Example 1 with DefaultOAuth2UserService
use of org.springframework.security.oauth2.client.userinfo.DefaultOAuth2UserService in project spring-security by spring-projects.
the class DefaultOAuth2UserServiceTests method loadUserWhenTokenContainsScopesThenIndividualScopeAuthorities.
@Test
public void loadUserWhenTokenContainsScopesThenIndividualScopeAuthorities() {
Map<String, Object> body = new HashMap<>();
body.put("id", "id");
DefaultOAuth2UserService userService = withMockResponse(body);
OAuth2UserRequest request = new OAuth2UserRequest(TestClientRegistrations.clientRegistration().build(), TestOAuth2AccessTokens.scopes("message:read", "message:write"));
OAuth2User user = userService.loadUser(request);
assertThat(user.getAuthorities()).hasSize(3);
Iterator<? extends GrantedAuthority> authorities = user.getAuthorities().iterator();
assertThat(authorities.next()).isInstanceOf(OAuth2UserAuthority.class);
assertThat(authorities.next()).isEqualTo(new SimpleGrantedAuthority("SCOPE_message:read"));
assertThat(authorities.next()).isEqualTo(new SimpleGrantedAuthority("SCOPE_message:write"));
}
Also used :
OAuth2User(org.springframework.security.oauth2.core.user.OAuth2User)
SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority)
HashMap(java.util.HashMap)
Test(org.junit.jupiter.api.Test)
Example 2 with DefaultOAuth2UserService
use of org.springframework.security.oauth2.client.userinfo.DefaultOAuth2UserService in project spring-security by spring-projects.
the class DefaultOAuth2UserServiceTests method loadUserWhenTokenDoesNotContainScopesThenNoScopeAuthorities.
@Test
public void loadUserWhenTokenDoesNotContainScopesThenNoScopeAuthorities() {
Map<String, Object> body = new HashMap<>();
body.put("id", "id");
DefaultOAuth2UserService userService = withMockResponse(body);
OAuth2UserRequest request = new OAuth2UserRequest(TestClientRegistrations.clientRegistration().build(), TestOAuth2AccessTokens.noScopes());
OAuth2User user = userService.loadUser(request);
assertThat(user.getAuthorities()).hasSize(1);
Iterator<? extends GrantedAuthority> authorities = user.getAuthorities().iterator();
assertThat(authorities.next()).isInstanceOf(OAuth2UserAuthority.class);
}
Also used :
OAuth2User(org.springframework.security.oauth2.core.user.OAuth2User)
HashMap(java.util.HashMap)
Test(org.junit.jupiter.api.Test)
Example 3 with DefaultOAuth2UserService
use of org.springframework.security.oauth2.client.userinfo.DefaultOAuth2UserService in project spring-security by spring-projects.
the class OidcUserServiceTests method setup.
@BeforeEach
public void setup() throws Exception {
this.server = new MockWebServer();
this.server.start();
this.clientRegistrationBuilder = TestClientRegistrations.clientRegistration().userInfoUri(null).userInfoAuthenticationMethod(AuthenticationMethod.HEADER).userNameAttributeName(StandardClaimNames.SUB);
this.accessToken = TestOAuth2AccessTokens.scopes(OidcScopes.OPENID, OidcScopes.PROFILE);
Map<String, Object> idTokenClaims = new HashMap<>();
idTokenClaims.put(IdTokenClaimNames.ISS, "https://provider.com");
idTokenClaims.put(IdTokenClaimNames.SUB, "subject1");
this.idToken = new OidcIdToken("access-token", Instant.MIN, Instant.MAX, idTokenClaims);
this.userService.setOauth2UserService(new DefaultOAuth2UserService());
}
Also used :
OidcIdToken(org.springframework.security.oauth2.core.oidc.OidcIdToken)
HashMap(java.util.HashMap)
MockWebServer(okhttp3.mockwebserver.MockWebServer)
DefaultOAuth2UserService(org.springframework.security.oauth2.client.userinfo.DefaultOAuth2UserService)
BeforeEach(org.junit.jupiter.api.BeforeEach)
Example 4 with DefaultOAuth2UserService
use of org.springframework.security.oauth2.client.userinfo.DefaultOAuth2UserService in project spring-security by spring-projects.
the class OAuth2LoginConfigurer method getOAuth2UserService.
private OAuth2UserService<OAuth2UserRequest, OAuth2User> getOAuth2UserService() {
if (this.userInfoEndpointConfig.userService != null) {
return this.userInfoEndpointConfig.userService;
}
ResolvableType type = ResolvableType.forClassWithGenerics(OAuth2UserService.class, OAuth2UserRequest.class, OAuth2User.class);
OAuth2UserService<OAuth2UserRequest, OAuth2User> bean = getBeanOrNull(type);
if (bean != null) {
return bean;
}
if (this.userInfoEndpointConfig.customUserTypes.isEmpty()) {
return new DefaultOAuth2UserService();
}
List<OAuth2UserService<OAuth2UserRequest, OAuth2User>> userServices = new ArrayList<>();
userServices.add(new CustomUserTypesOAuth2UserService(this.userInfoEndpointConfig.customUserTypes));
userServices.add(new DefaultOAuth2UserService());
return new DelegatingOAuth2UserService<>(userServices);
}
Also used :
CustomUserTypesOAuth2UserService(org.springframework.security.oauth2.client.userinfo.CustomUserTypesOAuth2UserService)
OAuth2User(org.springframework.security.oauth2.core.user.OAuth2User)
DelegatingOAuth2UserService(org.springframework.security.oauth2.client.userinfo.DelegatingOAuth2UserService)
DefaultOAuth2UserService(org.springframework.security.oauth2.client.userinfo.DefaultOAuth2UserService)
CustomUserTypesOAuth2UserService(org.springframework.security.oauth2.client.userinfo.CustomUserTypesOAuth2UserService)
OAuth2UserService(org.springframework.security.oauth2.client.userinfo.OAuth2UserService)
ArrayList(java.util.ArrayList)
DelegatingOAuth2UserService(org.springframework.security.oauth2.client.userinfo.DelegatingOAuth2UserService)
OAuth2UserRequest(org.springframework.security.oauth2.client.userinfo.OAuth2UserRequest)
ResolvableType(org.springframework.core.ResolvableType)
DefaultOAuth2UserService(org.springframework.security.oauth2.client.userinfo.DefaultOAuth2UserService)
Aggregations
HashMap (java.util.HashMap)3
OAuth2User (org.springframework.security.oauth2.core.user.OAuth2User)3
Test (org.junit.jupiter.api.Test)2
DefaultOAuth2UserService (org.springframework.security.oauth2.client.userinfo.DefaultOAuth2UserService)2
ArrayList (java.util.ArrayList)1
MockWebServer (okhttp3.mockwebserver.MockWebServer)1
BeforeEach (org.junit.jupiter.api.BeforeEach)1
ResolvableType (org.springframework.core.ResolvableType)1
SimpleGrantedAuthority (org.springframework.security.core.authority.SimpleGrantedAuthority)1
CustomUserTypesOAuth2UserService (org.springframework.security.oauth2.client.userinfo.CustomUserTypesOAuth2UserService)1
DelegatingOAuth2UserService (org.springframework.security.oauth2.client.userinfo.DelegatingOAuth2UserService)1
OAuth2UserRequest (org.springframework.security.oauth2.client.userinfo.OAuth2UserRequest)1
OAuth2UserService (org.springframework.security.oauth2.client.userinfo.OAuth2UserService)1
OidcIdToken (org.springframework.security.oauth2.core.oidc.OidcIdToken)1
