Examples with ServerOAuth2AuthorizedClientRepository org.springframework.security.oauth2.client.web.server.ServerOAuth2AuthorizedClientRepository used on opensource projects

Search in sources :

Example 1 with ServerOAuth2AuthorizedClientRepository

use of org.springframework.security.oauth2.client.web.server.ServerOAuth2AuthorizedClientRepository in project spring-security by spring-projects.

the class ServerOAuth2AuthorizedClientExchangeFilterFunctionTests method filterWhenClientCredentialsClientNotAuthorizedAndOutsideRequestContextThenGetNewToken.

// gh-7544
@Test
public void filterWhenClientCredentialsClientNotAuthorizedAndOutsideRequestContextThenGetNewToken() {
    setupMockHeaders();
    // Use UnAuthenticatedServerOAuth2AuthorizedClientRepository when operating
    // outside of a request context
    ServerOAuth2AuthorizedClientRepository unauthenticatedAuthorizedClientRepository = spy(new UnAuthenticatedServerOAuth2AuthorizedClientRepository());
    this.function = new ServerOAuth2AuthorizedClientExchangeFilterFunction(this.clientRegistrationRepository, unauthenticatedAuthorizedClientRepository);
    this.function.setClientCredentialsTokenResponseClient(this.clientCredentialsTokenResponseClient);
    OAuth2AccessTokenResponse accessTokenResponse = OAuth2AccessTokenResponse.withToken("new-token").tokenType(OAuth2AccessToken.TokenType.BEARER).expiresIn(360).build();
    given(this.clientCredentialsTokenResponseClient.getTokenResponse(any())).willReturn(Mono.just(accessTokenResponse));
    ClientRegistration registration = TestClientRegistrations.clientCredentials().build();
    given(this.clientRegistrationRepository.findByRegistrationId(eq(registration.getRegistrationId()))).willReturn(Mono.just(registration));
    // @formatter:off
    ClientRequest request = ClientRequest.create(HttpMethod.GET, URI.create("https://example.com")).attributes(ServerOAuth2AuthorizedClientExchangeFilterFunction.clientRegistrationId(registration.getRegistrationId())).build();
    // @formatter:on
    this.function.filter(request, this.exchange).block();
    verify(unauthenticatedAuthorizedClientRepository).loadAuthorizedClient(any(), any(), any());
    verify(this.clientCredentialsTokenResponseClient).getTokenResponse(any());
    verify(unauthenticatedAuthorizedClientRepository).saveAuthorizedClient(any(), any(), any());
    List<ClientRequest> requests = this.exchange.getRequests();
    assertThat(requests).hasSize(1);
    ClientRequest request1 = requests.get(0);
    assertThat(request1.headers().getFirst(HttpHeaders.AUTHORIZATION)).isEqualTo("Bearer new-token");
    assertThat(request1.url().toASCIIString()).isEqualTo("https://example.com");
    assertThat(request1.method()).isEqualTo(HttpMethod.GET);
    assertThat(getBody(request1)).isEmpty();
}
Also used : OAuth2AccessTokenResponse(org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse) ServerOAuth2AuthorizedClientRepository(org.springframework.security.oauth2.client.web.server.ServerOAuth2AuthorizedClientRepository) UnAuthenticatedServerOAuth2AuthorizedClientRepository(org.springframework.security.oauth2.client.web.server.UnAuthenticatedServerOAuth2AuthorizedClientRepository) ClientRegistration(org.springframework.security.oauth2.client.registration.ClientRegistration) UnAuthenticatedServerOAuth2AuthorizedClientRepository(org.springframework.security.oauth2.client.web.server.UnAuthenticatedServerOAuth2AuthorizedClientRepository) ClientRequest(org.springframework.web.reactive.function.client.ClientRequest) Test(org.junit.jupiter.api.Test)

Example 2 with ServerOAuth2AuthorizedClientRepository

use of org.springframework.security.oauth2.client.web.server.ServerOAuth2AuthorizedClientRepository in project spring-security by spring-projects.

the class OAuth2LoginTests method oauth2AuthorizeWhenCustomObjectsThenUsed.

