use of org.springframework.security.oauth2.client.registration.ClientRegistration in project spring-security by spring-projects.
the class WebClientReactiveAuthorizationCodeTokenResponseClientTests method getTokenResponseWhenAuthenticationPrivateKeyJwtThenFormParametersAreSent.
@Test
public void getTokenResponseWhenAuthenticationPrivateKeyJwtThenFormParametersAreSent() throws Exception {
// @formatter:off
String accessTokenSuccessResponse = "{\n" + " \"access_token\": \"access-token-1234\",\n" + " \"token_type\": \"bearer\",\n" + " \"expires_in\": \"3600\"\n" + "}\n";
// @formatter:on
this.server.enqueue(jsonResponse(accessTokenSuccessResponse));
// @formatter:off
ClientRegistration clientRegistration = this.clientRegistration.clientAuthenticationMethod(ClientAuthenticationMethod.PRIVATE_KEY_JWT).build();
// @formatter:on
// Configure Jwt client authentication converter
JWK jwk = TestJwks.DEFAULT_RSA_JWK;
Function<ClientRegistration, JWK> jwkResolver = (registration) -> jwk;
configureJwtClientAuthenticationConverter(jwkResolver);
this.tokenResponseClient.getTokenResponse(authorizationCodeGrantRequest(clientRegistration)).block();
RecordedRequest actualRequest = this.server.takeRequest();
assertThat(actualRequest.getHeader(HttpHeaders.AUTHORIZATION)).isNull();
assertThat(actualRequest.getBody().readUtf8()).contains("grant_type=authorization_code", "client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer", "client_assertion=");
}
use of org.springframework.security.oauth2.client.registration.ClientRegistration in project spring-security by spring-projects.
the class WebClientReactiveAuthorizationCodeTokenResponseClientTests method convertWhenHeadersConverterSetThenCalled.
// gh-10130
@Test
public void convertWhenHeadersConverterSetThenCalled() throws Exception {
OAuth2AuthorizationCodeGrantRequest request = authorizationCodeGrantRequest();
ClientRegistration clientRegistration = request.getClientRegistration();
Converter<OAuth2AuthorizationCodeGrantRequest, HttpHeaders> headersConverter = mock(Converter.class);
HttpHeaders headers = new HttpHeaders();
headers.setBasicAuth(clientRegistration.getClientId(), clientRegistration.getClientSecret());
given(headersConverter.convert(request)).willReturn(headers);
this.tokenResponseClient.setHeadersConverter(headersConverter);
// @formatter:off
String accessTokenSuccessResponse = "{\n" + " \"access_token\": \"access-token-1234\",\n" + " \"token_type\": \"bearer\",\n" + " \"expires_in\": \"3600\",\n" + " \"scope\": \"openid profile\"\n" + "}\n";
// @formatter:on
this.server.enqueue(jsonResponse(accessTokenSuccessResponse));
this.tokenResponseClient.getTokenResponse(request).block();
verify(headersConverter).convert(request);
RecordedRequest actualRequest = this.server.takeRequest();
assertThat(actualRequest.getHeader(HttpHeaders.AUTHORIZATION)).isEqualTo("Basic Y2xpZW50LWlkOmNsaWVudC1zZWNyZXQ=");
}
use of org.springframework.security.oauth2.client.registration.ClientRegistration in project spring-security by spring-projects.
the class WebClientReactiveAuthorizationCodeTokenResponseClientTests method authorizationCodeGrantRequest.
private OAuth2AuthorizationCodeGrantRequest authorizationCodeGrantRequest(ClientRegistration registration) {
OAuth2AuthorizationRequest authorizationRequest = OAuth2AuthorizationRequest.authorizationCode().clientId(registration.getClientId()).state("state").authorizationUri(registration.getProviderDetails().getAuthorizationUri()).redirectUri(registration.getRedirectUri()).scopes(registration.getScopes()).build();
OAuth2AuthorizationResponse authorizationResponse = OAuth2AuthorizationResponse.success("code").state("state").redirectUri(registration.getRedirectUri()).build();
OAuth2AuthorizationExchange authorizationExchange = new OAuth2AuthorizationExchange(authorizationRequest, authorizationResponse);
return new OAuth2AuthorizationCodeGrantRequest(registration, authorizationExchange);
}
use of org.springframework.security.oauth2.client.registration.ClientRegistration in project spring-security by spring-projects.
the class WebClientReactiveJwtBearerTokenResponseClientTests method getTokenResponseWhenHeadersConverterSetThenCalled.
@Test
public void getTokenResponseWhenHeadersConverterSetThenCalled() throws Exception {
ClientRegistration clientRegistration = this.clientRegistration.build();
JwtBearerGrantRequest request = new JwtBearerGrantRequest(clientRegistration, this.jwtAssertion);
Converter<JwtBearerGrantRequest, HttpHeaders> headersConverter = mock(Converter.class);
HttpHeaders headers = new HttpHeaders();
headers.setBasicAuth(clientRegistration.getClientId(), clientRegistration.getClientSecret());
given(headersConverter.convert(request)).willReturn(headers);
this.client.setHeadersConverter(headersConverter);
enqueueJson(DEFAULT_ACCESS_TOKEN_RESPONSE);
this.client.getTokenResponse(request).block();
verify(headersConverter).convert(request);
RecordedRequest actualRequest = this.server.takeRequest();
assertThat(actualRequest.getHeader(HttpHeaders.AUTHORIZATION)).isEqualTo("Basic Y2xpZW50LWlkOmNsaWVudC1zZWNyZXQ=");
}
use of org.springframework.security.oauth2.client.registration.ClientRegistration in project spring-security by spring-projects.
the class WebClientReactiveJwtBearerTokenResponseClientTests method getTokenResponseWhenClientSecretBasicThenSuccess.
@Test
public void getTokenResponseWhenClientSecretBasicThenSuccess() throws Exception {
ClientRegistration clientRegistration = this.clientRegistration.build();
JwtBearerGrantRequest request = new JwtBearerGrantRequest(clientRegistration, this.jwtAssertion);
enqueueJson(DEFAULT_ACCESS_TOKEN_RESPONSE);
OAuth2AccessTokenResponse response = this.client.getTokenResponse(request).block();
assertThat(response).isNotNull();
assertThat(response.getAccessToken().getScopes()).containsExactly("read", "write");
RecordedRequest actualRequest = this.server.takeRequest();
assertThat(actualRequest.getHeader(HttpHeaders.AUTHORIZATION)).isEqualTo("Basic Y2xpZW50LWlkOmNsaWVudC1zZWNyZXQ=");
assertThat(actualRequest.getBody().readUtf8()).isEqualTo("grant_type=urn%3Aietf%3Aparams%3Aoauth%3Agrant-type%3Ajwt-bearer&scope=read+write&assertion=token");
}
Aggregations