() {
    ClientRegistration clientRegistration = this.registration2;
    String requestUri = this.authorizationRequestBaseUri + "/" + clientRegistration.getRegistrationId();
    MockHttpServletRequest request = new MockHttpServletRequest("GET", requestUri);
    request.setServletPath(requestUri);
    OAuth2AuthorizationRequest authorizationRequest = this.resolver.resolve(request);
    assertThat(authorizationRequest.getRedirectUri()).isNotEqualTo(clientRegistration.getRedirectUri());
    assertThat(authorizationRequest.getRedirectUri()).isEqualTo("http://localhost/login/oauth2/code/" + clientRegistration.getRegistrationId());
}
Also used : ClientRegistration(org.springframework.security.oauth2.client.registration.ClientRegistration) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) OAuth2AuthorizationRequest(org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest) Test(org.junit.jupiter.api.Test)

Aggregations

ClientRegistration (org.springframework.security.oauth2.client.registration.ClientRegistration)259 Test (org.junit.jupiter.api.Test)214 OAuth2AuthorizationRequest (org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest)56 OAuth2AccessTokenResponse (org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse)52 RecordedRequest (okhttp3.mockwebserver.RecordedRequest)44 HttpHeaders (org.springframework.http.HttpHeaders)42 OAuth2AccessToken (org.springframework.security.oauth2.core.OAuth2AccessToken)36 OAuth2AuthorizationException (org.springframework.security.oauth2.core.OAuth2AuthorizationException)32 Instant (java.time.Instant)28 Assertions.assertThat (org.assertj.core.api.Assertions.assertThat)27 BeforeEach (org.junit.jupiter.api.BeforeEach)27 TestClientRegistrations (org.springframework.security.oauth2.client.registration.TestClientRegistrations)27 HashMap (java.util.HashMap)26 MockResponse (okhttp3.mockwebserver.MockResponse)26 Assertions.assertThatIllegalArgumentException (org.assertj.core.api.Assertions.assertThatIllegalArgumentException)26 OAuth2AuthorizedClient (org.springframework.security.oauth2.client.OAuth2AuthorizedClient)26 MultiValueMap (org.springframework.util.MultiValueMap)26 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)25 LinkedMultiValueMap (org.springframework.util.LinkedMultiValueMap)25 Assertions.assertThatExceptionOfType (org.assertj.core.api.Assertions.assertThatExceptionOfType)24