use of org.springframework.security.oauth2.client.userinfo.OAuth2UserRequest in project spring-security by spring-projects.
the class CustomUserTypesOAuth2UserServiceTests method loadUserWhenUserInfoUriInvalidThenThrowOAuth2AuthenticationException.
@Test
public void loadUserWhenUserInfoUriInvalidThenThrowOAuth2AuthenticationException() {
String userInfoUri = "https://invalid-provider.com/user";
ClientRegistration clientRegistration = this.clientRegistrationBuilder.userInfoUri(userInfoUri).build();
assertThatExceptionOfType(OAuth2AuthenticationException.class).isThrownBy(() -> this.userService.loadUser(new OAuth2UserRequest(clientRegistration, this.accessToken))).withMessageContaining("[invalid_user_info_response] An error occurred while attempting to retrieve the UserInfo Resource");
}
use of org.springframework.security.oauth2.client.userinfo.OAuth2UserRequest in project spring-security by spring-projects.
the class CustomUserTypesOAuth2UserServiceTests method loadUserWhenUserInfoSuccessResponseInvalidThenThrowOAuth2AuthenticationException.
@Test
public void loadUserWhenUserInfoSuccessResponseInvalidThenThrowOAuth2AuthenticationException() {
// @formatter:off
String userInfoResponse = "{\n" + " \"id\": \"12345\",\n" + " \"name\": \"first last\",\n" + " \"login\": \"user1\",\n" + " \"email\": \"user1@example.com\"\n";
// "}\n"; // Make the JSON invalid/malformed
// @formatter:on
this.server.enqueue(jsonResponse(userInfoResponse));
String userInfoUri = this.server.url("/user").toString();
ClientRegistration clientRegistration = this.clientRegistrationBuilder.userInfoUri(userInfoUri).build();
assertThatExceptionOfType(OAuth2AuthenticationException.class).isThrownBy(() -> this.userService.loadUser(new OAuth2UserRequest(clientRegistration, this.accessToken))).withMessageContaining("[invalid_user_info_response] An error occurred while attempting to retrieve the UserInfo Resource");
}
use of org.springframework.security.oauth2.client.userinfo.OAuth2UserRequest in project spring-security by spring-projects.
the class OAuth2UserRequestEntityConverterTests method convertWhenAuthenticationMethodHeaderThenGetRequest.
@SuppressWarnings("unchecked")
@Test
public void convertWhenAuthenticationMethodHeaderThenGetRequest() {
ClientRegistration clientRegistration = TestClientRegistrations.clientRegistration().build();
OAuth2UserRequest userRequest = new OAuth2UserRequest(clientRegistration, this.createAccessToken());
RequestEntity<?> requestEntity = this.converter.convert(userRequest);
assertThat(requestEntity.getMethod()).isEqualTo(HttpMethod.GET);
assertThat(requestEntity.getUrl().toASCIIString()).isEqualTo(clientRegistration.getProviderDetails().getUserInfoEndpoint().getUri());
HttpHeaders headers = requestEntity.getHeaders();
assertThat(headers.getAccept()).contains(MediaType.APPLICATION_JSON);
assertThat(headers.getFirst(HttpHeaders.AUTHORIZATION)).isEqualTo("Bearer " + userRequest.getAccessToken().getTokenValue());
}
use of org.springframework.security.oauth2.client.userinfo.OAuth2UserRequest in project spring-security by spring-projects.
the class OAuth2UserRequestEntityConverterTests method convertWhenAuthenticationMethodFormThenPostRequest.
@SuppressWarnings("unchecked")
@Test
public void convertWhenAuthenticationMethodFormThenPostRequest() {
ClientRegistration clientRegistration = TestClientRegistrations.clientRegistration().userInfoAuthenticationMethod(AuthenticationMethod.FORM).build();
OAuth2UserRequest userRequest = new OAuth2UserRequest(clientRegistration, this.createAccessToken());
RequestEntity<?> requestEntity = this.converter.convert(userRequest);
assertThat(requestEntity.getMethod()).isEqualTo(HttpMethod.POST);
assertThat(requestEntity.getUrl().toASCIIString()).isEqualTo(clientRegistration.getProviderDetails().getUserInfoEndpoint().getUri());
HttpHeaders headers = requestEntity.getHeaders();
assertThat(headers.getAccept()).contains(MediaType.APPLICATION_JSON);
assertThat(headers.getContentType()).isEqualTo(MediaType.valueOf(MediaType.APPLICATION_FORM_URLENCODED_VALUE + ";charset=UTF-8"));
MultiValueMap<String, String> formParameters = (MultiValueMap<String, String>) requestEntity.getBody();
assertThat(formParameters.getFirst(OAuth2ParameterNames.ACCESS_TOKEN)).isEqualTo(userRequest.getAccessToken().getTokenValue());
}
use of org.springframework.security.oauth2.client.userinfo.OAuth2UserRequest in project spring-security by spring-projects.
the class CustomUserTypesOAuth2UserServiceTests method loadUserWhenServerErrorThenThrowOAuth2AuthenticationException.
@Test
public void loadUserWhenServerErrorThenThrowOAuth2AuthenticationException() {
this.server.enqueue(new MockResponse().setResponseCode(500));
String userInfoUri = this.server.url("/user").toString();
ClientRegistration clientRegistration = this.clientRegistrationBuilder.userInfoUri(userInfoUri).build();
assertThatExceptionOfType(OAuth2AuthenticationException.class).isThrownBy(() -> this.userService.loadUser(new OAuth2UserRequest(clientRegistration, this.accessToken))).withMessageContaining("[invalid_user_info_response] An error occurred while attempting to retrieve the UserInfo Resource: 500 Server Error");
}
Aggregations