Example 1 with OAuth2AuthenticatedPrincipal
use of org.springframework.security.oauth2.core.OAuth2AuthenticatedPrincipal in project spring-security by spring-projects.
the class SpringReactiveOpaqueTokenIntrospectorTests method authenticateWhenActiveTokenThenParsesValuesInResponse.
@Test
public void authenticateWhenActiveTokenThenParsesValuesInResponse() {
Map<String, Object> introspectedValues = new HashMap<>();
introspectedValues.put(OAuth2TokenIntrospectionClaimNames.ACTIVE, true);
introspectedValues.put(OAuth2TokenIntrospectionClaimNames.AUD, Arrays.asList("aud"));
introspectedValues.put(OAuth2TokenIntrospectionClaimNames.NBF, 29348723984L);
WebClient webClient = mockResponse(introspectedValues);
SpringReactiveOpaqueTokenIntrospector introspectionClient = new SpringReactiveOpaqueTokenIntrospector(INTROSPECTION_URL, webClient);
OAuth2AuthenticatedPrincipal authority = introspectionClient.introspect("token").block();
assertThat(authority).isNotNull();
// @formatter:off
assertThat(authority.getAttributes()).isNotNull().containsEntry(OAuth2TokenIntrospectionClaimNames.ACTIVE, true).containsEntry(OAuth2TokenIntrospectionClaimNames.AUD, Arrays.asList("aud")).containsEntry(OAuth2TokenIntrospectionClaimNames.NBF, Instant.ofEpochSecond(29348723984L)).doesNotContainKey(OAuth2TokenIntrospectionClaimNames.CLIENT_ID).doesNotContainKey(OAuth2TokenIntrospectionClaimNames.SCOPE);
// @formatter:on
}
Also used :
HashMap(java.util.HashMap)
OAuth2AuthenticatedPrincipal(org.springframework.security.oauth2.core.OAuth2AuthenticatedPrincipal)
WebClient(org.springframework.web.reactive.function.client.WebClient)
Test(org.junit.jupiter.api.Test)
Example 2 with OAuth2AuthenticatedPrincipal
use of org.springframework.security.oauth2.core.OAuth2AuthenticatedPrincipal in project spring-security by spring-projects.
the class OpaqueTokenReactiveAuthenticationManagerTests method authenticateWhenActiveTokenThenOk.
@Test
public void authenticateWhenActiveTokenThenOk() throws Exception {
OAuth2AuthenticatedPrincipal authority = TestOAuth2AuthenticatedPrincipals.active((attributes) -> attributes.put("extension_field", "twenty-seven"));
ReactiveOpaqueTokenIntrospector introspector = mock(ReactiveOpaqueTokenIntrospector.class);
given(introspector.introspect(any())).willReturn(Mono.just(authority));
OpaqueTokenReactiveAuthenticationManager provider = new OpaqueTokenReactiveAuthenticationManager(introspector);
Authentication result = provider.authenticate(new BearerTokenAuthenticationToken("token")).block();
assertThat(result.getPrincipal()).isInstanceOf(OAuth2IntrospectionAuthenticatedPrincipal.class);
Map<String, Object> attributes = ((OAuth2AuthenticatedPrincipal) result.getPrincipal()).getAttributes();
// @formatter:off
