Examples with ClientRegistrationRepository org.springframework.security.oauth2.client.registration.ClientRegistrationRepository used on opensource projects

Search in sources :

Example 11 with ClientRegistrationRepository

use of org.springframework.security.oauth2.client.registration.ClientRegistrationRepository in project spring-security by spring-projects.

the class ServerHttpSecurityTests method shouldConfigureAuthorizationRequestRepositoryForOAuth2Login.

@Test
public void shouldConfigureAuthorizationRequestRepositoryForOAuth2Login() {
    ServerAuthorizationRequestRepository<OAuth2AuthorizationRequest> authorizationRequestRepository = mock(ServerAuthorizationRequestRepository.class);
    ReactiveClientRegistrationRepository clientRegistrationRepository = mock(ReactiveClientRegistrationRepository.class);
    OAuth2AuthorizationRequest authorizationRequest = TestOAuth2AuthorizationRequests.request().build();
    given(authorizationRequestRepository.removeAuthorizationRequest(any())).willReturn(Mono.just(authorizationRequest));
    SecurityWebFilterChain securityFilterChain = this.http.oauth2Login().clientRegistrationRepository(clientRegistrationRepository).authorizationRequestRepository(authorizationRequestRepository).and().build();
    WebTestClient client = WebTestClientBuilder.bindToWebFilters(securityFilterChain).build();
    client.get().uri("/login/oauth2/code/registration-id").exchange();
    verify(authorizationRequestRepository).removeAuthorizationRequest(any());
}
Also used : ReactiveClientRegistrationRepository(org.springframework.security.oauth2.client.registration.ReactiveClientRegistrationRepository) WebTestClient(org.springframework.test.web.reactive.server.WebTestClient) OAuth2AuthorizationRequest(org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest) SecurityWebFilterChain(org.springframework.security.web.server.SecurityWebFilterChain) Test(org.junit.jupiter.api.Test)

Example 12 with ClientRegistrationRepository

use of org.springframework.security.oauth2.client.registration.ClientRegistrationRepository in project spring-security by spring-projects.

the class OAuth2LoginBeanDefinitionParser method parse.

@Override
public BeanDefinition parse(Element element, ParserContext parserContext) {
    // register magic bean
    BeanDefinition oauth2LoginBeanConfig = BeanDefinitionBuilder.rootBeanDefinition(OAuth2LoginBeanConfig.class).getBeanDefinition();
    String oauth2LoginBeanConfigId = parserContext.getReaderContext().generateBeanName(oauth2LoginBeanConfig);
    parserContext.registerBeanComponent(new BeanComponentDefinition(oauth2LoginBeanConfig, oauth2LoginBeanConfigId));
    // configure filter
    BeanMetadataElement clientRegistrationRepository = OAuth2ClientBeanDefinitionParserUtils.getClientRegistrationRepository(element);
    BeanMetadataElement authorizedClientRepository = OAuth2ClientBeanDefinitionParserUtils.getAuthorizedClientRepository(element);
    if (authorizedClientRepository == null) {
        BeanMetadataElement authorizedClientService = OAuth2ClientBeanDefinitionParserUtils.getAuthorizedClientService(element);
        this.defaultAuthorizedClientRepository = OAuth2ClientBeanDefinitionParserUtils.createDefaultAuthorizedClientRepository(clientRegistrationRepository, authorizedClientService);
        authorizedClientRepository = new RuntimeBeanReference(OAuth2AuthorizedClientRepository.class);
    }
    BeanMetadataElement accessTokenResponseClient = getAccessTokenResponseClient(element);
    BeanMetadataElement oauth2UserService = getOAuth2UserService(element);
    BeanMetadataElement authorizationRequestRepository = getAuthorizationRequestRepository(element);
    BeanDefinitionBuilder oauth2LoginAuthenticationFilterBuilder = BeanDefinitionBuilder.rootBeanDefinition(OAuth2LoginAuthenticationFilter.class).addConstructorArgValue(clientRegistrationRepository).addConstructorArgValue(authorizedClientRepository).addPropertyValue("authorizationRequestRepository", authorizationRequestRepository);
    if (this.sessionStrategy != null) {
        oauth2LoginAuthenticationFilterBuilder.addPropertyValue("sessionAuthenticationStrategy", this.sessionStrategy);
    }
    Object source = parserContext.extractSource(element);
    String loginProcessingUrl = element.getAttribute(ATT_LOGIN_PROCESSING_URL);
    if (!StringUtils.isEmpty(loginProcessingUrl)) {
        WebConfigUtils.validateHttpRedirect(loginProcessingUrl, parserContext, source);
        oauth2LoginAuthenticationFilterBuilder.addConstructorArgValue(loginProcessingUrl);
    } else {
        oauth2LoginAuthenticationFilterBuilder.addConstructorArgValue(OAuth2LoginAuthenticationFilter.DEFAULT_FILTER_PROCESSES_URI);
    }
    BeanDefinitionBuilder oauth2LoginAuthenticationProviderBuilder = BeanDefinitionBuilder.rootBeanDefinition(OAuth2LoginAuthenticationProvider.class).addConstructorArgValue(accessTokenResponseClient).addConstructorArgValue(oauth2UserService);
    String userAuthoritiesMapperRef = element.getAttribute(ATT_USER_AUTHORITIES_MAPPER_REF);
    if (!StringUtils.isEmpty(userAuthoritiesMapperRef)) {
        oauth2LoginAuthenticationProviderBuilder.addPropertyReference("authoritiesMapper", userAuthoritiesMapperRef);
    }
    this.oauth2LoginAuthenticationProvider = oauth2LoginAuthenticationProviderBuilder.getBeanDefinition();
    this.oauth2LoginOidcAuthenticationProvider = getOidcAuthProvider(element, accessTokenResponseClient, userAuthoritiesMapperRef);
    BeanDefinitionBuilder oauth2AuthorizationRequestRedirectFilterBuilder = BeanDefinitionBuilder.rootBeanDefinition(OAuth2AuthorizationRequestRedirectFilter.class);
    String authorizationRequestResolverRef = element.getAttribute(ATT_AUTHORIZATION_REQUEST_RESOLVER_REF);
    if (!StringUtils.isEmpty(authorizationRequestResolverRef)) {
        oauth2AuthorizationRequestRedirectFilterBuilder.addConstructorArgReference(authorizationRequestResolverRef);
    } else {
        oauth2AuthorizationRequestRedirectFilterBuilder.addConstructorArgValue(clientRegistrationRepository);
    }
    oauth2AuthorizationRequestRedirectFilterBuilder.addPropertyValue("authorizationRequestRepository", authorizationRequestRepository).addPropertyValue("requestCache", this.requestCache);
    this.oauth2AuthorizationRequestRedirectFilter = oauth2AuthorizationRequestRedirectFilterBuilder.getBeanDefinition();
    String authenticationSuccessHandlerRef = element.getAttribute(ATT_AUTHENTICATION_SUCCESS_HANDLER_REF);
    if (!StringUtils.isEmpty(authenticationSuccessHandlerRef)) {
        oauth2LoginAuthenticationFilterBuilder.addPropertyReference("authenticationSuccessHandler", authenticationSuccessHandlerRef);
    } else {
        BeanDefinitionBuilder successHandlerBuilder = BeanDefinitionBuilder.rootBeanDefinition("org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler").addPropertyValue("requestCache", this.requestCache);
        oauth2LoginAuthenticationFilterBuilder.addPropertyValue("authenticationSuccessHandler", successHandlerBuilder.getBeanDefinition());
    }
    String loginPage = element.getAttribute(ATT_LOGIN_PAGE);
    if (!StringUtils.isEmpty(loginPage)) {
        WebConfigUtils.validateHttpRedirect(loginPage, parserContext, source);
        this.oauth2LoginAuthenticationEntryPoint = BeanDefinitionBuilder.rootBeanDefinition(LoginUrlAuthenticationEntryPoint.class).addConstructorArgValue(loginPage).addPropertyValue("portMapper", this.portMapper).addPropertyValue("portResolver", this.portResolver).getBeanDefinition();
    } else {
        Map<RequestMatcher, AuthenticationEntryPoint> entryPoint = getLoginEntryPoint(element);
        if (entryPoint != null) {
            this.oauth2LoginAuthenticationEntryPoint = BeanDefinitionBuilder.rootBeanDefinition(DelegatingAuthenticationEntryPoint.class).addConstructorArgValue(entryPoint).addPropertyValue("defaultEntryPoint", new LoginUrlAuthenticationEntryPoint(DEFAULT_LOGIN_URI)).getBeanDefinition();
        }
    }
    String authenticationFailureHandlerRef = element.getAttribute(ATT_AUTHENTICATION_FAILURE_HANDLER_REF);
    if (!StringUtils.isEmpty(authenticationFailureHandlerRef)) {
        oauth2LoginAuthenticationFilterBuilder.addPropertyReference("authenticationFailureHandler", authenticationFailureHandlerRef);
    } else {
        BeanDefinitionBuilder failureHandlerBuilder = BeanDefinitionBuilder.rootBeanDefinition("org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler");
        failureHandlerBuilder.addConstructorArgValue(DEFAULT_LOGIN_URI + "?" + DefaultLoginPageGeneratingFilter.ERROR_PARAMETER_NAME);
        failureHandlerBuilder.addPropertyValue("allowSessionCreation", this.allowSessionCreation);
        oauth2LoginAuthenticationFilterBuilder.addPropertyValue("authenticationFailureHandler", failureHandlerBuilder.getBeanDefinition());
    }
    // prepare loginlinks
    this.oauth2LoginLinks = BeanDefinitionBuilder.rootBeanDefinition(Map.class).setFactoryMethodOnBean("getLoginLinks", oauth2LoginBeanConfigId).getBeanDefinition();
    return oauth2LoginAuthenticationFilterBuilder.getBeanDefinition();
}
Also used : RequestHeaderRequestMatcher(org.springframework.security.web.util.matcher.RequestHeaderRequestMatcher) RequestMatcher(org.springframework.security.web.util.matcher.RequestMatcher) OrRequestMatcher(org.springframework.security.web.util.matcher.OrRequestMatcher) AndRequestMatcher(org.springframework.security.web.util.matcher.AndRequestMatcher) NegatedRequestMatcher(org.springframework.security.web.util.matcher.NegatedRequestMatcher) MediaTypeRequestMatcher(org.springframework.security.web.util.matcher.MediaTypeRequestMatcher) AntPathRequestMatcher(org.springframework.security.web.util.matcher.AntPathRequestMatcher) BeanDefinition(org.springframework.beans.factory.config.BeanDefinition) LoginUrlAuthenticationEntryPoint(org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint) OAuth2AuthorizedClientRepository(org.springframework.security.oauth2.client.web.OAuth2AuthorizedClientRepository) BeanMetadataElement(org.springframework.beans.BeanMetadataElement) BeanDefinitionBuilder(org.springframework.beans.factory.support.BeanDefinitionBuilder) OAuth2LoginAuthenticationFilter(org.springframework.security.oauth2.client.web.OAuth2LoginAuthenticationFilter) LoginUrlAuthenticationEntryPoint(org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint) DelegatingAuthenticationEntryPoint(org.springframework.security.web.authentication.DelegatingAuthenticationEntryPoint) AuthenticationEntryPoint(org.springframework.security.web.AuthenticationEntryPoint) BeanComponentDefinition(org.springframework.beans.factory.parsing.BeanComponentDefinition) RuntimeBeanReference(org.springframework.beans.factory.config.RuntimeBeanReference) Map(java.util.Map) HashMap(java.util.HashMap) LinkedHashMap(java.util.LinkedHashMap)

