Examples with ClientRegistration org.springframework.security.oauth2.client.registration.ClientRegistration used on opensource projects

Example 81 with ClientRegistration

use of org.springframework.security.oauth2.client.registration.ClientRegistration in project spring-security by spring-projects.

the class DefaultOAuth2UserServiceTests method loadUserWhenUserInfoErrorResponseThenThrowOAuth2AuthenticationException.

@Test
public void loadUserWhenUserInfoErrorResponseThenThrowOAuth2AuthenticationException() {
    // @formatter:off
    String userInfoErrorResponse = "{\n" + "   \"error\": \"invalid_token\"\n" + "}\n";
    // @formatter:on
    this.server.enqueue(jsonResponse(userInfoErrorResponse).setResponseCode(400));
    String userInfoUri = this.server.url("/user").toString();
    ClientRegistration clientRegistration = this.clientRegistrationBuilder.userInfoUri(userInfoUri).userInfoAuthenticationMethod(AuthenticationMethod.HEADER).userNameAttributeName("user-name").build();
    assertThatExceptionOfType(OAuth2AuthenticationException.class).isThrownBy(() -> this.userService.loadUser(new OAuth2UserRequest(clientRegistration, this.accessToken))).withMessageContaining("[invalid_user_info_response] An error occurred while attempting to retrieve the UserInfo Resource").withMessageContaining("Error Code: invalid_token");
}

Example 82 with ClientRegistration

use of org.springframework.security.oauth2.client.registration.ClientRegistration in project spring-security by spring-projects.

the class DefaultOAuth2UserServiceTests method loadUserWhenUserNameAttributeNameIsNullThenThrowOAuth2AuthenticationException.

@Test
public void loadUserWhenUserNameAttributeNameIsNullThenThrowOAuth2AuthenticationException() {
    // @formatter:off
    ClientRegistration clientRegistration = this.clientRegistrationBuilder.userInfoUri("https://provider.com/user").build();
    // @formatter:on
    assertThatExceptionOfType(OAuth2AuthenticationException.class).isThrownBy(() -> this.userService.loadUser(new OAuth2UserRequest(clientRegistration, this.accessToken))).withMessageContaining("missing_user_name_attribute");
}

Example 83 with ClientRegistration

use of org.springframework.security.oauth2.client.registration.ClientRegistration in project spring-security by spring-projects.

the class DefaultOAuth2UserServiceTests method loadUserWhenUserInfoSuccessResponseThenReturnUser.

@Test
public void loadUserWhenUserInfoSuccessResponseThenReturnUser() {
    // @formatter:off
    String userInfoResponse = "{\n" + "   \"user-name\": \"user1\",\n" + "   \"first-name\": \"first\",\n" + "   \"last-name\": \"last\",\n" + "   \"middle-name\": \"middle\",\n" + "   \"address\": \"address\",\n" + "   \"email\": \"user1@example.com\"\n" + "}\n";
    // @formatter:on
    this.server.enqueue(jsonResponse(userInfoResponse));
    String userInfoUri = this.server.url("/user").toString();
    ClientRegistration clientRegistration = this.clientRegistrationBuilder.userInfoUri(userInfoUri).userInfoAuthenticationMethod(AuthenticationMethod.HEADER).userNameAttributeName("user-name").build();
    OAuth2User user = this.userService.loadUser(new OAuth2UserRequest(clientRegistration, this.accessToken));
    assertThat(user.getName()).isEqualTo("user1");
    assertThat(user.getAttributes().size()).isEqualTo(6);
    assertThat((String) user.getAttribute("user-name")).isEqualTo("user1");
    assertThat((String) user.getAttribute("first-name")).isEqualTo("first");
    assertThat((String) user.getAttribute("last-name")).isEqualTo("last");
    assertThat((String) user.getAttribute("middle-name")).isEqualTo("middle");
    assertThat((String) user.getAttribute("address")).isEqualTo("address");
    assertThat((String) user.getAttribute("email")).isEqualTo("user1@example.com");
    assertThat(user.getAuthorities().size()).isEqualTo(1);
    assertThat(user.getAuthorities().iterator().next()).isInstanceOf(OAuth2UserAuthority.class);
    OAuth2UserAuthority userAuthority = (OAuth2UserAuthority) user.getAuthorities().iterator().next();
    assertThat(userAuthority.getAuthority()).isEqualTo("ROLE_USER");
    assertThat(userAuthority.getAttributes()).isEqualTo(user.getAttributes());
}

Example 84 with ClientRegistration

use of org.springframework.security.oauth2.client.registration.ClientRegistration in project spring-security by spring-projects.

the class DefaultOAuth2UserServiceTests method loadUserWhenUserInfoSuccessResponseInvalidContentTypeThenThrowOAuth2AuthenticationException.

// gh-8764
@Test
public void loadUserWhenUserInfoSuccessResponseInvalidContentTypeThenThrowOAuth2AuthenticationException() {
    String userInfoUri = this.server.url("/user").toString();
    MockResponse response = new MockResponse();
    response.setHeader(HttpHeaders.CONTENT_TYPE, MediaType.TEXT_PLAIN_VALUE);
    response.setBody("invalid content type");
    this.server.enqueue(response);
    ClientRegistration clientRegistration = this.clientRegistrationBuilder.userInfoUri(userInfoUri).userInfoAuthenticationMethod(AuthenticationMethod.HEADER).userNameAttributeName("user-name").build();
    assertThatExceptionOfType(OAuth2AuthenticationException.class).isThrownBy(() -> this.userService.loadUser(new OAuth2UserRequest(clientRegistration, this.accessToken))).withMessageContaining("[invalid_user_info_response] An error occurred while attempting to retrieve the UserInfo Resource " + "from '" + userInfoUri + "': response contains invalid content type 'text/plain'.");
}

Example 85 with ClientRegistration

use of org.springframework.security.oauth2.client.registration.ClientRegistration in project spring-security by spring-projects.

the class DefaultOAuth2UserServiceTests method loadUserWhenUserInfoErrorResponseWwwAuthenticateHeaderThenThrowOAuth2AuthenticationException.

@Test
public void loadUserWhenUserInfoErrorResponseWwwAuthenticateHeaderThenThrowOAuth2AuthenticationException() {
    String wwwAuthenticateHeader = "Bearer realm=\"auth-realm\" error=\"insufficient_scope\" error_description=\"The access token expired\"";
    MockResponse response = new MockResponse();
    response.setHeader(HttpHeaders.WWW_AUTHENTICATE, wwwAuthenticateHeader);
    response.setResponseCode(400);
    this.server.enqueue(response);
    String userInfoUri = this.server.url("/user").toString();
    ClientRegistration clientRegistration = this.clientRegistrationBuilder.userInfoUri(userInfoUri).userInfoAuthenticationMethod(AuthenticationMethod.HEADER).userNameAttributeName("user-name").build();
    assertThatExceptionOfType(OAuth2AuthenticationException.class).isThrownBy(() -> this.userService.loadUser(new OAuth2UserRequest(clientRegistration, this.accessToken))).withMessageContaining("[invalid_user_info_response] An error occurred while attempting to retrieve the UserInfo Resource").withMessageContaining("Error Code: insufficient_scope, Error Description: The access token expired");
}