Examples with OAuth2AuthenticatedPrincipal org.springframework.security.oauth2.core.OAuth2AuthenticatedPrincipal used on opensource projects

Search in sources :

Example 6 with OAuth2AuthenticatedPrincipal

use of org.springframework.security.oauth2.core.OAuth2AuthenticatedPrincipal in project spring-security by spring-projects.

the class SecurityMockServerConfigurerOpaqueTokenTests method mockOpaqueTokenWhenPrincipalSpecifiedThenLastCalledTakesPrecedence.

@Test
public void mockOpaqueTokenWhenPrincipalSpecifiedThenLastCalledTakesPrecedence() {
    OAuth2AuthenticatedPrincipal principal = TestOAuth2AuthenticatedPrincipals.active((a) -> a.put("scope", "user"));
    this.client.mutateWith(SecurityMockServerConfigurers.mockOpaqueToken().attributes((a) -> a.put(OAuth2TokenIntrospectionClaimNames.SUB, "foo")).principal(principal)).get().exchange().expectStatus().isOk();
    SecurityContext context = this.securityContextController.removeSecurityContext();
    assertThat(context.getAuthentication()).isInstanceOf(BearerTokenAuthentication.class);
    BearerTokenAuthentication token = (BearerTokenAuthentication) context.getAuthentication();
    assertThat((String) ((OAuth2AuthenticatedPrincipal) token.getPrincipal()).getAttribute(OAuth2TokenIntrospectionClaimNames.SUB)).isEqualTo(principal.getAttribute(OAuth2TokenIntrospectionClaimNames.SUB));
    this.client.mutateWith(SecurityMockServerConfigurers.mockOpaqueToken().principal(principal).attributes((a) -> a.put(OAuth2TokenIntrospectionClaimNames.SUB, "bar"))).get().exchange().expectStatus().isOk();
    context = this.securityContextController.removeSecurityContext();
    assertThat(context.getAuthentication()).isInstanceOf(BearerTokenAuthentication.class);
    token = (BearerTokenAuthentication) context.getAuthentication();
    assertThat((String) ((OAuth2AuthenticatedPrincipal) token.getPrincipal()).getAttribute(OAuth2TokenIntrospectionClaimNames.SUB)).isEqualTo("bar");
}
Also used : MockitoExtension(org.mockito.junit.jupiter.MockitoExtension) BearerTokenAuthentication(org.springframework.security.oauth2.server.resource.authentication.BearerTokenAuthentication) HttpHeaders(org.springframework.http.HttpHeaders) CurrentSecurityContextArgumentResolver(org.springframework.security.web.reactive.result.method.annotation.CurrentSecurityContextArgumentResolver) MediaType(org.springframework.http.MediaType) OAuth2AuthenticatedPrincipal(org.springframework.security.oauth2.core.OAuth2AuthenticatedPrincipal) Assertions.assertThat(org.assertj.core.api.Assertions.assertThat) SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority) TestOAuth2AuthenticatedPrincipals(org.springframework.security.oauth2.core.TestOAuth2AuthenticatedPrincipals) GrantedAuthority(org.springframework.security.core.GrantedAuthority) OAuth2TokenIntrospectionClaimNames(org.springframework.security.oauth2.core.OAuth2TokenIntrospectionClaimNames) Test(org.junit.jupiter.api.Test) WebTestClient(org.springframework.test.web.reactive.server.WebTestClient) List(java.util.List) ExtendWith(org.junit.jupiter.api.extension.ExtendWith) SecurityContext(org.springframework.security.core.context.SecurityContext) SecurityContextServerWebExchangeWebFilter(org.springframework.security.web.server.context.SecurityContextServerWebExchangeWebFilter) ReactiveAdapterRegistry(org.springframework.core.ReactiveAdapterRegistry) OAuth2AuthenticatedPrincipal(org.springframework.security.oauth2.core.OAuth2AuthenticatedPrincipal) SecurityContext(org.springframework.security.core.context.SecurityContext) BearerTokenAuthentication(org.springframework.security.oauth2.server.resource.authentication.BearerTokenAuthentication) Test(org.junit.jupiter.api.Test)

Example 7 with OAuth2AuthenticatedPrincipal

use of org.springframework.security.oauth2.core.OAuth2AuthenticatedPrincipal in project spring-security by spring-projects.

the class OpaqueTokenAuthenticationProvider method authenticate.