Example 13 with ClientRegistrationRepository

use of org.springframework.security.oauth2.client.registration.ClientRegistrationRepository in project spring-security by spring-projects.

the class OAuth2ClientConfigurationTests method requestWhenAuthorizedClientNotFoundAndClientCredentialsThenTokenResponseClientIsUsed.

@Test
public void requestWhenAuthorizedClientNotFoundAndClientCredentialsThenTokenResponseClientIsUsed() throws Exception {
    String clientRegistrationId = "client1";
    String principalName = "user1";
    TestingAuthenticationToken authentication = new TestingAuthenticationToken(principalName, "password");
    ClientRegistrationRepository clientRegistrationRepository = mock(ClientRegistrationRepository.class);
    OAuth2AuthorizedClientRepository authorizedClientRepository = mock(OAuth2AuthorizedClientRepository.class);
    OAuth2AccessTokenResponseClient accessTokenResponseClient = mock(OAuth2AccessTokenResponseClient.class);
    ClientRegistration clientRegistration = TestClientRegistrations.clientCredentials().registrationId(clientRegistrationId).build();
    given(clientRegistrationRepository.findByRegistrationId(clientRegistrationId)).willReturn(clientRegistration);
    // @formatter:off
    OAuth2AccessTokenResponse accessTokenResponse = OAuth2AccessTokenResponse.withToken("access-token-1234").tokenType(OAuth2AccessToken.TokenType.BEARER).expiresIn(300).build();
    // @formatter:on
    given(accessTokenResponseClient.getTokenResponse(any(OAuth2ClientCredentialsGrantRequest.class))).willReturn(accessTokenResponse);
    OAuth2AuthorizedClientArgumentResolverConfig.CLIENT_REGISTRATION_REPOSITORY = clientRegistrationRepository;
    OAuth2AuthorizedClientArgumentResolverConfig.AUTHORIZED_CLIENT_REPOSITORY = authorizedClientRepository;
    OAuth2AuthorizedClientArgumentResolverConfig.ACCESS_TOKEN_RESPONSE_CLIENT = accessTokenResponseClient;
    this.spring.register(OAuth2AuthorizedClientArgumentResolverConfig.class).autowire();
    MockHttpServletRequestBuilder authenticatedRequest = get("/authorized-client").with(authentication(authentication));
    // @formatter:off
    this.mockMvc.perform(authenticatedRequest).andExpect(status().isOk()).andExpect(content().string("resolved"));
    // @formatter:on
    verify(accessTokenResponseClient, times(1)).getTokenResponse(any(OAuth2ClientCredentialsGrantRequest.class));
}
Also used : OAuth2AccessTokenResponse(org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse) ClientRegistration(org.springframework.security.oauth2.client.registration.ClientRegistration) MockHttpServletRequestBuilder(org.springframework.test.web.servlet.request.MockHttpServletRequestBuilder) ClientRegistrationRepository(org.springframework.security.oauth2.client.registration.ClientRegistrationRepository) TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken) OAuth2AccessTokenResponseClient(org.springframework.security.oauth2.client.endpoint.OAuth2AccessTokenResponseClient) OAuth2ClientCredentialsGrantRequest(org.springframework.security.oauth2.client.endpoint.OAuth2ClientCredentialsGrantRequest) OAuth2AuthorizedClientRepository(org.springframework.security.oauth2.client.web.OAuth2AuthorizedClientRepository) Test(org.junit.jupiter.api.Test)

Example 14 with ClientRegistrationRepository

use of org.springframework.security.oauth2.client.registration.ClientRegistrationRepository in project spring-security by spring-projects.

the class OAuth2ClientConfigurationTests method requestWhenAuthorizedClientManagerConfiguredThenUsed.

// gh-8700
@Test
public void requestWhenAuthorizedClientManagerConfiguredThenUsed() throws Exception {
    String clientRegistrationId = "client1";
    String principalName = "user1";
    TestingAuthenticationToken authentication = new TestingAuthenticationToken(principalName, "password");
    ClientRegistrationRepository clientRegistrationRepository = mock(ClientRegistrationRepository.class);
    OAuth2AuthorizedClientRepository authorizedClientRepository = mock(OAuth2AuthorizedClientRepository.class);
    OAuth2AuthorizedClientManager authorizedClientManager = mock(OAuth2AuthorizedClientManager.class);
    ClientRegistration clientRegistration = TestClientRegistrations.clientRegistration().registrationId(clientRegistrationId).build();
    OAuth2AuthorizedClient authorizedClient = new OAuth2AuthorizedClient(clientRegistration, principalName, TestOAuth2AccessTokens.noScopes());
    given(authorizedClientManager.authorize(any())).willReturn(authorizedClient);
    OAuth2AuthorizedClientManagerRegisteredConfig.CLIENT_REGISTRATION_REPOSITORY = clientRegistrationRepository;
    OAuth2AuthorizedClientManagerRegisteredConfig.AUTHORIZED_CLIENT_REPOSITORY = authorizedClientRepository;
    OAuth2AuthorizedClientManagerRegisteredConfig.AUTHORIZED_CLIENT_MANAGER = authorizedClientManager;
    this.spring.register(OAuth2AuthorizedClientManagerRegisteredConfig.class).autowire();
    MockHttpServletRequestBuilder authenticatedRequest = get("/authorized-client").with(authentication(authentication));
    // @formatter:off
    this.mockMvc.perform(authenticatedRequest).andExpect(status().isOk()).andExpect(content().string("resolved"));
    // @formatter:on
    verify(authorizedClientManager).authorize(any());
    verifyNoInteractions(clientRegistrationRepository);
    verifyNoInteractions(authorizedClientRepository);
}
Also used : ClientRegistration(org.springframework.security.oauth2.client.registration.ClientRegistration) MockHttpServletRequestBuilder(org.springframework.test.web.servlet.request.MockHttpServletRequestBuilder) ClientRegistrationRepository(org.springframework.security.oauth2.client.registration.ClientRegistrationRepository) RegisteredOAuth2AuthorizedClient(org.springframework.security.oauth2.client.annotation.RegisteredOAuth2AuthorizedClient) OAuth2AuthorizedClient(org.springframework.security.oauth2.client.OAuth2AuthorizedClient) TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken) OAuth2AuthorizedClientManager(org.springframework.security.oauth2.client.OAuth2AuthorizedClientManager) OAuth2AuthorizedClientRepository(org.springframework.security.oauth2.client.web.OAuth2AuthorizedClientRepository) Test(org.junit.jupiter.api.Test)

Example 15 with ClientRegistrationRepository

use of org.springframework.security.oauth2.client.registration.ClientRegistrationRepository in project spring-security by spring-projects.

the class OAuth2ClientConfigurationTests method requestWhenAuthorizedClientFoundThenMethodArgumentResolved.

@Test
public void requestWhenAuthorizedClientFoundThenMethodArgumentResolved() throws Exception {
    String clientRegistrationId = "client1";
    String principalName = "user1";
    TestingAuthenticationToken authentication = new TestingAuthenticationToken(principalName, "password");
    ClientRegistrationRepository clientRegistrationRepository = mock(ClientRegistrationRepository.class);
    ClientRegistration clientRegistration = TestClientRegistrations.clientRegistration().registrationId(clientRegistrationId).build();
    given(clientRegistrationRepository.findByRegistrationId(eq(clientRegistrationId))).willReturn(clientRegistration);
    OAuth2AuthorizedClientRepository authorizedClientRepository = mock(OAuth2AuthorizedClientRepository.class);
    OAuth2AuthorizedClient authorizedClient = mock(OAuth2AuthorizedClient.class);
    given(authorizedClient.getClientRegistration()).willReturn(clientRegistration);
    given(authorizedClientRepository.loadAuthorizedClient(eq(clientRegistrationId), eq(authentication), any(HttpServletRequest.class))).willReturn(authorizedClient);
    OAuth2AccessToken accessToken = mock(OAuth2AccessToken.class);
    given(authorizedClient.getAccessToken()).willReturn(accessToken);
    OAuth2AccessTokenResponseClient accessTokenResponseClient = mock(OAuth2AccessTokenResponseClient.class);
    OAuth2AuthorizedClientArgumentResolverConfig.CLIENT_REGISTRATION_REPOSITORY = clientRegistrationRepository;
    OAuth2AuthorizedClientArgumentResolverConfig.AUTHORIZED_CLIENT_REPOSITORY = authorizedClientRepository;
    OAuth2AuthorizedClientArgumentResolverConfig.ACCESS_TOKEN_RESPONSE_CLIENT = accessTokenResponseClient;
    this.spring.register(OAuth2AuthorizedClientArgumentResolverConfig.class).autowire();
    // @formatter:off
    this.mockMvc.perform(get("/authorized-client").with(authentication(authentication))).andExpect(status().isOk()).andExpect(content().string("resolved"));
    // @formatter:on
    verifyZeroInteractions(accessTokenResponseClient);
}
Also used : HttpServletRequest(jakarta.servlet.http.HttpServletRequest) ClientRegistration(org.springframework.security.oauth2.client.registration.ClientRegistration) OAuth2AccessToken(org.springframework.security.oauth2.core.OAuth2AccessToken) ClientRegistrationRepository(org.springframework.security.oauth2.client.registration.ClientRegistrationRepository) RegisteredOAuth2AuthorizedClient(org.springframework.security.oauth2.client.annotation.RegisteredOAuth2AuthorizedClient) OAuth2AuthorizedClient(org.springframework.security.oauth2.client.OAuth2AuthorizedClient) TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken) OAuth2AccessTokenResponseClient(org.springframework.security.oauth2.client.endpoint.OAuth2AccessTokenResponseClient) OAuth2AuthorizedClientRepository(org.springframework.security.oauth2.client.web.OAuth2AuthorizedClientRepository) Test(org.junit.jupiter.api.Test)

Aggregations

Test (org.junit.jupiter.api.Test)10 ClientRegistrationRepository (org.springframework.security.oauth2.client.registration.ClientRegistrationRepository)10 ClientRegistration (org.springframework.security.oauth2.client.registration.ClientRegistration)7 InMemoryClientRegistrationRepository (org.springframework.security.oauth2.client.registration.InMemoryClientRegistrationRepository)5 TestingAuthenticationToken (org.springframework.security.authentication.TestingAuthenticationToken)4 OAuth2AuthorizedClientRepository (org.springframework.security.oauth2.client.web.OAuth2AuthorizedClientRepository)4 OAuth2AccessTokenResponseClient (org.springframework.security.oauth2.client.endpoint.OAuth2AccessTokenResponseClient)3 HashMap (java.util.HashMap)2 LinkedHashMap (java.util.LinkedHashMap)2 BeforeEach (org.junit.jupiter.api.BeforeEach)2 BeanMetadataElement (org.springframework.beans.BeanMetadataElement)2 RuntimeBeanReference (org.springframework.beans.factory.config.RuntimeBeanReference)2 BeanDefinitionBuilder (org.springframework.beans.factory.support.BeanDefinitionBuilder)2 ResolvableType (org.springframework.core.ResolvableType)2 OAuth2AuthorizedClient (org.springframework.security.oauth2.client.OAuth2AuthorizedClient)2 RegisteredOAuth2AuthorizedClient (org.springframework.security.oauth2.client.annotation.RegisteredOAuth2AuthorizedClient)2 ReactiveClientRegistrationRepository (org.springframework.security.oauth2.client.registration.ReactiveClientRegistrationRepository)2 MockHttpServletRequestBuilder (org.springframework.test.web.servlet.request.MockHttpServletRequestBuilder)2 HttpServletRequest (jakarta.servlet.http.HttpServletRequest)1 Arrays (java.util.Arrays)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial