Example 26 with OAuth2ContextConfiguration
use of org.springframework.security.oauth2.client.test.OAuth2ContextConfiguration in project spring-security-oauth by spring-projects.
the class AbstractAuthorizationCodeProviderTests method testWrongRedirectUri.
@Test
@OAuth2ContextConfiguration(resource = MyTrustedClient.class, initialize = false)
public void testWrongRedirectUri() throws Exception {
approveAccessTokenGrant("http://anywhere", true);
AccessTokenRequest request = context.getAccessTokenRequest();
// The redirect is stored in the preserved state...
context.getOAuth2ClientContext().setPreservedState(request.getStateKey(), "http://nowhere");
// Finally everything is in place for the grant to happen...
try {
assertNotNull(context.getAccessToken());
fail("Expected RedirectMismatchException");
} catch (RedirectMismatchException e) {
// expected
}
assertEquals(HttpStatus.BAD_REQUEST, tokenEndpointResponse.getStatusCode());
}
Also used :
RedirectMismatchException(org.springframework.security.oauth2.common.exceptions.RedirectMismatchException)
AccessTokenRequest(org.springframework.security.oauth2.client.token.AccessTokenRequest)
OAuth2ContextConfiguration(org.springframework.security.oauth2.client.test.OAuth2ContextConfiguration)
Test(org.junit.Test)
Example 27 with OAuth2ContextConfiguration
use of org.springframework.security.oauth2.client.test.OAuth2ContextConfiguration in project spring-security-oauth by spring-projects.
the class AbstractAuthorizationCodeProviderTests method testSuccessfulAuthorizationCodeFlow.
@Test
@OAuth2ContextConfiguration(resource = MyTrustedClient.class, initialize = false)
public void testSuccessfulAuthorizationCodeFlow() throws Exception {
// Once the request is ready and approved, we can continue with the access token
approveAccessTokenGrant("http://anywhere", true);
// Finally everything is in place for the grant to happen...
assertNotNull(context.getAccessToken());
AccessTokenRequest request = context.getAccessTokenRequest();
assertNotNull(request.getAuthorizationCode());
assertEquals(HttpStatus.OK, http.getStatusCode("/admin/beans"));
}
Also used :
AccessTokenRequest(org.springframework.security.oauth2.client.token.AccessTokenRequest)
OAuth2ContextConfiguration(org.springframework.security.oauth2.client.test.OAuth2ContextConfiguration)
Test(org.junit.Test)
Example 28 with OAuth2ContextConfiguration
use of org.springframework.security.oauth2.client.test.OAuth2ContextConfiguration in project spring-security-oauth by spring-projects.
the class AbstractClientCredentialsProviderTests method testPostForToken.
/**
* tests the basic provider
*/
@Test
@OAuth2ContextConfiguration(ClientCredentials.class)
public void testPostForToken() throws Exception {
OAuth2AccessToken token = context.getAccessToken();
assertNull(token.getRefreshToken());
}
Also used :
OAuth2AccessToken(org.springframework.security.oauth2.common.OAuth2AccessToken)
OAuth2ContextConfiguration(org.springframework.security.oauth2.client.test.OAuth2ContextConfiguration)
Test(org.junit.Test)
Example 29 with OAuth2ContextConfiguration
use of org.springframework.security.oauth2.client.test.OAuth2ContextConfiguration in project spring-security-oauth by spring-projects.
the class ClientCredentialsProviderTests method testCheckToken.
/**
* tests the check_token endpoint
*/
@Test
@OAuth2ContextConfiguration(ClientCredentials.class)
public void testCheckToken() throws Exception {
OAuth2AccessToken token = context.getAccessToken();
HttpHeaders headers = new HttpHeaders();
headers.set("Content-Type", MediaType.APPLICATION_FORM_URLENCODED_VALUE);
@SuppressWarnings("rawtypes") ResponseEntity<Map> response = new TestRestTemplate("my-client-with-secret", "secret").exchange(http.getUrl(checkTokenPath()), HttpMethod.POST, new HttpEntity<String>("token=" + token.getValue(), headers), Map.class);
assertEquals(HttpStatus.OK, response.getStatusCode());
@SuppressWarnings("unchecked") Map<String, Object> map = (Map<String, Object>) response.getBody();
assertTrue(map.containsKey(AccessTokenConverter.EXP));
assertEquals("my-client-with-secret", map.get(AccessTokenConverter.CLIENT_ID));
}
Also used :
HttpHeaders(org.springframework.http.HttpHeaders)
TestRestTemplate(org.springframework.boot.test.web.client.TestRestTemplate)
OAuth2AccessToken(org.springframework.security.oauth2.common.OAuth2AccessToken)
Map(java.util.Map)
OAuth2ContextConfiguration(org.springframework.security.oauth2.client.test.OAuth2ContextConfiguration)
Test(org.junit.Test)
Aggregations
Test (org.junit.Test)28
OAuth2ContextConfiguration (org.springframework.security.oauth2.client.test.OAuth2ContextConfiguration)28
AccessTokenRequest (org.springframework.security.oauth2.client.token.AccessTokenRequest)9
OAuth2AccessToken (org.springframework.security.oauth2.common.OAuth2AccessToken)7
HttpHeaders (org.springframework.http.HttpHeaders)4
ClientHttpResponse (org.springframework.http.client.ClientHttpResponse)4
IOException (java.io.IOException)3
ClientCredentialsAccessTokenProvider (org.springframework.security.oauth2.client.token.grant.client.ClientCredentialsAccessTokenProvider)3
InsufficientScopeException (org.springframework.security.oauth2.common.exceptions.InsufficientScopeException)3
DefaultResponseErrorHandler (org.springframework.web.client.DefaultResponseErrorHandler)3
ResponseErrorHandler (org.springframework.web.client.ResponseErrorHandler)3
TestRestTemplate (org.springframework.boot.test.web.client.TestRestTemplate)2
MediaType (org.springframework.http.MediaType)2
OAuth2RestTemplate (org.springframework.security.oauth2.client.OAuth2RestTemplate)2
UserRedirectRequiredException (org.springframework.security.oauth2.client.resource.UserRedirectRequiredException)2
AuthorizationCodeResourceDetails (org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeResourceDetails)2
RedirectMismatchException (org.springframework.security.oauth2.common.exceptions.RedirectMismatchException)2
HashSet (java.util.HashSet)1
Map (java.util.Map)1
ExecutorService (java.util.concurrent.ExecutorService)1
