Search in sources :

Example 16 with OAuth2AccessToken

use of org.springframework.security.oauth2.core.OAuth2AccessToken in project spring-security-oauth by spring-projects.

the class AccessTokenProviderChainTests method testAnonymousUser.

@Test(expected = InsufficientAuthenticationException.class)
public void testAnonymousUser() throws Exception {
    AccessTokenProviderChain chain = new AccessTokenProviderChain(Arrays.asList(new StubAccessTokenProvider()));
    SecurityContextHolder.getContext().setAuthentication(new AnonymousAuthenticationToken("foo", "bar", user.getAuthorities()));
    AccessTokenRequest request = new DefaultAccessTokenRequest();
    OAuth2AccessToken token = chain.obtainAccessToken(resource, request);
    assertNotNull(token);
}
Also used : DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken) OAuth2AccessToken(org.springframework.security.oauth2.common.OAuth2AccessToken) AnonymousAuthenticationToken(org.springframework.security.authentication.AnonymousAuthenticationToken) Test(org.junit.Test)

Example 17 with OAuth2AccessToken

use of org.springframework.security.oauth2.core.OAuth2AccessToken in project spring-security-oauth by spring-projects.

the class AccessTokenProviderChainTests method testSunnyDayWithExpiredTokenAndTokenServices.

@Test
public void testSunnyDayWithExpiredTokenAndTokenServices() throws Exception {
    AccessTokenProviderChain chain = new AccessTokenProviderChain(Arrays.asList(new StubAccessTokenProvider()));
    chain.setClientTokenServices(clientTokenServices);
    accessToken.setExpiration(new Date(System.currentTimeMillis() - 1000));
    when(clientTokenServices.getAccessToken(resource, user)).thenReturn(accessToken);
    AccessTokenRequest request = new DefaultAccessTokenRequest();
    SecurityContextHolder.getContext().setAuthentication(user);
    OAuth2AccessToken token = chain.obtainAccessToken(resource, request);
    assertNotNull(token);
    Mockito.verify(clientTokenServices).removeAccessToken(resource, user);
    Mockito.verify(clientTokenServices).saveAccessToken(resource, user, token);
}
Also used : DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken) OAuth2AccessToken(org.springframework.security.oauth2.common.OAuth2AccessToken) Date(java.util.Date) Test(org.junit.Test)

Example 18 with OAuth2AccessToken

use of org.springframework.security.oauth2.core.OAuth2AccessToken in project spring-security-oauth by spring-projects.

the class AccessTokenProviderChainTests method testSunnyDayWithTokenServicesSave.

@Test
public void testSunnyDayWithTokenServicesSave() throws Exception {
    AccessTokenProviderChain chain = new AccessTokenProviderChain(Arrays.asList(new StubAccessTokenProvider()));
    chain.setClientTokenServices(clientTokenServices);
    AccessTokenRequest request = new DefaultAccessTokenRequest();
    SecurityContextHolder.getContext().setAuthentication(user);
    OAuth2AccessToken token = chain.obtainAccessToken(resource, request);
    assertNotNull(token);
    Mockito.verify(clientTokenServices).saveAccessToken(resource, user, token);
}
Also used : DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken) OAuth2AccessToken(org.springframework.security.oauth2.common.OAuth2AccessToken) Test(org.junit.Test)

Example 19 with OAuth2AccessToken

use of org.springframework.security.oauth2.core.OAuth2AccessToken in project spring-security-oauth by spring-projects.

the class AccessTokenProviderChainTests method testSunnyDayWIthExpiredTokenAndExpiredRefreshToken.

@Test(expected = InvalidTokenException.class)
public void testSunnyDayWIthExpiredTokenAndExpiredRefreshToken() throws Exception {
    AccessTokenProviderChain chain = new AccessTokenProviderChain(Arrays.asList(new StubAccessTokenProvider()));
    accessToken.setExpiration(new Date(System.currentTimeMillis() - 1000));
    DefaultOAuth2RefreshToken refreshToken = new DefaultExpiringOAuth2RefreshToken("EXP", new Date(System.currentTimeMillis() - 1000));
    accessToken.setRefreshToken(refreshToken);
    AccessTokenRequest request = new DefaultAccessTokenRequest();
    request.setExistingToken(accessToken);
    SecurityContextHolder.getContext().setAuthentication(user);
    OAuth2AccessToken token = chain.obtainAccessToken(resource, request);
    assertNotNull(token);
}
Also used : DefaultOAuth2RefreshToken(org.springframework.security.oauth2.common.DefaultOAuth2RefreshToken) DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken) OAuth2AccessToken(org.springframework.security.oauth2.common.OAuth2AccessToken) DefaultExpiringOAuth2RefreshToken(org.springframework.security.oauth2.common.DefaultExpiringOAuth2RefreshToken) Date(java.util.Date) Test(org.junit.Test)

Example 20 with OAuth2AccessToken

use of org.springframework.security.oauth2.core.OAuth2AccessToken in project spring-security-oauth by spring-projects.

the class AccessTokenProviderChainTests method testSunnyDayWithTokenServicesGet.

@Test
public void testSunnyDayWithTokenServicesGet() throws Exception {
    AccessTokenProviderChain chain = new AccessTokenProviderChain(Collections.<AccessTokenProvider>emptyList());
    when(clientTokenServices.getAccessToken(resource, user)).thenReturn(accessToken);
    chain.setClientTokenServices(clientTokenServices);
    AccessTokenRequest request = new DefaultAccessTokenRequest();
    SecurityContextHolder.getContext().setAuthentication(user);
    OAuth2AccessToken token = chain.obtainAccessToken(resource, request);
    assertEquals(accessToken, token);
    Mockito.verify(clientTokenServices).saveAccessToken(resource, user, token);
}
Also used : DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken) OAuth2AccessToken(org.springframework.security.oauth2.common.OAuth2AccessToken) Test(org.junit.Test)

Aggregations

OAuth2AccessToken (org.springframework.security.oauth2.common.OAuth2AccessToken)216 Test (org.junit.Test)143 DefaultOAuth2AccessToken (org.springframework.security.oauth2.common.DefaultOAuth2AccessToken)124 OAuth2Authentication (org.springframework.security.oauth2.provider.OAuth2Authentication)78 OAuth2AccessToken (org.springframework.security.oauth2.core.OAuth2AccessToken)67 Test (org.junit.jupiter.api.Test)46 HashMap (java.util.HashMap)38 Date (java.util.Date)35 Authentication (org.springframework.security.core.Authentication)34 TokenRequest (org.springframework.security.oauth2.provider.TokenRequest)33 Instant (java.time.Instant)32 OAuth2AccessTokenResponse (org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse)26 OAuth2Request (org.springframework.security.oauth2.provider.OAuth2Request)21 DBUnitTest (org.orcid.test.DBUnitTest)19 OAuth2AuthorizedClient (org.springframework.security.oauth2.client.OAuth2AuthorizedClient)19 DefaultExpiringOAuth2RefreshToken (org.springframework.security.oauth2.common.DefaultExpiringOAuth2RefreshToken)19 OAuth2RefreshToken (org.springframework.security.oauth2.core.OAuth2RefreshToken)19 ClientRegistration (org.springframework.security.oauth2.client.registration.ClientRegistration)18 DefaultOAuth2RefreshToken (org.springframework.security.oauth2.common.DefaultOAuth2RefreshToken)18 Map (java.util.Map)17