Search in sources :

Example 11 with OAuth2UserRequest

use of org.springframework.security.oauth2.client.userinfo.OAuth2UserRequest in project spring-security by spring-projects.

the class DefaultOAuth2UserServiceTests method loadUserWhenServerErrorThenThrowOAuth2AuthenticationException.

@Test
public void loadUserWhenServerErrorThenThrowOAuth2AuthenticationException() {
    this.server.enqueue(new MockResponse().setResponseCode(500));
    String userInfoUri = this.server.url("/user").toString();
    ClientRegistration clientRegistration = this.clientRegistrationBuilder.userInfoUri(userInfoUri).userInfoAuthenticationMethod(AuthenticationMethod.HEADER).userNameAttributeName("user-name").build();
    assertThatExceptionOfType(OAuth2AuthenticationException.class).isThrownBy(() -> this.userService.loadUser(new OAuth2UserRequest(clientRegistration, this.accessToken))).withMessageContaining("[invalid_user_info_response] An error occurred while attempting to retrieve the UserInfo Resource: 500 Server Error");
}
Also used : MockResponse(okhttp3.mockwebserver.MockResponse) ClientRegistration(org.springframework.security.oauth2.client.registration.ClientRegistration) Test(org.junit.jupiter.api.Test)

Example 12 with OAuth2UserRequest

use of org.springframework.security.oauth2.client.userinfo.OAuth2UserRequest in project spring-security by spring-projects.

the class DefaultOAuth2UserServiceTests method loadUserWhenAuthenticationMethodFormSuccessResponseThenHttpMethodPost.

// gh-5500
@Test
public void loadUserWhenAuthenticationMethodFormSuccessResponseThenHttpMethodPost() throws Exception {
    // @formatter:off
    String userInfoResponse = "{\n" + "   \"user-name\": \"user1\",\n" + "   \"first-name\": \"first\",\n" + "   \"last-name\": \"last\",\n" + "   \"middle-name\": \"middle\",\n" + "   \"address\": \"address\",\n" + "   \"email\": \"user1@example.com\"\n" + "}\n";
    // @formatter:on
    this.server.enqueue(jsonResponse(userInfoResponse));
    String userInfoUri = this.server.url("/user").toString();
    ClientRegistration clientRegistration = this.clientRegistrationBuilder.userInfoUri(userInfoUri).userInfoAuthenticationMethod(AuthenticationMethod.FORM).userNameAttributeName("user-name").build();
    this.userService.loadUser(new OAuth2UserRequest(clientRegistration, this.accessToken));
    RecordedRequest request = this.server.takeRequest();
    assertThat(request.getMethod()).isEqualTo(HttpMethod.POST.name());
    assertThat(request.getHeader(HttpHeaders.ACCEPT)).isEqualTo(MediaType.APPLICATION_JSON_VALUE);
    assertThat(request.getHeader(HttpHeaders.CONTENT_TYPE)).contains(MediaType.APPLICATION_FORM_URLENCODED_VALUE);
    assertThat(request.getBody().readUtf8()).isEqualTo("access_token=" + this.accessToken.getTokenValue());
}
Also used : RecordedRequest(okhttp3.mockwebserver.RecordedRequest) ClientRegistration(org.springframework.security.oauth2.client.registration.ClientRegistration) Test(org.junit.jupiter.api.Test)

Example 13 with OAuth2UserRequest

use of org.springframework.security.oauth2.client.userinfo.OAuth2UserRequest in project spring-security by spring-projects.

the class OAuth2LoginReactiveAuthenticationManagerTests method authenticateWhenTokenSuccessResponseThenAdditionalParametersAddedToUserRequest.

// gh-5368
@Test
public void authenticateWhenTokenSuccessResponseThenAdditionalParametersAddedToUserRequest() {
    Map<String, Object> additionalParameters = new HashMap<>();
    additionalParameters.put("param1", "value1");
    additionalParameters.put("param2", "value2");
    OAuth2AccessTokenResponse accessTokenResponse = OAuth2AccessTokenResponse.withToken("foo").tokenType(OAuth2AccessToken.TokenType.BEARER).additionalParameters(additionalParameters).build();
    given(this.accessTokenResponseClient.getTokenResponse(any())).willReturn(Mono.just(accessTokenResponse));
    DefaultOAuth2User user = new DefaultOAuth2User(AuthorityUtils.createAuthorityList("ROLE_USER"), Collections.singletonMap("user", "rob"), "user");
    ArgumentCaptor<OAuth2UserRequest> userRequestArgCaptor = ArgumentCaptor.forClass(OAuth2UserRequest.class);
    given(this.userService.loadUser(userRequestArgCaptor.capture())).willReturn(Mono.just(user));
    this.manager.authenticate(loginToken()).block();
    assertThat(userRequestArgCaptor.getValue().getAdditionalParameters()).containsAllEntriesOf(accessTokenResponse.getAdditionalParameters());
}
Also used : OAuth2AccessTokenResponse(org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse) HashMap(java.util.HashMap) DefaultOAuth2User(org.springframework.security.oauth2.core.user.DefaultOAuth2User) OAuth2UserRequest(org.springframework.security.oauth2.client.userinfo.OAuth2UserRequest) Test(org.junit.jupiter.api.Test)

Example 14 with OAuth2UserRequest

use of org.springframework.security.oauth2.client.userinfo.OAuth2UserRequest in project spring-security by spring-projects.

the class CustomUserTypesOAuth2UserServiceTests method loadUserWhenUserInfoSuccessResponseThenReturnUser.

@Test
public void loadUserWhenUserInfoSuccessResponseThenReturnUser() {
    // @formatter:off
    String userInfoResponse = "{\n" + "   \"id\": \"12345\",\n" + "   \"name\": \"first last\",\n" + "   \"login\": \"user1\",\n" + "   \"email\": \"user1@example.com\"\n" + "}\n";
    // @formatter:on
    this.server.enqueue(jsonResponse(userInfoResponse));
    String userInfoUri = this.server.url("/user").toString();
    ClientRegistration clientRegistration = this.clientRegistrationBuilder.userInfoUri(userInfoUri).build();
    OAuth2User user = this.userService.loadUser(new OAuth2UserRequest(clientRegistration, this.accessToken));
    assertThat(user.getName()).isEqualTo("first last");
    assertThat(user.getAttributes().size()).isEqualTo(4);
    assertThat((String) user.getAttribute("id")).isEqualTo("12345");
    assertThat((String) user.getAttribute("name")).isEqualTo("first last");
    assertThat((String) user.getAttribute("login")).isEqualTo("user1");
    assertThat((String) user.getAttribute("email")).isEqualTo("user1@example.com");
    assertThat(user.getAuthorities().size()).isEqualTo(1);
    assertThat(user.getAuthorities().iterator().next().getAuthority()).isEqualTo("ROLE_USER");
}
Also used : OAuth2User(org.springframework.security.oauth2.core.user.OAuth2User) ClientRegistration(org.springframework.security.oauth2.client.registration.ClientRegistration) Test(org.junit.jupiter.api.Test)

Example 15 with OAuth2UserRequest

use of org.springframework.security.oauth2.client.userinfo.OAuth2UserRequest in project spring-security by spring-projects.

the class DefaultReactiveOAuth2UserServiceTests method loadUserWhenUserInfoSuccessResponseThenReturnUser.

@Test
public void loadUserWhenUserInfoSuccessResponseThenReturnUser() {
    // @formatter:off
    String userInfoResponse = "{\n" + "   \"id\": \"user1\",\n" + "   \"first-name\": \"first\",\n" + "   \"last-name\": \"last\",\n" + "   \"middle-name\": \"middle\",\n" + "   \"address\": \"address\",\n" + "   \"email\": \"user1@example.com\"\n" + "}\n";
    // @formatter:on
    enqueueApplicationJsonBody(userInfoResponse);
    OAuth2User user = this.userService.loadUser(oauth2UserRequest()).block();
    assertThat(user.getName()).isEqualTo("user1");
    assertThat(user.getAttributes().size()).isEqualTo(6);
    assertThat((String) user.getAttribute("id")).isEqualTo("user1");
    assertThat((String) user.getAttribute("first-name")).isEqualTo("first");
    assertThat((String) user.getAttribute("last-name")).isEqualTo("last");
    assertThat((String) user.getAttribute("middle-name")).isEqualTo("middle");
    assertThat((String) user.getAttribute("address")).isEqualTo("address");
    assertThat((String) user.getAttribute("email")).isEqualTo("user1@example.com");
    assertThat(user.getAuthorities().size()).isEqualTo(1);
    assertThat(user.getAuthorities().iterator().next()).isInstanceOf(OAuth2UserAuthority.class);
    OAuth2UserAuthority userAuthority = (OAuth2UserAuthority) user.getAuthorities().iterator().next();
    assertThat(userAuthority.getAuthority()).isEqualTo("ROLE_USER");
    assertThat(userAuthority.getAttributes()).isEqualTo(user.getAttributes());
}
Also used : OAuth2User(org.springframework.security.oauth2.core.user.OAuth2User) OAuth2UserAuthority(org.springframework.security.oauth2.core.user.OAuth2UserAuthority) Test(org.junit.jupiter.api.Test)

Aggregations

Test (org.junit.jupiter.api.Test)28 ClientRegistration (org.springframework.security.oauth2.client.registration.ClientRegistration)22 OAuth2User (org.springframework.security.oauth2.core.user.OAuth2User)16 HashMap (java.util.HashMap)6 OAuth2UserRequest (org.springframework.security.oauth2.client.userinfo.OAuth2UserRequest)6 OAuth2AuthenticationException (org.springframework.security.oauth2.core.OAuth2AuthenticationException)6 OAuth2AccessToken (org.springframework.security.oauth2.core.OAuth2AccessToken)5 MockResponse (okhttp3.mockwebserver.MockResponse)4 HttpHeaders (org.springframework.http.HttpHeaders)4 SimpleGrantedAuthority (org.springframework.security.core.authority.SimpleGrantedAuthority)4 OAuth2UserAuthority (org.springframework.security.oauth2.core.user.OAuth2UserAuthority)4 Map (java.util.Map)3 GrantedAuthority (org.springframework.security.core.GrantedAuthority)3 OAuth2Error (org.springframework.security.oauth2.core.OAuth2Error)3 DefaultOAuth2User (org.springframework.security.oauth2.core.user.DefaultOAuth2User)3 LinkedHashSet (java.util.LinkedHashSet)2 Set (java.util.Set)2 RecordedRequest (okhttp3.mockwebserver.RecordedRequest)2 GrantedAuthoritiesMapper (org.springframework.security.core.authority.mapping.GrantedAuthoritiesMapper)2 OAuth2AuthorizationCodeGrantRequest (org.springframework.security.oauth2.client.endpoint.OAuth2AuthorizationCodeGrantRequest)2