/**
 * Introspect and validate the opaque
 * <a href="https://tools.ietf.org/html/rfc6750#section-1.2" target="_blank">Bearer
 * Token</a>.
 * @param authentication the authentication request object.
 * @return A successful authentication
 * @throws AuthenticationException if authentication failed for some reason
 */
@Override
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
    if (!(authentication instanceof BearerTokenAuthenticationToken)) {
        return null;
    }
    BearerTokenAuthenticationToken bearer = (BearerTokenAuthenticationToken) authentication;
    OAuth2AuthenticatedPrincipal principal = getOAuth2AuthenticatedPrincipal(bearer);
    AbstractAuthenticationToken result = convert(principal, bearer.getToken());
    result.setDetails(bearer.getDetails());
    this.logger.debug("Authenticated token");
    return result;
}
Also used : AbstractAuthenticationToken(org.springframework.security.authentication.AbstractAuthenticationToken) OAuth2AuthenticatedPrincipal(org.springframework.security.oauth2.core.OAuth2AuthenticatedPrincipal) BearerTokenAuthenticationToken(org.springframework.security.oauth2.server.resource.BearerTokenAuthenticationToken)

Example 8 with OAuth2AuthenticatedPrincipal

use of org.springframework.security.oauth2.core.OAuth2AuthenticatedPrincipal in project spring-security by spring-projects.

the class SpringOpaqueTokenIntrospectorTests method introspectWhenActiveTokenThenParsesValuesInResponse.

@Test
public void introspectWhenActiveTokenThenParsesValuesInResponse() {
    Map<String, Object> introspectedValues = new HashMap<>();
    introspectedValues.put(OAuth2TokenIntrospectionClaimNames.ACTIVE, true);
    introspectedValues.put(OAuth2TokenIntrospectionClaimNames.AUD, Arrays.asList("aud"));
    introspectedValues.put(OAuth2TokenIntrospectionClaimNames.NBF, 29348723984L);
    RestOperations restOperations = mock(RestOperations.class);
    OpaqueTokenIntrospector introspectionClient = new SpringOpaqueTokenIntrospector(INTROSPECTION_URL, restOperations);
    given(restOperations.exchange(any(RequestEntity.class), eq(STRING_OBJECT_MAP))).willReturn(response(introspectedValues));
    OAuth2AuthenticatedPrincipal authority = introspectionClient.introspect("token");
    // @formatter:off
    assertThat(authority.getAttributes()).isNotNull().containsEntry(OAuth2TokenIntrospectionClaimNames.ACTIVE, true).containsEntry(OAuth2TokenIntrospectionClaimNames.AUD, Arrays.asList("aud")).containsEntry(OAuth2TokenIntrospectionClaimNames.NBF, Instant.ofEpochSecond(29348723984L)).doesNotContainKey(OAuth2TokenIntrospectionClaimNames.CLIENT_ID).doesNotContainKey(OAuth2TokenIntrospectionClaimNames.SCOPE);
// @formatter:on
}
Also used : HashMap(java.util.HashMap) OAuth2AuthenticatedPrincipal(org.springframework.security.oauth2.core.OAuth2AuthenticatedPrincipal) RestOperations(org.springframework.web.client.RestOperations) RequestEntity(org.springframework.http.RequestEntity) Test(org.junit.jupiter.api.Test)

Example 9 with OAuth2AuthenticatedPrincipal

use of org.springframework.security.oauth2.core.OAuth2AuthenticatedPrincipal in project spring-security by spring-projects.

the class SpringOpaqueTokenIntrospectorTests method introspectWhenIntrospectionTokenReturnsMalformedScopeThenEmptyAuthorities.

// gh-7563
@Test
public void introspectWhenIntrospectionTokenReturnsMalformedScopeThenEmptyAuthorities() {
    RestOperations restOperations = mock(RestOperations.class);
    OpaqueTokenIntrospector introspectionClient = new SpringOpaqueTokenIntrospector(INTROSPECTION_URL, restOperations);
    given(restOperations.exchange(any(RequestEntity.class), eq(STRING_OBJECT_MAP))).willReturn(MALFORMED_SCOPE);
    OAuth2AuthenticatedPrincipal principal = introspectionClient.introspect("token");
    assertThat(principal.getAuthorities()).isEmpty();
    Collection<String> scope = principal.getAttribute("scope");
    assertThat(scope).containsExactly("read", "write", "dolphin");
}
Also used : OAuth2AuthenticatedPrincipal(org.springframework.security.oauth2.core.OAuth2AuthenticatedPrincipal) RestOperations(org.springframework.web.client.RestOperations) RequestEntity(org.springframework.http.RequestEntity) Test(org.junit.jupiter.api.Test)

Example 10 with OAuth2AuthenticatedPrincipal

use of org.springframework.security.oauth2.core.OAuth2AuthenticatedPrincipal in project spring-security by spring-projects.

the class SecurityMockServerConfigurerOpaqueTokenTests method mockOpaqueTokenWhenPrincipalThenBearerTokenAuthentication.

@Test
public void mockOpaqueTokenWhenPrincipalThenBearerTokenAuthentication() {
    OAuth2AuthenticatedPrincipal principal = TestOAuth2AuthenticatedPrincipals.active();
    this.client.mutateWith(SecurityMockServerConfigurers.mockOpaqueToken().principal(principal)).get().exchange().expectStatus().isOk();
    SecurityContext context = this.securityContextController.removeSecurityContext();
    assertThat(context.getAuthentication()).isInstanceOf(BearerTokenAuthentication.class);
    BearerTokenAuthentication token = (BearerTokenAuthentication) context.getAuthentication();
    assertThat(token.getPrincipal()).isSameAs(principal);
}
Also used : OAuth2AuthenticatedPrincipal(org.springframework.security.oauth2.core.OAuth2AuthenticatedPrincipal) SecurityContext(org.springframework.security.core.context.SecurityContext) BearerTokenAuthentication(org.springframework.security.oauth2.server.resource.authentication.BearerTokenAuthentication) Test(org.junit.jupiter.api.Test)

Aggregations

OAuth2AuthenticatedPrincipal (org.springframework.security.oauth2.core.OAuth2AuthenticatedPrincipal)29 Test (org.junit.jupiter.api.Test)26 DefaultOAuth2AuthenticatedPrincipal (org.springframework.security.oauth2.core.DefaultOAuth2AuthenticatedPrincipal)7 HashMap (java.util.HashMap)5 ParameterizedTest (org.junit.jupiter.params.ParameterizedTest)5 GrantedAuthority (org.springframework.security.core.GrantedAuthority)5 BearerTokenAuthenticationToken (org.springframework.security.oauth2.server.resource.BearerTokenAuthenticationToken)5 JSONObject (net.minidev.json.JSONObject)4 MockWebServer (okhttp3.mockwebserver.MockWebServer)4 RequestEntity (org.springframework.http.RequestEntity)4 Authentication (org.springframework.security.core.Authentication)4 SimpleGrantedAuthority (org.springframework.security.core.authority.SimpleGrantedAuthority)4 RestOperations (org.springframework.web.client.RestOperations)4 URL (java.net.URL)3 OAuth2AccessToken (org.springframework.security.oauth2.core.OAuth2AccessToken)3 OAuth2IntrospectionAuthenticatedPrincipal (org.springframework.security.oauth2.server.resource.introspection.OAuth2IntrospectionAuthenticatedPrincipal)3 OpaqueTokenIntrospector (org.springframework.security.oauth2.server.resource.introspection.OpaqueTokenIntrospector)3 Collection (java.util.Collection)2 List (java.util.List)2 ExtendWith (org.junit.jupiter.api.extension.ExtendWith)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial