Examples with ServerAuthorizationRequestRepository org.springframework.security.oauth2.client.web.server.ServerAuthorizationRequestRepository used on opensource projects

Search in sources :

Example 1 with ServerAuthorizationRequestRepository

use of org.springframework.security.oauth2.client.web.server.ServerAuthorizationRequestRepository in project spring-security by spring-projects.

the class OAuth2LoginTests method oauth2AuthorizeWhenCustomObjectsThenUsed.

@Test
public void oauth2AuthorizeWhenCustomObjectsThenUsed() {
    this.spring.register(OAuth2LoginWithSingleClientRegistrations.class, OAuth2AuthorizeWithMockObjectsConfig.class, AuthorizedClientController.class).autowire();
    OAuth2AuthorizeWithMockObjectsConfig config = this.spring.getContext().getBean(OAuth2AuthorizeWithMockObjectsConfig.class);
    ServerOAuth2AuthorizedClientRepository authorizedClientRepository = config.authorizedClientRepository;
    ServerAuthorizationRequestRepository<OAuth2AuthorizationRequest> authorizationRequestRepository = config.authorizationRequestRepository;
    ServerRequestCache requestCache = config.requestCache;
    given(authorizedClientRepository.loadAuthorizedClient(any(), any(), any())).willReturn(Mono.empty());
    given(authorizationRequestRepository.saveAuthorizationRequest(any(), any())).willReturn(Mono.empty());
    given(requestCache.removeMatchingRequest(any())).willReturn(Mono.empty());
    given(requestCache.saveRequest(any())).willReturn(Mono.empty());
    // @formatter:off
    this.client.get().uri("/").exchange().expectStatus().is3xxRedirection();
    // @formatter:on
    verify(authorizedClientRepository).loadAuthorizedClient(any(), any(), any());
    verify(authorizationRequestRepository).saveAuthorizationRequest(any(), any());
    verify(requestCache).saveRequest(any());
}
Also used : ServerOAuth2AuthorizedClientRepository(org.springframework.security.oauth2.client.web.server.ServerOAuth2AuthorizedClientRepository) OAuth2AuthorizationRequest(org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest) ServerRequestCache(org.springframework.security.web.server.savedrequest.ServerRequestCache) Test(org.junit.jupiter.api.Test)

Example 2 with ServerAuthorizationRequestRepository

use of org.springframework.security.oauth2.client.web.server.ServerAuthorizationRequestRepository in project spring-security by spring-projects.

the class OAuth2ClientSpecTests method oauth2ClientWhenCustomObjectsThenUsed.

@Test
public void oauth2ClientWhenCustomObjectsThenUsed() {
    this.spring.register(ClientRegistrationConfig.class, OAuth2ClientCustomConfig.class, AuthorizedClientController.class).autowire();
    OAuth2ClientCustomConfig config = this.spring.getContext().getBean(OAuth2ClientCustomConfig.class);
    ServerAuthenticationConverter converter = config.authenticationConverter;
    ReactiveAuthenticationManager manager = config.manager;
    ServerAuthorizationRequestRepository<OAuth2AuthorizationRequest> authorizationRequestRepository = config.authorizationRequestRepository;
    ServerRequestCache requestCache = config.requestCache;
    OAuth2AuthorizationRequest authorizationRequest = TestOAuth2AuthorizationRequests.request().redirectUri("/authorize/oauth2/code/registration-id").build();
    OAuth2AuthorizationResponse authorizationResponse = TestOAuth2AuthorizationResponses.success().redirectUri("/authorize/oauth2/code/registration-id").build();
    OAuth2AuthorizationExchange authorizationExchange = new OAuth2AuthorizationExchange(authorizationRequest, authorizationResponse);
    OAuth2AccessToken accessToken = TestOAuth2AccessTokens.noScopes();
    OAuth2AuthorizationCodeAuthenticationToken result = new OAuth2AuthorizationCodeAuthenticationToken(this.registration, authorizationExchange, accessToken);
    given(authorizationRequestRepository.loadAuthorizationRequest(any())).willReturn(Mono.just(authorizationRequest));
    given(converter.convert(any())).willReturn(Mono.just(new TestingAuthenticationToken("a", "b", "c")));
    given(manager.authenticate(any())).willReturn(Mono.just(result));
    given(requestCache.getRedirectUri(any())).willReturn(Mono.just(URI.create("/saved-request")));
    // @formatter:off
    this.client.get().uri((uriBuilder) -> uriBuilder.path("/authorize/oauth2/code/registration-id").queryParam(OAuth2ParameterNames.CODE, "code").queryParam(OAuth2ParameterNames.STATE, "state").build()).exchange().expectStatus().is3xxRedirection();
    // @formatter:on
    verify(converter).convert(any());
    verify(manager).authenticate(any());
    verify(requestCache).getRedirectUri(any());
}
Also used : ServerAuthorizationRequestRepository(org.springframework.security.oauth2.client.web.server.ServerAuthorizationRequestRepository) ArgumentMatchers.any(org.mockito.ArgumentMatchers.any) OAuth2ParameterNames(org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames) TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken) TestOAuth2AccessTokens(org.springframework.security.oauth2.core.TestOAuth2AccessTokens) RegisteredOAuth2AuthorizedClient(org.springframework.security.oauth2.client.annotation.RegisteredOAuth2AuthorizedClient) TestOAuth2AuthorizationRequests(org.springframework.security.oauth2.core.endpoint.TestOAuth2AuthorizationRequests) Autowired(org.springframework.beans.factory.annotation.Autowired) ServerAuthenticationConverter(org.springframework.security.web.server.authentication.ServerAuthenticationConverter) WebTestClient(org.springframework.test.web.reactive.server.WebTestClient) OAuth2AuthorizationCodeAuthenticationToken(org.springframework.security.oauth2.client.authentication.OAuth2AuthorizationCodeAuthenticationToken) ExtendWith(org.junit.jupiter.api.extension.ExtendWith) EnableWebFlux(org.springframework.web.reactive.config.EnableWebFlux) EnableWebFluxSecurity(org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity) BDDMockito.given(org.mockito.BDDMockito.given) ReactiveAuthenticationManager(org.springframework.security.authentication.ReactiveAuthenticationManager) GetMapping(org.springframework.web.bind.annotation.GetMapping) URI(java.net.URI) OAuth2AccessToken(org.springframework.security.oauth2.core.OAuth2AccessToken) TestClientRegistrations(org.springframework.security.oauth2.client.registration.TestClientRegistrations) OAuth2AuthorizationResponse(org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationResponse) ReactiveClientRegistrationRepository(org.springframework.security.oauth2.client.registration.ReactiveClientRegistrationRepository) SpringExtension(org.springframework.test.context.junit.jupiter.SpringExtension) ServerRequestCache(org.springframework.security.web.server.savedrequest.ServerRequestCache) OAuth2AuthorizationExchange(org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationExchange) OAuth2AuthorizationRequest(org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest) SecurityTestExecutionListeners(org.springframework.security.test.context.annotation.SecurityTestExecutionListeners) Mono(reactor.core.publisher.Mono) ApplicationContext(org.springframework.context.ApplicationContext) ClientRegistration(org.springframework.security.oauth2.client.registration.ClientRegistration) RestController(org.springframework.web.bind.annotation.RestController) OAuth2AuthorizedClient(org.springframework.security.oauth2.client.OAuth2AuthorizedClient) Mockito.verify(org.mockito.Mockito.verify) Test(org.junit.jupiter.api.Test) Configuration(org.springframework.context.annotation.Configuration) InMemoryReactiveClientRegistrationRepository(org.springframework.security.oauth2.client.registration.InMemoryReactiveClientRegistrationRepository) SecurityWebFilterChain(org.springframework.security.web.server.SecurityWebFilterChain) WithMockUser(org.springframework.security.test.context.support.WithMockUser) SpringTestContext(org.springframework.security.config.test.SpringTestContext) TestOAuth2AuthorizationResponses(org.springframework.security.oauth2.core.endpoint.TestOAuth2AuthorizationResponses) SpringTestContextExtension(org.springframework.security.config.test.SpringTestContextExtension) Bean(org.springframework.context.annotation.Bean) ServerOAuth2AuthorizedClientRepository(org.springframework.security.oauth2.client.web.server.ServerOAuth2AuthorizedClientRepository) Mockito.mock(org.mockito.Mockito.mock) ReactiveAuthenticationManager(org.springframework.security.authentication.ReactiveAuthenticationManager) OAuth2AuthorizationCodeAuthenticationToken(org.springframework.security.oauth2.client.authentication.OAuth2AuthorizationCodeAuthenticationToken) ServerAuthenticationConverter(org.springframework.security.web.server.authentication.ServerAuthenticationConverter) OAuth2AuthorizationResponse(org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationResponse) TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken) OAuth2AccessToken(org.springframework.security.oauth2.core.OAuth2AccessToken) OAuth2AuthorizationExchange(org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationExchange) OAuth2AuthorizationRequest(org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest) ServerRequestCache(org.springframework.security.web.server.savedrequest.ServerRequestCache) Test(org.junit.jupiter.api.Test)

Example 3 with ServerAuthorizationRequestRepository

use of org.springframework.security.oauth2.client.web.server.ServerAuthorizationRequestRepository in project spring-security by spring-projects.

the class OAuth2ClientSpecTests method oauth2ClientWhenCustomObjectsInLambdaThenUsed.

@Test
public void oauth2ClientWhenCustomObjectsInLambdaThenUsed() {
    this.spring.register(ClientRegistrationConfig.class, OAuth2ClientInLambdaCustomConfig.class, AuthorizedClientController.class).autowire();
    OAuth2ClientInLambdaCustomConfig config = this.spring.getContext().getBean(OAuth2ClientInLambdaCustomConfig.class);
    ServerAuthenticationConverter converter = config.authenticationConverter;
    ReactiveAuthenticationManager manager = config.manager;
    ServerAuthorizationRequestRepository<OAuth2AuthorizationRequest> authorizationRequestRepository = config.authorizationRequestRepository;
    ServerRequestCache requestCache = config.requestCache;
    OAuth2AuthorizationRequest authorizationRequest = TestOAuth2AuthorizationRequests.request().redirectUri("/authorize/oauth2/code/registration-id").build();
    OAuth2AuthorizationResponse authorizationResponse = TestOAuth2AuthorizationResponses.success().redirectUri("/authorize/oauth2/code/registration-id").build();
    OAuth2AuthorizationExchange authorizationExchange = new OAuth2AuthorizationExchange(authorizationRequest, authorizationResponse);
    OAuth2AccessToken accessToken = TestOAuth2AccessTokens.noScopes();
    OAuth2AuthorizationCodeAuthenticationToken result = new OAuth2AuthorizationCodeAuthenticationToken(this.registration, authorizationExchange, accessToken);
    given(authorizationRequestRepository.loadAuthorizationRequest(any())).willReturn(Mono.just(authorizationRequest));
    given(converter.convert(any())).willReturn(Mono.just(new TestingAuthenticationToken("a", "b", "c")));
    given(manager.authenticate(any())).willReturn(Mono.just(result));
    given(requestCache.getRedirectUri(any())).willReturn(Mono.just(URI.create("/saved-request")));
    // @formatter:off
    this.client.get().uri((uriBuilder) -> uriBuilder.path("/authorize/oauth2/code/registration-id").queryParam(OAuth2ParameterNames.CODE, "code").queryParam(OAuth2ParameterNames.STATE, "state").build()).exchange().expectStatus().is3xxRedirection();
    // @formatter:on
    verify(converter).convert(any());
    verify(manager).authenticate(any());
    verify(requestCache).getRedirectUri(any());
}
Also used : ServerAuthorizationRequestRepository(org.springframework.security.oauth2.client.web.server.ServerAuthorizationRequestRepository) ArgumentMatchers.any(org.mockito.ArgumentMatchers.any) OAuth2ParameterNames(org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames) TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken) TestOAuth2AccessTokens(org.springframework.security.oauth2.core.TestOAuth2AccessTokens) RegisteredOAuth2AuthorizedClient(org.springframework.security.oauth2.client.annotation.RegisteredOAuth2AuthorizedClient) TestOAuth2AuthorizationRequests(org.springframework.security.oauth2.core.endpoint.TestOAuth2AuthorizationRequests) Autowired(org.springframework.beans.factory.annotation.Autowired) ServerAuthenticationConverter(org.springframework.security.web.server.authentication.ServerAuthenticationConverter) WebTestClient(org.springframework.test.web.reactive.server.WebTestClient) OAuth2AuthorizationCodeAuthenticationToken(org.springframework.security.oauth2.client.authentication.OAuth2AuthorizationCodeAuthenticationToken) ExtendWith(org.junit.jupiter.api.extension.ExtendWith) EnableWebFlux(org.springframework.web.reactive.config.EnableWebFlux) EnableWebFluxSecurity(org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity) BDDMockito.given(org.mockito.BDDMockito.given) ReactiveAuthenticationManager(org.springframework.security.authentication.ReactiveAuthenticationManager) GetMapping(org.springframework.web.bind.annotation.GetMapping) URI(java.net.URI) OAuth2AccessToken(org.springframework.security.oauth2.core.OAuth2AccessToken) TestClientRegistrations(org.springframework.security.oauth2.client.registration.TestClientRegistrations) OAuth2AuthorizationResponse(org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationResponse) ReactiveClientRegistrationRepository(org.springframework.security.oauth2.client.registration.ReactiveClientRegistrationRepository) SpringExtension(org.springframework.test.context.junit.jupiter.SpringExtension) ServerRequestCache(org.springframework.security.web.server.savedrequest.ServerRequestCache) OAuth2AuthorizationExchange(org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationExchange) OAuth2AuthorizationRequest(org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest) SecurityTestExecutionListeners(org.springframework.security.test.context.annotation.SecurityTestExecutionListeners) Mono(reactor.core.publisher.Mono) ApplicationContext(org.springframework.context.ApplicationContext) ClientRegistration(org.springframework.security.oauth2.client.registration.ClientRegistration) RestController(org.springframework.web.bind.annotation.RestController) OAuth2AuthorizedClient(org.springframework.security.oauth2.client.OAuth2AuthorizedClient) Mockito.verify(org.mockito.Mockito.verify) Test(org.junit.jupiter.api.Test) Configuration(org.springframework.context.annotation.Configuration) InMemoryReactiveClientRegistrationRepository(org.springframework.security.oauth2.client.registration.InMemoryReactiveClientRegistrationRepository) SecurityWebFilterChain(org.springframework.security.web.server.SecurityWebFilterChain) WithMockUser(org.springframework.security.test.context.support.WithMockUser) SpringTestContext(org.springframework.security.config.test.SpringTestContext) TestOAuth2AuthorizationResponses(org.springframework.security.oauth2.core.endpoint.TestOAuth2AuthorizationResponses) SpringTestContextExtension(org.springframework.security.config.test.SpringTestContextExtension) Bean(org.springframework.context.annotation.Bean) ServerOAuth2AuthorizedClientRepository(org.springframework.security.oauth2.client.web.server.ServerOAuth2AuthorizedClientRepository) Mockito.mock(org.mockito.Mockito.mock) ReactiveAuthenticationManager(org.springframework.security.authentication.ReactiveAuthenticationManager) OAuth2AuthorizationCodeAuthenticationToken(org.springframework.security.oauth2.client.authentication.OAuth2AuthorizationCodeAuthenticationToken) ServerAuthenticationConverter(org.springframework.security.web.server.authentication.ServerAuthenticationConverter) OAuth2AuthorizationResponse(org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationResponse) TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken) OAuth2AccessToken(org.springframework.security.oauth2.core.OAuth2AccessToken) OAuth2AuthorizationExchange(org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationExchange) OAuth2AuthorizationRequest(org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest) ServerRequestCache(org.springframework.security.web.server.savedrequest.ServerRequestCache) Test(org.junit.jupiter.api.Test)

Example 4 with ServerAuthorizationRequestRepository

use of org.springframework.security.oauth2.client.web.server.ServerAuthorizationRequestRepository in project spring-security by spring-projects.

the class ServerHttpSecurityTests method shouldConfigureAuthorizationRequestRepositoryForOAuth2Login.

@Test
public void shouldConfigureAuthorizationRequestRepositoryForOAuth2Login() {
    ServerAuthorizationRequestRepository<OAuth2AuthorizationRequest> authorizationRequestRepository = mock(ServerAuthorizationRequestRepository.class);
    ReactiveClientRegistrationRepository clientRegistrationRepository = mock(ReactiveClientRegistrationRepository.class);
    OAuth2AuthorizationRequest authorizationRequest = TestOAuth2AuthorizationRequests.request().build();
    given(authorizationRequestRepository.removeAuthorizationRequest(any())).willReturn(Mono.just(authorizationRequest));
    SecurityWebFilterChain securityFilterChain = this.http.oauth2Login().clientRegistrationRepository(clientRegistrationRepository).authorizationRequestRepository(authorizationRequestRepository).and().build();
    WebTestClient client = WebTestClientBuilder.bindToWebFilters(securityFilterChain).build();
    client.get().uri("/login/oauth2/code/registration-id").exchange();
    verify(authorizationRequestRepository).removeAuthorizationRequest(any());
}
Also used : ReactiveClientRegistrationRepository(org.springframework.security.oauth2.client.registration.ReactiveClientRegistrationRepository) WebTestClient(org.springframework.test.web.reactive.server.WebTestClient) OAuth2AuthorizationRequest(org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest) SecurityWebFilterChain(org.springframework.security.web.server.SecurityWebFilterChain) Test(org.junit.jupiter.api.Test)

Aggregations

Test (org.junit.jupiter.api.Test)4 OAuth2AuthorizationRequest (org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest)4 ReactiveClientRegistrationRepository (org.springframework.security.oauth2.client.registration.ReactiveClientRegistrationRepository)3 ServerOAuth2AuthorizedClientRepository (org.springframework.security.oauth2.client.web.server.ServerOAuth2AuthorizedClientRepository)3 SecurityWebFilterChain (org.springframework.security.web.server.SecurityWebFilterChain)3 ServerRequestCache (org.springframework.security.web.server.savedrequest.ServerRequestCache)3 WebTestClient (org.springframework.test.web.reactive.server.WebTestClient)3 URI (java.net.URI)2 ExtendWith (org.junit.jupiter.api.extension.ExtendWith)2 ArgumentMatchers.any (org.mockito.ArgumentMatchers.any)2 BDDMockito.given (org.mockito.BDDMockito.given)2 Mockito.mock (org.mockito.Mockito.mock)2 Mockito.verify (org.mockito.Mockito.verify)2 Autowired (org.springframework.beans.factory.annotation.Autowired)2 ApplicationContext (org.springframework.context.ApplicationContext)2 Bean (org.springframework.context.annotation.Bean)2 Configuration (org.springframework.context.annotation.Configuration)2 ReactiveAuthenticationManager (org.springframework.security.authentication.ReactiveAuthenticationManager)2 TestingAuthenticationToken (org.springframework.security.authentication.TestingAuthenticationToken)2 EnableWebFluxSecurity (org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial