Examples with DefaultOAuth2AuthorizationRequestResolver org.springframework.security.oauth2.client.web.DefaultOAuth2AuthorizationRequestResolver used on opensource projects

Search in sources :

Example 1 with DefaultOAuth2AuthorizationRequestResolver

use of org.springframework.security.oauth2.client.web.DefaultOAuth2AuthorizationRequestResolver in project spring-security by spring-projects.

the class OAuth2ClientConfigurerTests method setup.

@BeforeEach
public void setup() {
    // @formatter:off
    this.registration1 = TestClientRegistrations.clientRegistration().registrationId("registration-1").clientId("client-1").clientSecret("secret").clientAuthenticationMethod(ClientAuthenticationMethod.CLIENT_SECRET_BASIC).authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE).redirectUri("{baseUrl}/client-1").scope("user").authorizationUri("https://provider.com/oauth2/authorize").tokenUri("https://provider.com/oauth2/token").userInfoUri("https://provider.com/oauth2/user").userNameAttributeName("id").clientName("client-1").build();
    // @formatter:on
    clientRegistrationRepository = new InMemoryClientRegistrationRepository(this.registration1);
    authorizedClientService = new InMemoryOAuth2AuthorizedClientService(clientRegistrationRepository);
    authorizedClientRepository = new AuthenticatedPrincipalOAuth2AuthorizedClientRepository(authorizedClientService);
    authorizationRequestResolver = new DefaultOAuth2AuthorizationRequestResolver(clientRegistrationRepository, "/oauth2/authorization");
    OAuth2AccessTokenResponse accessTokenResponse = OAuth2AccessTokenResponse.withToken("access-token-1234").tokenType(OAuth2AccessToken.TokenType.BEARER).expiresIn(300).build();
    accessTokenResponseClient = mock(OAuth2AccessTokenResponseClient.class);
    given(accessTokenResponseClient.getTokenResponse(any(OAuth2AuthorizationCodeGrantRequest.class))).willReturn(accessTokenResponse);
    requestCache = mock(RequestCache.class);
}
Also used : OAuth2AccessTokenResponse(org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse) RequestCache(org.springframework.security.web.savedrequest.RequestCache) OAuth2AuthorizationCodeGrantRequest(org.springframework.security.oauth2.client.endpoint.OAuth2AuthorizationCodeGrantRequest) InMemoryOAuth2AuthorizedClientService(org.springframework.security.oauth2.client.InMemoryOAuth2AuthorizedClientService) InMemoryClientRegistrationRepository(org.springframework.security.oauth2.client.registration.InMemoryClientRegistrationRepository) AuthenticatedPrincipalOAuth2AuthorizedClientRepository(org.springframework.security.oauth2.client.web.AuthenticatedPrincipalOAuth2AuthorizedClientRepository) OAuth2AccessTokenResponseClient(org.springframework.security.oauth2.client.endpoint.OAuth2AccessTokenResponseClient) DefaultOAuth2AuthorizationRequestResolver(org.springframework.security.oauth2.client.web.DefaultOAuth2AuthorizationRequestResolver) BeforeEach(org.junit.jupiter.api.BeforeEach)

Example 2 with DefaultOAuth2AuthorizationRequestResolver

use of org.springframework.security.oauth2.client.web.DefaultOAuth2AuthorizationRequestResolver in project spring-security by spring-projects.

the class OAuth2AuthorizationRequestRedirectFilterTests method doFilterWhenAuthorizationRequestAndAdditionalParametersProvidedThenAuthorizationRequestIncludesAdditionalParameters.

// gh-4911
@Test
public void doFilterWhenAuthorizationRequestAndAdditionalParametersProvidedThenAuthorizationRequestIncludesAdditionalParameters() throws Exception {
    String requestUri = OAuth2AuthorizationRequestRedirectFilter.DEFAULT_AUTHORIZATION_REQUEST_BASE_URI + "/" + this.registration1.getRegistrationId();
    MockHttpServletRequest request = new MockHttpServletRequest("GET", requestUri);
    request.setServletPath(requestUri);
    request.addParameter("idp", "https://other.provider.com");
    MockHttpServletResponse response = new MockHttpServletResponse();
    FilterChain filterChain = mock(FilterChain.class);
    OAuth2AuthorizationRequestResolver defaultAuthorizationRequestResolver = new DefaultOAuth2AuthorizationRequestResolver(this.clientRegistrationRepository, OAuth2AuthorizationRequestRedirectFilter.DEFAULT_AUTHORIZATION_REQUEST_BASE_URI);
    OAuth2AuthorizationRequestResolver resolver = mock(OAuth2AuthorizationRequestResolver.class);
    OAuth2AuthorizationRequest result = OAuth2AuthorizationRequest.from(defaultAuthorizationRequestResolver.resolve(request)).additionalParameters(Collections.singletonMap("idp", request.getParameter("idp"))).build();
    given(resolver.resolve(any())).willReturn(result);
    OAuth2AuthorizationRequestRedirectFilter filter = new OAuth2AuthorizationRequestRedirectFilter(resolver);
    filter.doFilter(request, response, filterChain);
    verifyZeroInteractions(filterChain);
    assertThat(response.getRedirectedUrl()).matches("https://example.com/login/oauth/authorize\\?" + "response_type=code&client_id=client-id&" + "scope=read:user&state=.{15,}&" + "redirect_uri=http://localhost/login/oauth2/code/registration-id&" + "idp=https://other.provider.com");
}
Also used : MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) FilterChain(jakarta.servlet.FilterChain) OAuth2AuthorizationRequest(org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) Test(org.junit.jupiter.api.Test)

Example 3 with DefaultOAuth2AuthorizationRequestResolver

use of org.springframework.security.oauth2.client.web.DefaultOAuth2AuthorizationRequestResolver in project spring-security by spring-projects.

the class OAuth2AuthorizationRequestRedirectFilterTests method doFilterWhenAuthorizationRequestAndCustomAuthorizationRequestUriSetThenCustomAuthorizationRequestUriUsed.

// gh-4911, gh-5244
@Test
public void doFilterWhenAuthorizationRequestAndCustomAuthorizationRequestUriSetThenCustomAuthorizationRequestUriUsed() throws Exception {
    String requestUri = OAuth2AuthorizationRequestRedirectFilter.DEFAULT_AUTHORIZATION_REQUEST_BASE_URI + "/" + this.registration1.getRegistrationId();
    MockHttpServletRequest request = new MockHttpServletRequest("GET", requestUri);
    request.setServletPath(requestUri);
    String loginHintParamName = "login_hint";
    request.addParameter(loginHintParamName, "user@provider.com");
    MockHttpServletResponse response = new MockHttpServletResponse();
    FilterChain filterChain = mock(FilterChain.class);
    OAuth2AuthorizationRequestResolver defaultAuthorizationRequestResolver = new DefaultOAuth2AuthorizationRequestResolver(this.clientRegistrationRepository, OAuth2AuthorizationRequestRedirectFilter.DEFAULT_AUTHORIZATION_REQUEST_BASE_URI);
    OAuth2AuthorizationRequestResolver resolver = mock(OAuth2AuthorizationRequestResolver.class);
    OAuth2AuthorizationRequest defaultAuthorizationRequest = defaultAuthorizationRequestResolver.resolve(request);
    Map<String, Object> additionalParameters = new HashMap<>(defaultAuthorizationRequest.getAdditionalParameters());
    additionalParameters.put(loginHintParamName, request.getParameter(loginHintParamName));
    // @formatter:off
    String customAuthorizationRequestUri = UriComponentsBuilder.fromUriString(defaultAuthorizationRequest.getAuthorizationRequestUri()).queryParam(loginHintParamName, additionalParameters.get(loginHintParamName)).build(true).toUriString();
    OAuth2AuthorizationRequest result = OAuth2AuthorizationRequest.from(defaultAuthorizationRequestResolver.resolve(request)).additionalParameters(Collections.singletonMap("idp", request.getParameter("idp"))).authorizationRequestUri(customAuthorizationRequestUri).build();
    // @formatter:on
    given(resolver.resolve(any())).willReturn(result);
    OAuth2AuthorizationRequestRedirectFilter filter = new OAuth2AuthorizationRequestRedirectFilter(resolver);
    filter.doFilter(request, response, filterChain);
    verifyZeroInteractions(filterChain);
    assertThat(response.getRedirectedUrl()).matches("https://example.com/login/oauth/authorize\\?" + "response_type=code&client_id=client-id&" + "scope=read:user&state=.{15,}&" + "redirect_uri=http://localhost/login/oauth2/code/registration-id&" + "login_hint=user@provider\\.com");
}
Also used : HashMap(java.util.HashMap) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) FilterChain(jakarta.servlet.FilterChain) OAuth2AuthorizationRequest(org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) Test(org.junit.jupiter.api.Test)

Example 4 with DefaultOAuth2AuthorizationRequestResolver

use of org.springframework.security.oauth2.client.web.DefaultOAuth2AuthorizationRequestResolver in project spring-security by spring-projects.

the class DefaultOAuth2AuthorizationRequestResolverTests method setUp.

@BeforeEach
public void setUp() {
    this.registration1 = TestClientRegistrations.clientRegistration().build();
    this.registration2 = TestClientRegistrations.clientRegistration2().build();
    this.fineRedirectUriTemplateRegistration = fineRedirectUriTemplateClientRegistration().build();
    // @formatter:off
    this.pkceRegistration = TestClientRegistrations.clientRegistration().registrationId("pkce-client-registration-id").clientId("pkce-client-id").clientAuthenticationMethod(ClientAuthenticationMethod.NONE).clientSecret(null).build();
    this.oidcRegistration = TestClientRegistrations.clientRegistration().registrationId("oidc-registration-id").scope(OidcScopes.OPENID).build();
    // @formatter:on
    this.clientRegistrationRepository = new InMemoryClientRegistrationRepository(this.registration1, this.registration2, this.fineRedirectUriTemplateRegistration, this.pkceRegistration, this.oidcRegistration);
    this.resolver = new DefaultOAuth2AuthorizationRequestResolver(this.clientRegistrationRepository, this.authorizationRequestBaseUri);
}
Also used : InMemoryClientRegistrationRepository(org.springframework.security.oauth2.client.registration.InMemoryClientRegistrationRepository) BeforeEach(org.junit.jupiter.api.BeforeEach)

Aggregations

FilterChain (jakarta.servlet.FilterChain)2 BeforeEach (org.junit.jupiter.api.BeforeEach)2 Test (org.junit.jupiter.api.Test)2 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)2 MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)2 InMemoryClientRegistrationRepository (org.springframework.security.oauth2.client.registration.InMemoryClientRegistrationRepository)2 OAuth2AuthorizationRequest (org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest)2 HashMap (java.util.HashMap)1 InMemoryOAuth2AuthorizedClientService (org.springframework.security.oauth2.client.InMemoryOAuth2AuthorizedClientService)1 OAuth2AccessTokenResponseClient (org.springframework.security.oauth2.client.endpoint.OAuth2AccessTokenResponseClient)1 OAuth2AuthorizationCodeGrantRequest (org.springframework.security.oauth2.client.endpoint.OAuth2AuthorizationCodeGrantRequest)1 AuthenticatedPrincipalOAuth2AuthorizedClientRepository (org.springframework.security.oauth2.client.web.AuthenticatedPrincipalOAuth2AuthorizedClientRepository)1 DefaultOAuth2AuthorizationRequestResolver (org.springframework.security.oauth2.client.web.DefaultOAuth2AuthorizationRequestResolver)1 OAuth2AccessTokenResponse (org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse)1 RequestCache (org.springframework.security.web.savedrequest.RequestCache)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial