Search in sources :

Example 31 with OAuth2UserRequest

use of org.springframework.security.oauth2.client.userinfo.OAuth2UserRequest in project spring-security by spring-projects.

the class OAuth2LoginReactiveAuthenticationManager method onSuccess.

private Mono<OAuth2LoginAuthenticationToken> onSuccess(OAuth2AuthorizationCodeAuthenticationToken authentication) {
    OAuth2AccessToken accessToken = authentication.getAccessToken();
    Map<String, Object> additionalParameters = authentication.getAdditionalParameters();
    OAuth2UserRequest userRequest = new OAuth2UserRequest(authentication.getClientRegistration(), accessToken, additionalParameters);
    return this.userService.loadUser(userRequest).map((oauth2User) -> {
        Collection<? extends GrantedAuthority> mappedAuthorities = this.authoritiesMapper.mapAuthorities(oauth2User.getAuthorities());
        OAuth2LoginAuthenticationToken authenticationResult = new OAuth2LoginAuthenticationToken(authentication.getClientRegistration(), authentication.getAuthorizationExchange(), oauth2User, mappedAuthorities, accessToken, authentication.getRefreshToken());
        return authenticationResult;
    });
}
Also used : OAuth2AccessToken(org.springframework.security.oauth2.core.OAuth2AccessToken) OAuth2UserRequest(org.springframework.security.oauth2.client.userinfo.OAuth2UserRequest)

Example 32 with OAuth2UserRequest

use of org.springframework.security.oauth2.client.userinfo.OAuth2UserRequest in project spring-security by spring-projects.

the class DefaultOAuth2UserServiceTests method loadUserWhenUserInfoSuccessResponseThenAcceptHeaderJson.

// gh-5294
@Test
public void loadUserWhenUserInfoSuccessResponseThenAcceptHeaderJson() throws Exception {
    // @formatter:off
    String userInfoResponse = "{\n" + "   \"user-name\": \"user1\",\n" + "   \"first-name\": \"first\",\n" + "   \"last-name\": \"last\",\n" + "   \"middle-name\": \"middle\",\n" + "   \"address\": \"address\",\n" + "   \"email\": \"user1@example.com\"\n" + "}\n";
    // @formatter:on
    this.server.enqueue(jsonResponse(userInfoResponse));
    String userInfoUri = this.server.url("/user").toString();
    ClientRegistration clientRegistration = this.clientRegistrationBuilder.userInfoUri(userInfoUri).userInfoAuthenticationMethod(AuthenticationMethod.HEADER).userNameAttributeName("user-name").build();
    this.userService.loadUser(new OAuth2UserRequest(clientRegistration, this.accessToken));
    assertThat(this.server.takeRequest(1, TimeUnit.SECONDS).getHeader(HttpHeaders.ACCEPT)).isEqualTo(MediaType.APPLICATION_JSON_VALUE);
}
Also used : ClientRegistration(org.springframework.security.oauth2.client.registration.ClientRegistration) Test(org.junit.jupiter.api.Test)

Example 33 with OAuth2UserRequest

use of org.springframework.security.oauth2.client.userinfo.OAuth2UserRequest in project spring-security by spring-projects.

the class DefaultOAuth2UserServiceTests method loadUserWhenUserInfoUriInvalidThenThrowOAuth2AuthenticationException.

@Test
public void loadUserWhenUserInfoUriInvalidThenThrowOAuth2AuthenticationException() {
    String userInfoUri = "https://invalid-provider.com/user";
    ClientRegistration clientRegistration = this.clientRegistrationBuilder.userInfoUri(userInfoUri).userInfoAuthenticationMethod(AuthenticationMethod.HEADER).userNameAttributeName("user-name").build();
    assertThatExceptionOfType(OAuth2AuthenticationException.class).isThrownBy(() -> this.userService.loadUser(new OAuth2UserRequest(clientRegistration, this.accessToken))).withMessageContaining("[invalid_user_info_response] An error occurred while attempting to retrieve the UserInfo Resource");
}
Also used : ClientRegistration(org.springframework.security.oauth2.client.registration.ClientRegistration) Test(org.junit.jupiter.api.Test)

Example 34 with OAuth2UserRequest

use of org.springframework.security.oauth2.client.userinfo.OAuth2UserRequest in project spring-security by spring-projects.

the class DefaultOAuth2UserServiceTests method loadUserWhenAuthenticationMethodHeaderSuccessResponseThenHttpMethodGet.

// gh-5500
@Test
public void loadUserWhenAuthenticationMethodHeaderSuccessResponseThenHttpMethodGet() throws Exception {
    // @formatter:off
    String userInfoResponse = "{\n" + "   \"user-name\": \"user1\",\n" + "   \"first-name\": \"first\",\n" + "   \"last-name\": \"last\",\n" + "   \"middle-name\": \"middle\",\n" + "   \"address\": \"address\",\n" + "   \"email\": \"user1@example.com\"\n" + "}\n";
    // @formatter:on
    this.server.enqueue(jsonResponse(userInfoResponse));
    String userInfoUri = this.server.url("/user").toString();
    ClientRegistration clientRegistration = this.clientRegistrationBuilder.userInfoUri(userInfoUri).userInfoAuthenticationMethod(AuthenticationMethod.HEADER).userNameAttributeName("user-name").build();
    this.userService.loadUser(new OAuth2UserRequest(clientRegistration, this.accessToken));
    RecordedRequest request = this.server.takeRequest();
    assertThat(request.getMethod()).isEqualTo(HttpMethod.GET.name());
    assertThat(request.getHeader(HttpHeaders.ACCEPT)).isEqualTo(MediaType.APPLICATION_JSON_VALUE);
    assertThat(request.getHeader(HttpHeaders.AUTHORIZATION)).isEqualTo("Bearer " + this.accessToken.getTokenValue());
}
Also used : RecordedRequest(okhttp3.mockwebserver.RecordedRequest) ClientRegistration(org.springframework.security.oauth2.client.registration.ClientRegistration) Test(org.junit.jupiter.api.Test)

Example 35 with OAuth2UserRequest

use of org.springframework.security.oauth2.client.userinfo.OAuth2UserRequest in project spring-security by spring-projects.

the class DelegatingOAuth2UserServiceTests method loadUserWhenUserServiceCannotLoadThenReturnNull.

@Test
@SuppressWarnings("unchecked")
public void loadUserWhenUserServiceCannotLoadThenReturnNull() {
    OAuth2UserService<OAuth2UserRequest, OAuth2User> userService1 = mock(OAuth2UserService.class);
    OAuth2UserService<OAuth2UserRequest, OAuth2User> userService2 = mock(OAuth2UserService.class);
    OAuth2UserService<OAuth2UserRequest, OAuth2User> userService3 = mock(OAuth2UserService.class);
    DelegatingOAuth2UserService<OAuth2UserRequest, OAuth2User> delegatingUserService = new DelegatingOAuth2UserService<>(Arrays.asList(userService1, userService2, userService3));
    OAuth2User loadedUser = delegatingUserService.loadUser(mock(OAuth2UserRequest.class));
    assertThat(loadedUser).isNull();
}
Also used : OAuth2User(org.springframework.security.oauth2.core.user.OAuth2User) Test(org.junit.jupiter.api.Test)

Aggregations

Test (org.junit.jupiter.api.Test)28 ClientRegistration (org.springframework.security.oauth2.client.registration.ClientRegistration)22 OAuth2User (org.springframework.security.oauth2.core.user.OAuth2User)16 HashMap (java.util.HashMap)6 OAuth2UserRequest (org.springframework.security.oauth2.client.userinfo.OAuth2UserRequest)6 OAuth2AuthenticationException (org.springframework.security.oauth2.core.OAuth2AuthenticationException)6 OAuth2AccessToken (org.springframework.security.oauth2.core.OAuth2AccessToken)5 MockResponse (okhttp3.mockwebserver.MockResponse)4 HttpHeaders (org.springframework.http.HttpHeaders)4 SimpleGrantedAuthority (org.springframework.security.core.authority.SimpleGrantedAuthority)4 OAuth2UserAuthority (org.springframework.security.oauth2.core.user.OAuth2UserAuthority)4 Map (java.util.Map)3 GrantedAuthority (org.springframework.security.core.GrantedAuthority)3 OAuth2Error (org.springframework.security.oauth2.core.OAuth2Error)3 DefaultOAuth2User (org.springframework.security.oauth2.core.user.DefaultOAuth2User)3 LinkedHashSet (java.util.LinkedHashSet)2 Set (java.util.Set)2 RecordedRequest (okhttp3.mockwebserver.RecordedRequest)2 GrantedAuthoritiesMapper (org.springframework.security.core.authority.mapping.GrantedAuthoritiesMapper)2 OAuth2AuthorizationCodeGrantRequest (org.springframework.security.oauth2.client.endpoint.OAuth2AuthorizationCodeGrantRequest)2