assertThat(attributes).isNotNull().containsEntry(OAuth2TokenIntrospectionClaimNames.ACTIVE, true).containsEntry(OAuth2TokenIntrospectionClaimNames.AUD, Arrays.asList("https://protected.example.net/resource")).containsEntry(OAuth2TokenIntrospectionClaimNames.CLIENT_ID, "l238j323ds-23ij4").containsEntry(OAuth2TokenIntrospectionClaimNames.EXP, Instant.ofEpochSecond(1419356238)).containsEntry(OAuth2TokenIntrospectionClaimNames.ISS, new URL("https://server.example.com/")).containsEntry(OAuth2TokenIntrospectionClaimNames.NBF, Instant.ofEpochSecond(29348723984L)).containsEntry(OAuth2TokenIntrospectionClaimNames.SCOPE, Arrays.asList("read", "write", "dolphin")).containsEntry(OAuth2TokenIntrospectionClaimNames.SUB, "Z5O3upPC88QrAjx00dis").containsEntry(OAuth2TokenIntrospectionClaimNames.USERNAME, "jdoe").containsEntry("extension_field", "twenty-seven");
assertThat(result.getAuthorities()).extracting("authority").containsExactly("SCOPE_read", "SCOPE_write", "SCOPE_dolphin");
// @formatter:on
}
Also used :
OAuth2AuthenticatedPrincipal(org.springframework.security.oauth2.core.OAuth2AuthenticatedPrincipal)
Authentication(org.springframework.security.core.Authentication)
ReactiveOpaqueTokenIntrospector(org.springframework.security.oauth2.server.resource.introspection.ReactiveOpaqueTokenIntrospector)
BearerTokenAuthenticationToken(org.springframework.security.oauth2.server.resource.BearerTokenAuthenticationToken)
URL(java.net.URL)
Test(org.junit.jupiter.api.Test)
Example 3 with OAuth2AuthenticatedPrincipal
use of org.springframework.security.oauth2.core.OAuth2AuthenticatedPrincipal in project spring-security by spring-projects.
the class NimbusReactiveOpaqueTokenIntrospectorTests method authenticateWhenActiveTokenThenParsesValuesInResponse.
@Test
public void authenticateWhenActiveTokenThenParsesValuesInResponse() {
Map<String, Object> introspectedValues = new HashMap<>();
introspectedValues.put(OAuth2TokenIntrospectionClaimNames.ACTIVE, true);
introspectedValues.put(OAuth2TokenIntrospectionClaimNames.AUD, Arrays.asList("aud"));
introspectedValues.put(OAuth2TokenIntrospectionClaimNames.NBF, 29348723984L);
WebClient webClient = mockResponse(new JSONObject(introspectedValues).toJSONString());
NimbusReactiveOpaqueTokenIntrospector introspectionClient = new NimbusReactiveOpaqueTokenIntrospector(INTROSPECTION_URL, webClient);
OAuth2AuthenticatedPrincipal authority = introspectionClient.introspect("token").block();
// @formatter:off
assertThat(authority.getAttributes()).isNotNull().containsEntry(OAuth2TokenIntrospectionClaimNames.ACTIVE, true).containsEntry(OAuth2TokenIntrospectionClaimNames.AUD, Arrays.asList("aud")).containsEntry(OAuth2TokenIntrospectionClaimNames.NBF, Instant.ofEpochSecond(29348723984L)).doesNotContainKey(OAuth2TokenIntrospectionClaimNames.CLIENT_ID).doesNotContainKey(OAuth2TokenIntrospectionClaimNames.SCOPE);
// @formatter:on
}
Also used :
JSONObject(net.minidev.json.JSONObject)
HashMap(java.util.HashMap)
OAuth2AuthenticatedPrincipal(org.springframework.security.oauth2.core.OAuth2AuthenticatedPrincipal)
JSONObject(net.minidev.json.JSONObject)
WebClient(org.springframework.web.reactive.function.client.WebClient)
Test(org.junit.jupiter.api.Test)
ParameterizedTest(org.junit.jupiter.params.ParameterizedTest)
Example 4 with OAuth2AuthenticatedPrincipal
use of org.springframework.security.oauth2.core.OAuth2AuthenticatedPrincipal in project spring-security by spring-projects.
the class OAuth2IntrospectionAuthenticatedPrincipalTests method getAttributeWhenGivenKeyThenReturnsValue.
@Test
public void getAttributeWhenGivenKeyThenReturnsValue() {
OAuth2AuthenticatedPrincipal principal = new OAuth2IntrospectionAuthenticatedPrincipal(CLAIMS, AUTHORITIES);
assertHasEqualAttribute(principal, ACTIVE_CLAIM, ACTIVE_VALUE);
assertHasEqualAttribute(principal, CLIENT_ID_CLAIM, CLIENT_ID_VALUE);
assertHasEqualAttribute(principal, USERNAME_CLAIM, USERNAME_VALUE);
assertHasEqualAttribute(principal, TOKEN_TYPE_CLAIM, TOKEN_TYPE_VALUE);
assertHasEqualAttribute(principal, EXP_CLAIM, EXP_VALUE);
assertHasEqualAttribute(principal, IAT_CLAIM, IAT_VALUE);
assertHasEqualAttribute(principal, NBF_CLAIM, NBF_VALUE);
assertHasEqualAttribute(principal, SUB_CLAIM, SUB_VALUE);
assertHasEqualAttribute(principal, AUD_CLAIM, AUD_VALUE);
assertHasEqualAttribute(principal, ISS_CLAIM, ISS_VALUE);
assertHasEqualAttribute(principal, JTI_CLAIM, JTI_VALUE);
}
Also used :
OAuth2AuthenticatedPrincipal(org.springframework.security.oauth2.core.OAuth2AuthenticatedPrincipal)
Test(org.junit.jupiter.api.Test)
Example 5 with OAuth2AuthenticatedPrincipal
use of org.springframework.security.oauth2.core.OAuth2AuthenticatedPrincipal in project spring-security by spring-projects.
the class BearerTokenAuthenticationTests method constructorWhenPassingAllAttributesThenTokenIsAuthenticated.
@Test
public void constructorWhenPassingAllAttributesThenTokenIsAuthenticated() {
OAuth2AuthenticatedPrincipal principal = new DefaultOAuth2AuthenticatedPrincipal("harris", Collections.singletonMap("claim", "value"), null);
BearerTokenAuthentication authenticated = new BearerTokenAuthentication(principal, this.token, null);
assertThat(authenticated.isAuthenticated()).isTrue();
}
Also used :
OAuth2AuthenticatedPrincipal(org.springframework.security.oauth2.core.OAuth2AuthenticatedPrincipal)
DefaultOAuth2AuthenticatedPrincipal(org.springframework.security.oauth2.core.DefaultOAuth2AuthenticatedPrincipal)
DefaultOAuth2AuthenticatedPrincipal(org.springframework.security.oauth2.core.DefaultOAuth2AuthenticatedPrincipal)
Test(org.junit.jupiter.api.Test)
Aggregations
OAuth2AuthenticatedPrincipal (org.springframework.security.oauth2.core.OAuth2AuthenticatedPrincipal)29
Test (org.junit.jupiter.api.Test)26
DefaultOAuth2AuthenticatedPrincipal (org.springframework.security.oauth2.core.DefaultOAuth2AuthenticatedPrincipal)7
HashMap (java.util.HashMap)5
ParameterizedTest (org.junit.jupiter.params.ParameterizedTest)5
GrantedAuthority (org.springframework.security.core.GrantedAuthority)5
BearerTokenAuthenticationToken (org.springframework.security.oauth2.server.resource.BearerTokenAuthenticationToken)5
JSONObject (net.minidev.json.JSONObject)4
MockWebServer (okhttp3.mockwebserver.MockWebServer)4
RequestEntity (org.springframework.http.RequestEntity)4
Authentication (org.springframework.security.core.Authentication)4
SimpleGrantedAuthority (org.springframework.security.core.authority.SimpleGrantedAuthority)4
RestOperations (org.springframework.web.client.RestOperations)4
URL (java.net.URL)3
OAuth2AccessToken (org.springframework.security.oauth2.core.OAuth2AccessToken)3
OAuth2IntrospectionAuthenticatedPrincipal (org.springframework.security.oauth2.server.resource.introspection.OAuth2IntrospectionAuthenticatedPrincipal)3
OpaqueTokenIntrospector (org.springframework.security.oauth2.server.resource.introspection.OpaqueTokenIntrospector)3
Collection (java.util.Collection)2
List (java.util.List)2
ExtendWith (org.junit.jupiter.api.extension.ExtendWith)2
