Example 6 with OAuth2AuthorizationRequestResolver
use of org.springframework.security.oauth2.client.web.OAuth2AuthorizationRequestResolver in project spring-security by spring-projects.
the class OAuth2AuthorizationRequestRedirectFilterTests method doFilterWhenAuthorizationRequestAndCustomAuthorizationRequestUriSetThenCustomAuthorizationRequestUriUsed.
// gh-4911, gh-5244
@Test
public void doFilterWhenAuthorizationRequestAndCustomAuthorizationRequestUriSetThenCustomAuthorizationRequestUriUsed() throws Exception {
String requestUri = OAuth2AuthorizationRequestRedirectFilter.DEFAULT_AUTHORIZATION_REQUEST_BASE_URI + "/" + this.registration1.getRegistrationId();
MockHttpServletRequest request = new MockHttpServletRequest("GET", requestUri);
request.setServletPath(requestUri);
String loginHintParamName = "login_hint";
request.addParameter(loginHintParamName, "user@provider.com");
MockHttpServletResponse response = new MockHttpServletResponse();
FilterChain filterChain = mock(FilterChain.class);
OAuth2AuthorizationRequestResolver defaultAuthorizationRequestResolver = new DefaultOAuth2AuthorizationRequestResolver(this.clientRegistrationRepository, OAuth2AuthorizationRequestRedirectFilter.DEFAULT_AUTHORIZATION_REQUEST_BASE_URI);
OAuth2AuthorizationRequestResolver resolver = mock(OAuth2AuthorizationRequestResolver.class);
OAuth2AuthorizationRequest defaultAuthorizationRequest = defaultAuthorizationRequestResolver.resolve(request);
Map<String, Object> additionalParameters = new HashMap<>(defaultAuthorizationRequest.getAdditionalParameters());
additionalParameters.put(loginHintParamName, request.getParameter(loginHintParamName));
// @formatter:off
String customAuthorizationRequestUri = UriComponentsBuilder.fromUriString(defaultAuthorizationRequest.getAuthorizationRequestUri()).queryParam(loginHintParamName, additionalParameters.get(loginHintParamName)).build(true).toUriString();
OAuth2AuthorizationRequest result = OAuth2AuthorizationRequest.from(defaultAuthorizationRequestResolver.resolve(request)).additionalParameters(Collections.singletonMap("idp", request.getParameter("idp"))).authorizationRequestUri(customAuthorizationRequestUri).build();
// @formatter:on
given(resolver.resolve(any())).willReturn(result);
OAuth2AuthorizationRequestRedirectFilter filter = new OAuth2AuthorizationRequestRedirectFilter(resolver);
filter.doFilter(request, response, filterChain);
verifyZeroInteractions(filterChain);
assertThat(response.getRedirectedUrl()).matches("https://example.com/login/oauth/authorize\\?" + "response_type=code&client_id=client-id&" + "scope=read:user&state=.{15,}&" + "redirect_uri=http://localhost/login/oauth2/code/registration-id&" + "login_hint=user@provider\\.com");
}
Also used :
HashMap(java.util.HashMap)
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
FilterChain(jakarta.servlet.FilterChain)
OAuth2AuthorizationRequest(org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest)
MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse)
Test(org.junit.jupiter.api.Test)
Aggregations
Test (org.junit.jupiter.api.Test)6
MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)5
OAuth2AuthorizationRequest (org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest)4
FilterChain (jakarta.servlet.FilterChain)3
MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)3
OAuth2AuthorizationRequestResolver (org.springframework.security.oauth2.client.web.OAuth2AuthorizationRequestResolver)3
ServletRequest (jakarta.servlet.ServletRequest)1
ServletResponse (jakarta.servlet.ServletResponse)1
HttpServletRequest (jakarta.servlet.http.HttpServletRequest)1
HttpServletResponse (jakarta.servlet.http.HttpServletResponse)1
HashMap (java.util.HashMap)1
ClientAuthorizationRequiredException (org.springframework.security.oauth2.client.ClientAuthorizationRequiredException)1
DefaultOAuth2AuthorizationRequestResolver (org.springframework.security.oauth2.client.web.DefaultOAuth2AuthorizationRequestResolver)1