@Test
public void oauth2AuthorizeWhenCustomObjectsThenUsed() {
    this.spring.register(OAuth2LoginWithSingleClientRegistrations.class, OAuth2AuthorizeWithMockObjectsConfig.class, AuthorizedClientController.class).autowire();
    OAuth2AuthorizeWithMockObjectsConfig config = this.spring.getContext().getBean(OAuth2AuthorizeWithMockObjectsConfig.class);
    ServerOAuth2AuthorizedClientRepository authorizedClientRepository = config.authorizedClientRepository;
    ServerAuthorizationRequestRepository<OAuth2AuthorizationRequest> authorizationRequestRepository = config.authorizationRequestRepository;
    ServerRequestCache requestCache = config.requestCache;
    given(authorizedClientRepository.loadAuthorizedClient(any(), any(), any())).willReturn(Mono.empty());
    given(authorizationRequestRepository.saveAuthorizationRequest(any(), any())).willReturn(Mono.empty());
    given(requestCache.removeMatchingRequest(any())).willReturn(Mono.empty());
    given(requestCache.saveRequest(any())).willReturn(Mono.empty());
    // @formatter:off
    this.client.get().uri("/").exchange().expectStatus().is3xxRedirection();
    // @formatter:on
    verify(authorizedClientRepository).loadAuthorizedClient(any(), any(), any());
    verify(authorizationRequestRepository).saveAuthorizationRequest(any(), any());
    verify(requestCache).saveRequest(any());
}
Also used : ServerOAuth2AuthorizedClientRepository(org.springframework.security.oauth2.client.web.server.ServerOAuth2AuthorizedClientRepository) OAuth2AuthorizationRequest(org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest) ServerRequestCache(org.springframework.security.web.server.savedrequest.ServerRequestCache) Test(org.junit.jupiter.api.Test)

Example 3 with ServerOAuth2AuthorizedClientRepository

use of org.springframework.security.oauth2.client.web.server.ServerOAuth2AuthorizedClientRepository in project spring-security by spring-projects.

the class OAuth2ClientSpecTests method registeredOAuth2AuthorizedClientWhenAuthenticatedThenRedirects.

@Test
@WithMockUser
public void registeredOAuth2AuthorizedClientWhenAuthenticatedThenRedirects() {
    this.spring.register(Config.class, AuthorizedClientController.class).autowire();
    ReactiveClientRegistrationRepository repository = this.spring.getContext().getBean(ReactiveClientRegistrationRepository.class);
    ServerOAuth2AuthorizedClientRepository authorizedClientRepository = this.spring.getContext().getBean(ServerOAuth2AuthorizedClientRepository.class);
    given(repository.findByRegistrationId(any())).willReturn(Mono.just(TestClientRegistrations.clientRegistration().build()));
    given(authorizedClientRepository.loadAuthorizedClient(any(), any(), any())).willReturn(Mono.empty());
    // @formatter:off
    this.client.get().uri("/").exchange().expectStatus().is3xxRedirection();
// @formatter:on
}
Also used : ReactiveClientRegistrationRepository(org.springframework.security.oauth2.client.registration.ReactiveClientRegistrationRepository) InMemoryReactiveClientRegistrationRepository(org.springframework.security.oauth2.client.registration.InMemoryReactiveClientRegistrationRepository) ServerOAuth2AuthorizedClientRepository(org.springframework.security.oauth2.client.web.server.ServerOAuth2AuthorizedClientRepository) WithMockUser(org.springframework.security.test.context.support.WithMockUser) Test(org.junit.jupiter.api.Test)

Example 4 with ServerOAuth2AuthorizedClientRepository

use of org.springframework.security.oauth2.client.web.server.ServerOAuth2AuthorizedClientRepository in project spring-security by spring-projects.

the class OAuth2ClientSpecTests method registeredOAuth2AuthorizedClientWhenAnonymousThenRedirects.

@Test
public void registeredOAuth2AuthorizedClientWhenAnonymousThenRedirects() {
    this.spring.register(Config.class, AuthorizedClientController.class).autowire();
    ReactiveClientRegistrationRepository repository = this.spring.getContext().getBean(ReactiveClientRegistrationRepository.class);
    ServerOAuth2AuthorizedClientRepository authorizedClientRepository = this.spring.getContext().getBean(ServerOAuth2AuthorizedClientRepository.class);
    given(repository.findByRegistrationId(any())).willReturn(Mono.just(TestClientRegistrations.clientRegistration().build()));
    given(authorizedClientRepository.loadAuthorizedClient(any(), any(), any())).willReturn(Mono.empty());
    // @formatter:off
    this.client.get().uri("/").exchange().expectStatus().is3xxRedirection();
// @formatter:on
}
Also used : ReactiveClientRegistrationRepository(org.springframework.security.oauth2.client.registration.ReactiveClientRegistrationRepository) InMemoryReactiveClientRegistrationRepository(org.springframework.security.oauth2.client.registration.InMemoryReactiveClientRegistrationRepository) ServerOAuth2AuthorizedClientRepository(org.springframework.security.oauth2.client.web.server.ServerOAuth2AuthorizedClientRepository) Test(org.junit.jupiter.api.Test)

Example 5 with ServerOAuth2AuthorizedClientRepository

use of org.springframework.security.oauth2.client.web.server.ServerOAuth2AuthorizedClientRepository in project spring-security by spring-projects.

the class ServerOAuth2AuthorizedClientExchangeFilterFunctionITests method setUp.

@BeforeEach
public void setUp() throws Exception {
    this.clientRegistrationRepository = mock(ReactiveClientRegistrationRepository.class);
    final ServerOAuth2AuthorizedClientRepository delegate = new AuthenticatedPrincipalServerOAuth2AuthorizedClientRepository(new InMemoryReactiveOAuth2AuthorizedClientService(this.clientRegistrationRepository));
    this.authorizedClientRepository = spy(new ServerOAuth2AuthorizedClientRepository() {

        @Override
        public <T extends OAuth2AuthorizedClient> Mono<T> loadAuthorizedClient(String clientRegistrationId, Authentication principal, ServerWebExchange exchange) {
            return delegate.loadAuthorizedClient(clientRegistrationId, principal, exchange);
        }

        @Override
        public Mono<Void> saveAuthorizedClient(OAuth2AuthorizedClient authorizedClient, Authentication principal, ServerWebExchange exchange) {
            return delegate.saveAuthorizedClient(authorizedClient, principal, exchange);
        }

        @Override
        public Mono<Void> removeAuthorizedClient(String clientRegistrationId, Authentication principal, ServerWebExchange exchange) {
            return delegate.removeAuthorizedClient(clientRegistrationId, principal, exchange);
        }
    });
    this.authorizedClientFilter = new ServerOAuth2AuthorizedClientExchangeFilterFunction(this.clientRegistrationRepository, this.authorizedClientRepository);
    this.server = new MockWebServer();
    this.server.start();
    this.serverUrl = this.server.url("/").toString();
    // @formatter:off
    this.webClient = WebClient.builder().filter(this.authorizedClientFilter).build();
    // @formatter:on
    this.authentication = new TestingAuthenticationToken("principal", "password");
    this.exchange = MockServerWebExchange.builder(MockServerHttpRequest.get("/").build()).build();
}
Also used : ServerWebExchange(org.springframework.web.server.ServerWebExchange) MockServerWebExchange(org.springframework.mock.web.server.MockServerWebExchange) AuthenticatedPrincipalServerOAuth2AuthorizedClientRepository(org.springframework.security.oauth2.client.web.server.AuthenticatedPrincipalServerOAuth2AuthorizedClientRepository) ServerOAuth2AuthorizedClientRepository(org.springframework.security.oauth2.client.web.server.ServerOAuth2AuthorizedClientRepository) TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken) AuthenticatedPrincipalServerOAuth2AuthorizedClientRepository(org.springframework.security.oauth2.client.web.server.AuthenticatedPrincipalServerOAuth2AuthorizedClientRepository) ReactiveClientRegistrationRepository(org.springframework.security.oauth2.client.registration.ReactiveClientRegistrationRepository) InMemoryReactiveOAuth2AuthorizedClientService(org.springframework.security.oauth2.client.InMemoryReactiveOAuth2AuthorizedClientService) Authentication(org.springframework.security.core.Authentication) MockWebServer(okhttp3.mockwebserver.MockWebServer) OAuth2AuthorizedClient(org.springframework.security.oauth2.client.OAuth2AuthorizedClient) BeforeEach(org.junit.jupiter.api.BeforeEach)

Aggregations

ServerOAuth2AuthorizedClientRepository (org.springframework.security.oauth2.client.web.server.ServerOAuth2AuthorizedClientRepository)5 Test (org.junit.jupiter.api.Test)4 ReactiveClientRegistrationRepository (org.springframework.security.oauth2.client.registration.ReactiveClientRegistrationRepository)3 InMemoryReactiveClientRegistrationRepository (org.springframework.security.oauth2.client.registration.InMemoryReactiveClientRegistrationRepository)2 UnAuthenticatedServerOAuth2AuthorizedClientRepository (org.springframework.security.oauth2.client.web.server.UnAuthenticatedServerOAuth2AuthorizedClientRepository)2 MockWebServer (okhttp3.mockwebserver.MockWebServer)1 BeforeEach (org.junit.jupiter.api.BeforeEach)1 MockServerWebExchange (org.springframework.mock.web.server.MockServerWebExchange)1 TestingAuthenticationToken (org.springframework.security.authentication.TestingAuthenticationToken)1 Authentication (org.springframework.security.core.Authentication)1 InMemoryReactiveOAuth2AuthorizedClientService (org.springframework.security.oauth2.client.InMemoryReactiveOAuth2AuthorizedClientService)1 OAuth2AuthorizedClient (org.springframework.security.oauth2.client.OAuth2AuthorizedClient)1 ClientRegistration (org.springframework.security.oauth2.client.registration.ClientRegistration)1 DefaultReactiveOAuth2AuthorizedClientManager (org.springframework.security.oauth2.client.web.DefaultReactiveOAuth2AuthorizedClientManager)1 AuthenticatedPrincipalServerOAuth2AuthorizedClientRepository (org.springframework.security.oauth2.client.web.server.AuthenticatedPrincipalServerOAuth2AuthorizedClientRepository)1 OAuth2AccessTokenResponse (org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse)1 OAuth2AuthorizationRequest (org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest)1 WithMockUser (org.springframework.security.test.context.support.WithMockUser)1 ServerRequestCache (org.springframework.security.web.server.savedrequest.ServerRequestCache)1 ClientRequest (org.springframework.web.reactive.function.client.ClientRequest)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial