Example 16 with OAuth2ContextConfiguration
use of org.springframework.security.oauth2.client.test.OAuth2ContextConfiguration in project spring-security-oauth by spring-projects.
the class AuthorizationCodeProviderTests method testWrongRedirectUri.
@Test
@OAuth2ContextConfiguration(resource = MyLessTrustedClient.class, initialize = false)
public void testWrongRedirectUri() throws Exception {
approveAccessTokenGrant("http://anywhere", true);
AccessTokenRequest request = context.getAccessTokenRequest();
// The redirect is stored in the preserved state...
context.getOAuth2ClientContext().setPreservedState(request.getStateKey(), "http://nowhere");
// Finally everything is in place for the grant to happen...
try {
assertNotNull(context.getAccessToken());
fail("Expected RedirectMismatchException");
} catch (RedirectMismatchException e) {
// expected
}
assertEquals(HttpStatus.BAD_REQUEST, tokenEndpointResponse.getStatusCode());
}
Also used :
RedirectMismatchException(org.springframework.security.oauth2.common.exceptions.RedirectMismatchException)
AccessTokenRequest(org.springframework.security.oauth2.client.token.AccessTokenRequest)
OAuth2ContextConfiguration(org.springframework.security.oauth2.client.test.OAuth2ContextConfiguration)
Test(org.junit.Test)
Example 17 with OAuth2ContextConfiguration
use of org.springframework.security.oauth2.client.test.OAuth2ContextConfiguration in project spring-security-oauth by spring-projects.
the class ClientCredentialsProviderTests method testPostForToken.
/**
* tests the basic provider
*/
@Test
@OAuth2ContextConfiguration(ClientCredentials.class)
public void testPostForToken() throws Exception {
OAuth2AccessToken token = context.getAccessToken();
assertNull(token.getRefreshToken());
}
Also used :
OAuth2AccessToken(org.springframework.security.oauth2.common.OAuth2AccessToken)
OAuth2ContextConfiguration(org.springframework.security.oauth2.client.test.OAuth2ContextConfiguration)
Test(org.junit.Test)
Example 18 with OAuth2ContextConfiguration
use of org.springframework.security.oauth2.client.test.OAuth2ContextConfiguration in project spring-security-oauth by spring-projects.
the class ClientCredentialsProviderTests method testInvalidCredentials.
@Test
@OAuth2ContextConfiguration(resource = InvalidClientCredentials.class, initialize = false)
public void testInvalidCredentials() throws Exception {
context.setAccessTokenProvider(new ClientCredentialsAccessTokenProvider() {
@Override
protected ResponseErrorHandler getResponseErrorHandler() {
return new DefaultResponseErrorHandler() {
public void handleError(ClientHttpResponse response) throws IOException {
responseHeaders = response.getHeaders();
responseStatus = response.getStatusCode();
}
};
}
});
try {
context.getAccessToken();
fail("Expected ResourceAccessException");
} catch (Exception e) {
// ignore
}
// System.err.println(responseHeaders);
String header = responseHeaders.getFirst("WWW-Authenticate");
assertTrue("Wrong header: " + header, header.contains("Basic realm"));
assertEquals(HttpStatus.UNAUTHORIZED, responseStatus);
}
Also used :
DefaultResponseErrorHandler(org.springframework.web.client.DefaultResponseErrorHandler)
DefaultResponseErrorHandler(org.springframework.web.client.DefaultResponseErrorHandler)
ResponseErrorHandler(org.springframework.web.client.ResponseErrorHandler)
IOException(java.io.IOException)
ClientCredentialsAccessTokenProvider(org.springframework.security.oauth2.client.token.grant.client.ClientCredentialsAccessTokenProvider)
ClientHttpResponse(org.springframework.http.client.ClientHttpResponse)
IOException(java.io.IOException)
OAuth2ContextConfiguration(org.springframework.security.oauth2.client.test.OAuth2ContextConfiguration)
Test(org.junit.Test)
Example 19 with OAuth2ContextConfiguration
use of org.springframework.security.oauth2.client.test.OAuth2ContextConfiguration in project spring-security-oauth by spring-projects.
the class ClientCredentialsProviderTests method testPostForTokenWithNoScopes.
/**
* tests that the registered scopes are used as defaults
*/
@Test
@OAuth2ContextConfiguration(NoScopeClientCredentials.class)
public void testPostForTokenWithNoScopes() throws Exception {
OAuth2AccessToken token = context.getAccessToken();
assertFalse("Wrong scope: " + token.getScope(), token.getScope().isEmpty());
}
Also used :
OAuth2AccessToken(org.springframework.security.oauth2.common.OAuth2AccessToken)
OAuth2ContextConfiguration(org.springframework.security.oauth2.client.test.OAuth2ContextConfiguration)
Test(org.junit.Test)
Example 20 with OAuth2ContextConfiguration
use of org.springframework.security.oauth2.client.test.OAuth2ContextConfiguration in project spring-security-oauth by spring-projects.
the class AuthorizationCodeProviderTests method testSuccessfulFlowWithRegisteredRedirect.
@Test
@OAuth2ContextConfiguration(resource = MyClientWithRegisteredRedirect.class, initialize = false)
public void testSuccessfulFlowWithRegisteredRedirect() throws Exception {
// Once the request is ready and approved, we can continue with the access token
approveAccessTokenGrant(null, true);
// Finally everything is in place for the grant to happen...
assertNotNull(context.getAccessToken());
AccessTokenRequest request = context.getAccessTokenRequest();
assertNotNull(request.getAuthorizationCode());
assertEquals(HttpStatus.OK, serverRunning.getStatusCode("/sparklr2/photos?format=json"));
}
Also used :
AccessTokenRequest(org.springframework.security.oauth2.client.token.AccessTokenRequest)
OAuth2ContextConfiguration(org.springframework.security.oauth2.client.test.OAuth2ContextConfiguration)
Test(org.junit.Test)
Aggregations
Test (org.junit.Test)28
OAuth2ContextConfiguration (org.springframework.security.oauth2.client.test.OAuth2ContextConfiguration)28
AccessTokenRequest (org.springframework.security.oauth2.client.token.AccessTokenRequest)9
OAuth2AccessToken (org.springframework.security.oauth2.common.OAuth2AccessToken)7
HttpHeaders (org.springframework.http.HttpHeaders)4
ClientHttpResponse (org.springframework.http.client.ClientHttpResponse)4
IOException (java.io.IOException)3
ClientCredentialsAccessTokenProvider (org.springframework.security.oauth2.client.token.grant.client.ClientCredentialsAccessTokenProvider)3
InsufficientScopeException (org.springframework.security.oauth2.common.exceptions.InsufficientScopeException)3
DefaultResponseErrorHandler (org.springframework.web.client.DefaultResponseErrorHandler)3
ResponseErrorHandler (org.springframework.web.client.ResponseErrorHandler)3
TestRestTemplate (org.springframework.boot.test.web.client.TestRestTemplate)2
MediaType (org.springframework.http.MediaType)2
OAuth2RestTemplate (org.springframework.security.oauth2.client.OAuth2RestTemplate)2
UserRedirectRequiredException (org.springframework.security.oauth2.client.resource.UserRedirectRequiredException)2
AuthorizationCodeResourceDetails (org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeResourceDetails)2
RedirectMismatchException (org.springframework.security.oauth2.common.exceptions.RedirectMismatchException)2
HashSet (java.util.HashSet)1
Map (java.util.Map)1
ExecutorService (java.util.concurrent.ExecutorService)1
