Search in sources :

Example 61 with ClientRegistration

use of org.springframework.security.oauth2.client.registration.ClientRegistration in project spring-security by spring-projects.

the class OidcAuthorizationCodeAuthenticationProviderTests method authenticateWhenJwkSetUriNotSetThenThrowOAuth2AuthenticationException.

@Test
public void authenticateWhenJwkSetUriNotSetThenThrowOAuth2AuthenticationException() {
    // @formatter:off
    ClientRegistration clientRegistration = TestClientRegistrations.clientRegistration().jwkSetUri(null).build();
    // @formatter:on
    assertThatExceptionOfType(OAuth2AuthenticationException.class).isThrownBy(() -> this.authenticationProvider.authenticate(new OAuth2LoginAuthenticationToken(clientRegistration, this.authorizationExchange))).withMessageContaining("missing_signature_verifier");
}
Also used : ClientRegistration(org.springframework.security.oauth2.client.registration.ClientRegistration) OAuth2LoginAuthenticationToken(org.springframework.security.oauth2.client.authentication.OAuth2LoginAuthenticationToken) Test(org.junit.jupiter.api.Test)

Example 62 with ClientRegistration

use of org.springframework.security.oauth2.client.registration.ClientRegistration in project spring-security by spring-projects.

the class OidcIdTokenDecoderFactoryTests method createDecoderWhenCustomJwtValidatorFactorySetThenApplied.

@Test
public void createDecoderWhenCustomJwtValidatorFactorySetThenApplied() {
    Function<ClientRegistration, OAuth2TokenValidator<Jwt>> customJwtValidatorFactory = mock(Function.class);
    this.idTokenDecoderFactory.setJwtValidatorFactory(customJwtValidatorFactory);
    ClientRegistration clientRegistration = this.registration.build();
    given(customJwtValidatorFactory.apply(same(clientRegistration))).willReturn(new OidcIdTokenValidator(clientRegistration));
    this.idTokenDecoderFactory.createDecoder(clientRegistration);
    verify(customJwtValidatorFactory).apply(same(clientRegistration));
}
Also used : ClientRegistration(org.springframework.security.oauth2.client.registration.ClientRegistration) OAuth2TokenValidator(org.springframework.security.oauth2.core.OAuth2TokenValidator) Test(org.junit.jupiter.api.Test)

Example 63 with ClientRegistration

use of org.springframework.security.oauth2.client.registration.ClientRegistration in project spring-security by spring-projects.

the class OidcIdTokenDecoderFactoryTests method createDecoderWhenCustomJwsAlgorithmResolverSetThenApplied.

@Test
public void createDecoderWhenCustomJwsAlgorithmResolverSetThenApplied() {
    Function<ClientRegistration, JwsAlgorithm> customJwsAlgorithmResolver = mock(Function.class);
    this.idTokenDecoderFactory.setJwsAlgorithmResolver(customJwsAlgorithmResolver);
    ClientRegistration clientRegistration = this.registration.build();
    given(customJwsAlgorithmResolver.apply(same(clientRegistration))).willReturn(MacAlgorithm.HS256);
    this.idTokenDecoderFactory.createDecoder(clientRegistration);
    verify(customJwsAlgorithmResolver).apply(same(clientRegistration));
}
Also used : JwsAlgorithm(org.springframework.security.oauth2.jose.jws.JwsAlgorithm) ClientRegistration(org.springframework.security.oauth2.client.registration.ClientRegistration) Test(org.junit.jupiter.api.Test)

Example 64 with ClientRegistration

use of org.springframework.security.oauth2.client.registration.ClientRegistration in project spring-security by spring-projects.

the class ReactiveOidcIdTokenDecoderFactoryTests method createDecoderWhenCustomClaimTypeConverterFactorySetThenApplied.

@Test
public void createDecoderWhenCustomClaimTypeConverterFactorySetThenApplied() {
    Function<ClientRegistration, Converter<Map<String, Object>, Map<String, Object>>> customClaimTypeConverterFactory = mock(Function.class);
    this.idTokenDecoderFactory.setClaimTypeConverterFactory(customClaimTypeConverterFactory);
    ClientRegistration clientRegistration = this.registration.build();
    given(customClaimTypeConverterFactory.apply(same(clientRegistration))).willReturn(new ClaimTypeConverter(OidcIdTokenDecoderFactory.createDefaultClaimTypeConverters()));
    this.idTokenDecoderFactory.createDecoder(clientRegistration);
    verify(customClaimTypeConverterFactory).apply(same(clientRegistration));
}
Also used : ClientRegistration(org.springframework.security.oauth2.client.registration.ClientRegistration) Converter(org.springframework.core.convert.converter.Converter) ClaimTypeConverter(org.springframework.security.oauth2.core.converter.ClaimTypeConverter) ClaimTypeConverter(org.springframework.security.oauth2.core.converter.ClaimTypeConverter) Test(org.junit.jupiter.api.Test)

Example 65 with ClientRegistration

use of org.springframework.security.oauth2.client.registration.ClientRegistration in project spring-security by spring-projects.

the class WebClientReactiveJwtBearerTokenResponseClientTests method getTokenResponseWhenBodyExtractorSetThenCalled.

@Test
public void getTokenResponseWhenBodyExtractorSetThenCalled() {
    BodyExtractor<Mono<OAuth2AccessTokenResponse>, ReactiveHttpInputMessage> bodyExtractor = mock(BodyExtractor.class);
    OAuth2AccessTokenResponse response = TestOAuth2AccessTokenResponses.accessTokenResponse().build();
    given(bodyExtractor.extract(any(), any())).willReturn(Mono.just(response));
    ClientRegistration clientRegistration = this.clientRegistration.build();
    JwtBearerGrantRequest request = new JwtBearerGrantRequest(clientRegistration, this.jwtAssertion);
    this.client.setBodyExtractor(bodyExtractor);
    enqueueJson(DEFAULT_ACCESS_TOKEN_RESPONSE);
    this.client.getTokenResponse(request).block();
    verify(bodyExtractor).extract(any(), any());
}
Also used : OAuth2AccessTokenResponse(org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse) ClientRegistration(org.springframework.security.oauth2.client.registration.ClientRegistration) Mono(reactor.core.publisher.Mono) ReactiveHttpInputMessage(org.springframework.http.ReactiveHttpInputMessage) Test(org.junit.jupiter.api.Test)

Aggregations

ClientRegistration (org.springframework.security.oauth2.client.registration.ClientRegistration)259 Test (org.junit.jupiter.api.Test)214 OAuth2AuthorizationRequest (org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest)56 OAuth2AccessTokenResponse (org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse)52 RecordedRequest (okhttp3.mockwebserver.RecordedRequest)44 HttpHeaders (org.springframework.http.HttpHeaders)42 OAuth2AccessToken (org.springframework.security.oauth2.core.OAuth2AccessToken)36 OAuth2AuthorizationException (org.springframework.security.oauth2.core.OAuth2AuthorizationException)32 Instant (java.time.Instant)28 Assertions.assertThat (org.assertj.core.api.Assertions.assertThat)27 BeforeEach (org.junit.jupiter.api.BeforeEach)27 TestClientRegistrations (org.springframework.security.oauth2.client.registration.TestClientRegistrations)27 HashMap (java.util.HashMap)26 MockResponse (okhttp3.mockwebserver.MockResponse)26 Assertions.assertThatIllegalArgumentException (org.assertj.core.api.Assertions.assertThatIllegalArgumentException)26 OAuth2AuthorizedClient (org.springframework.security.oauth2.client.OAuth2AuthorizedClient)26 MultiValueMap (org.springframework.util.MultiValueMap)26 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)25 LinkedMultiValueMap (org.springframework.util.LinkedMultiValueMap)25 Assertions.assertThatExceptionOfType (org.assertj.core.api.Assertions.assertThatExceptionOfType)24