Search in sources :

Example 36 with ClientRegistration

use of org.springframework.security.oauth2.client.registration.ClientRegistration in project spring-security by spring-projects.

the class JdbcOAuth2AuthorizedClientServiceTests method createAuthorizedClient.

private static OAuth2AuthorizedClient createAuthorizedClient(Authentication principal, ClientRegistration clientRegistration, boolean requiredAttributesOnly) {
    OAuth2AccessToken accessToken;
    if (!requiredAttributesOnly) {
        accessToken = TestOAuth2AccessTokens.scopes("read", "write");
    } else {
        accessToken = TestOAuth2AccessTokens.noScopes();
    }
    OAuth2RefreshToken refreshToken = null;
    if (!requiredAttributesOnly) {
        refreshToken = TestOAuth2RefreshTokens.refreshToken();
    }
    return new OAuth2AuthorizedClient(clientRegistration, principal.getName(), accessToken, refreshToken);
}
Also used : OAuth2RefreshToken(org.springframework.security.oauth2.core.OAuth2RefreshToken) OAuth2AccessToken(org.springframework.security.oauth2.core.OAuth2AccessToken)

Example 37 with ClientRegistration

use of org.springframework.security.oauth2.client.registration.ClientRegistration in project spring-security by spring-projects.

the class JwtBearerReactiveOAuth2AuthorizedClientProviderTests method authorizeWhenNotJwtBearerThenUnableToAuthorize.

@Test
public void authorizeWhenNotJwtBearerThenUnableToAuthorize() {
    ClientRegistration clientRegistration = TestClientRegistrations.clientCredentials().build();
    // @formatter:off
    OAuth2AuthorizationContext authorizationContext = OAuth2AuthorizationContext.withClientRegistration(clientRegistration).principal(this.principal).build();
    // @formatter:on
    assertThat(this.authorizedClientProvider.authorize(authorizationContext).block()).isNull();
}
Also used : ClientRegistration(org.springframework.security.oauth2.client.registration.ClientRegistration) Test(org.junit.jupiter.api.Test)

Example 38 with ClientRegistration

use of org.springframework.security.oauth2.client.registration.ClientRegistration in project spring-security by spring-projects.

the class OidcClientInitiatedServerLogoutSuccessHandler method onLogoutSuccess.

@Override
public Mono<Void> onLogoutSuccess(WebFilterExchange exchange, Authentication authentication) {
    // @formatter:off
    return Mono.just(authentication).filter(OAuth2AuthenticationToken.class::isInstance).filter((token) -> authentication.getPrincipal() instanceof OidcUser).map(OAuth2AuthenticationToken.class::cast).map(OAuth2AuthenticationToken::getAuthorizedClientRegistrationId).flatMap(this.clientRegistrationRepository::findByRegistrationId).flatMap((clientRegistration) -> {
        URI endSessionEndpoint = endSessionEndpoint(clientRegistration);
        if (endSessionEndpoint == null) {
            return Mono.empty();
        }
        String idToken = idToken(authentication);
        URI postLogoutRedirectUri = postLogoutRedirectUri(exchange.getExchange().getRequest());
        return Mono.just(endpointUri(endSessionEndpoint, idToken, postLogoutRedirectUri));
    }).switchIfEmpty(this.serverLogoutSuccessHandler.onLogoutSuccess(exchange, authentication).then(Mono.empty())).flatMap((endpointUri) -> this.redirectStrategy.sendRedirect(exchange.getExchange(), endpointUri));
// @formatter:on
}
Also used : OAuth2AuthenticationToken(org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken) URI(java.net.URI) OidcUser(org.springframework.security.oauth2.core.oidc.user.OidcUser)

Example 39 with ClientRegistration

use of org.springframework.security.oauth2.client.registration.ClientRegistration in project spring-security by spring-projects.

the class ClientCredentialsOAuth2AuthorizedClientProviderTests method authorizeWhenNotClientCredentialsThenUnableToAuthorize.

@Test
public void authorizeWhenNotClientCredentialsThenUnableToAuthorize() {
    ClientRegistration clientRegistration = TestClientRegistrations.clientRegistration().build();
    // @formatter:off
    OAuth2AuthorizationContext authorizationContext = OAuth2AuthorizationContext.withClientRegistration(clientRegistration).principal(this.principal).build();
    // @formatter:on
    assertThat(this.authorizedClientProvider.authorize(authorizationContext)).isNull();
}
Also used : ClientRegistration(org.springframework.security.oauth2.client.registration.ClientRegistration) Test(org.junit.jupiter.api.Test)

Example 40 with ClientRegistration

use of org.springframework.security.oauth2.client.registration.ClientRegistration in project spring-security by spring-projects.

the class OidcClientInitiatedLogoutSuccessHandler method determineTargetUrl.

@Override
protected String determineTargetUrl(HttpServletRequest request, HttpServletResponse response, Authentication authentication) {
    String targetUrl = null;
    if (authentication instanceof OAuth2AuthenticationToken && authentication.getPrincipal() instanceof OidcUser) {
        String registrationId = ((OAuth2AuthenticationToken) authentication).getAuthorizedClientRegistrationId();
        ClientRegistration clientRegistration = this.clientRegistrationRepository.findByRegistrationId(registrationId);
        URI endSessionEndpoint = this.endSessionEndpoint(clientRegistration);
        if (endSessionEndpoint != null) {
            String idToken = idToken(authentication);
            String postLogoutRedirectUri = postLogoutRedirectUri(request);
            targetUrl = endpointUri(endSessionEndpoint, idToken, postLogoutRedirectUri);
        }
    }
    return (targetUrl != null) ? targetUrl : super.determineTargetUrl(request, response);
}
Also used : ClientRegistration(org.springframework.security.oauth2.client.registration.ClientRegistration) OAuth2AuthenticationToken(org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken) URI(java.net.URI) OidcUser(org.springframework.security.oauth2.core.oidc.user.OidcUser)

Aggregations

ClientRegistration (org.springframework.security.oauth2.client.registration.ClientRegistration)258 Test (org.junit.jupiter.api.Test)214 OAuth2AuthorizationRequest (org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest)55 OAuth2AccessTokenResponse (org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse)52 RecordedRequest (okhttp3.mockwebserver.RecordedRequest)44 HttpHeaders (org.springframework.http.HttpHeaders)42 OAuth2AccessToken (org.springframework.security.oauth2.core.OAuth2AccessToken)36 OAuth2AuthorizationException (org.springframework.security.oauth2.core.OAuth2AuthorizationException)32 Instant (java.time.Instant)28 Assertions.assertThat (org.assertj.core.api.Assertions.assertThat)27 BeforeEach (org.junit.jupiter.api.BeforeEach)27 TestClientRegistrations (org.springframework.security.oauth2.client.registration.TestClientRegistrations)27 MockResponse (okhttp3.mockwebserver.MockResponse)26 Assertions.assertThatIllegalArgumentException (org.assertj.core.api.Assertions.assertThatIllegalArgumentException)26 OAuth2AuthorizedClient (org.springframework.security.oauth2.client.OAuth2AuthorizedClient)26 MultiValueMap (org.springframework.util.MultiValueMap)26 HashMap (java.util.HashMap)25 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)25 LinkedMultiValueMap (org.springframework.util.LinkedMultiValueMap)25 Assertions.assertThatExceptionOfType (org.assertj.core.api.Assertions.assertThatExceptionOfType)24