Example 11 with OAuth2AuthenticationException
use of org.springframework.security.oauth2.core.OAuth2AuthenticationException in project spring-security by spring-projects.
the class OAuth2ResourceServerSpecTests method getWhenUsingCustomAuthenticationManagerInLambdaThenUsesItAccordingly.
@Test
public void getWhenUsingCustomAuthenticationManagerInLambdaThenUsesItAccordingly() {
this.spring.register(CustomAuthenticationManagerInLambdaConfig.class).autowire();
ReactiveAuthenticationManager authenticationManager = this.spring.getContext().getBean(ReactiveAuthenticationManager.class);
given(authenticationManager.authenticate(any(Authentication.class))).willReturn(Mono.error(new OAuth2AuthenticationException(new OAuth2Error("mock-failure"))));
// @formatter:off
this.client.get().headers((headers) -> headers.setBearerAuth(this.messageReadToken)).exchange().expectStatus().isUnauthorized().expectHeader().value(HttpHeaders.WWW_AUTHENTICATE, startsWith("Bearer error=\"mock-failure\""));
// @formatter:on
}
Also used :
JwtAuthenticationConverter(org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationConverter)
Assertions.assertThat(org.assertj.core.api.Assertions.assertThat)
Autowired(org.springframework.beans.factory.annotation.Autowired)
CoreMatchers.startsWith(org.hamcrest.CoreMatchers.startsWith)
RSAPublicKey(java.security.interfaces.RSAPublicKey)
ExtendWith(org.junit.jupiter.api.extension.ExtendWith)
BDDMockito.given(org.mockito.BDDMockito.given)
RSAPublicKeySpec(java.security.spec.RSAPublicKeySpec)
MockWebServer(okhttp3.mockwebserver.MockWebServer)
ReactiveAuthenticationManager(org.springframework.security.authentication.ReactiveAuthenticationManager)
BigInteger(java.math.BigInteger)
ReactiveAuthenticationManagerResolver(org.springframework.security.authentication.ReactiveAuthenticationManagerResolver)
Jwt(org.springframework.security.oauth2.jwt.Jwt)
HttpHeaders(org.apache.http.HttpHeaders)
ReactiveJwtDecoder(org.springframework.security.oauth2.jwt.ReactiveJwtDecoder)
PostMapping(org.springframework.web.bind.annotation.PostMapping)
RecordedRequest(okhttp3.mockwebserver.RecordedRequest)
MediaType(org.springframework.http.MediaType)
OAuth2AuthenticationException(org.springframework.security.oauth2.core.OAuth2AuthenticationException)
TestJwts(org.springframework.security.oauth2.jwt.TestJwts)
PreDestroy(jakarta.annotation.PreDestroy)
Collectors(java.util.stream.Collectors)
RestController(org.springframework.web.bind.annotation.RestController)
KeyFactory(java.security.KeyFactory)
Test(org.junit.jupiter.api.Test)
Base64(java.util.Base64)
Stream(java.util.stream.Stream)
AbstractAuthenticationToken(org.springframework.security.authentication.AbstractAuthenticationToken)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
Optional(java.util.Optional)
MockResponse(okhttp3.mockwebserver.MockResponse)
Authentication(org.springframework.security.core.Authentication)
Mockito.mock(org.mockito.Mockito.mock)
ArgumentMatchers.any(org.mockito.ArgumentMatchers.any)
ReactiveJwtAuthenticationConverterAdapter(org.springframework.security.oauth2.server.resource.authentication.ReactiveJwtAuthenticationConverterAdapter)
InvalidKeySpecException(java.security.spec.InvalidKeySpecException)
ReactiveJwtAuthenticationConverter(org.springframework.security.oauth2.server.resource.authentication.ReactiveJwtAuthenticationConverter)
SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority)
DispatcherHandler(org.springframework.web.reactive.DispatcherHandler)
ServerWebExchange(org.springframework.web.server.ServerWebExchange)
Value(org.springframework.beans.factory.annotation.Value)
ServerAuthenticationConverter(org.springframework.security.web.server.authentication.ServerAuthenticationConverter)
WebTestClient(org.springframework.test.web.reactive.server.WebTestClient)
EnableWebFlux(org.springframework.web.reactive.config.EnableWebFlux)
Dispatcher(okhttp3.mockwebserver.Dispatcher)
BeanCreationException(org.springframework.beans.factory.BeanCreationException)
EnableWebFluxSecurity(org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity)
Assertions.assertThatExceptionOfType(org.assertj.core.api.Assertions.assertThatExceptionOfType)
GetMapping(org.springframework.web.bind.annotation.GetMapping)
NoUniqueBeanDefinitionException(org.springframework.beans.factory.NoUniqueBeanDefinitionException)
Converter(org.springframework.core.convert.converter.Converter)
IOException(java.io.IOException)
Mono(reactor.core.publisher.Mono)
ApplicationContext(org.springframework.context.ApplicationContext)
Mockito.verify(org.mockito.Mockito.verify)
HttpStatus(org.springframework.http.HttpStatus)
SecurityWebFilterChain(org.springframework.security.web.server.SecurityWebFilterChain)
HttpStatusServerEntryPoint(org.springframework.security.web.server.authentication.HttpStatusServerEntryPoint)
SpringTestContext(org.springframework.security.config.test.SpringTestContext)
NoSuchBeanDefinitionException(org.springframework.beans.factory.NoSuchBeanDefinitionException)
HttpStatusServerAccessDeniedHandler(org.springframework.security.web.server.authorization.HttpStatusServerAccessDeniedHandler)
GenericWebApplicationContext(org.springframework.web.context.support.GenericWebApplicationContext)
SpringTestContextExtension(org.springframework.security.config.test.SpringTestContextExtension)
OAuth2Error(org.springframework.security.oauth2.core.OAuth2Error)
Bean(org.springframework.context.annotation.Bean)
BearerTokenAuthenticationToken(org.springframework.security.oauth2.server.resource.BearerTokenAuthenticationToken)
ArgumentMatchers.anyString(org.mockito.ArgumentMatchers.anyString)
ReactiveAuthenticationManager(org.springframework.security.authentication.ReactiveAuthenticationManager)
Authentication(org.springframework.security.core.Authentication)
OAuth2Error(org.springframework.security.oauth2.core.OAuth2Error)
OAuth2AuthenticationException(org.springframework.security.oauth2.core.OAuth2AuthenticationException)
Test(org.junit.jupiter.api.Test)
Example 12 with OAuth2AuthenticationException
use of org.springframework.security.oauth2.core.OAuth2AuthenticationException in project spring-security by spring-projects.
the class OAuth2AuthenticationExceptionMixinTests method deserializeWhenRequiredAttributesOnlyThenDeserializes.
@Test
public void deserializeWhenRequiredAttributesOnlyThenDeserializes() throws Exception {
OAuth2AuthenticationException expected = new OAuth2AuthenticationException(new OAuth2Error("[authorization_request_not_found]"));
OAuth2AuthenticationException exception = this.mapper.readValue(asJson(expected), OAuth2AuthenticationException.class);
assertThat(exception).isNotNull();
assertThat(exception.getCause()).isNull();
assertThat(exception.getMessage()).isNull();
OAuth2Error oauth2Error = exception.getError();
assertThat(oauth2Error).isNotNull();
assertThat(oauth2Error.getErrorCode()).isEqualTo(expected.getError().getErrorCode());
assertThat(oauth2Error.getDescription()).isNull();
assertThat(oauth2Error.getUri()).isNull();
}
Also used :
OAuth2Error(org.springframework.security.oauth2.core.OAuth2Error)
OAuth2AuthenticationException(org.springframework.security.oauth2.core.OAuth2AuthenticationException)
Test(org.junit.jupiter.api.Test)
Example 13 with OAuth2AuthenticationException
use of org.springframework.security.oauth2.core.OAuth2AuthenticationException in project spring-security by spring-projects.
the class OAuth2AuthenticationExceptionMixinTests method serializeWhenRequiredAttributesOnlyThenSerializes.
@Test
public void serializeWhenRequiredAttributesOnlyThenSerializes() throws Exception {
OAuth2AuthenticationException exception = new OAuth2AuthenticationException(new OAuth2Error("[authorization_request_not_found]"));
String serializedJson = this.mapper.writeValueAsString(exception);
String expected = asJson(exception);
JSONAssert.assertEquals(expected, serializedJson, true);
}
Also used :
OAuth2Error(org.springframework.security.oauth2.core.OAuth2Error)
OAuth2AuthenticationException(org.springframework.security.oauth2.core.OAuth2AuthenticationException)
Test(org.junit.jupiter.api.Test)
Example 14 with OAuth2AuthenticationException
use of org.springframework.security.oauth2.core.OAuth2AuthenticationException in project spring-security by spring-projects.
the class OAuth2AuthenticationExceptionMixinTests method serializeWhenMixinRegisteredThenSerializes.
@Test
public void serializeWhenMixinRegisteredThenSerializes() throws Exception {
OAuth2AuthenticationException exception = new OAuth2AuthenticationException(new OAuth2Error("[authorization_request_not_found]", "Authorization Request Not Found", "/foo/bar"), "Authorization Request Not Found");
String serializedJson = this.mapper.writeValueAsString(exception);
String expected = asJson(exception);
JSONAssert.assertEquals(expected, serializedJson, true);
}
Also used :
OAuth2Error(org.springframework.security.oauth2.core.OAuth2Error)
OAuth2AuthenticationException(org.springframework.security.oauth2.core.OAuth2AuthenticationException)
Test(org.junit.jupiter.api.Test)
Example 15 with OAuth2AuthenticationException
use of org.springframework.security.oauth2.core.OAuth2AuthenticationException in project spring-security by spring-projects.
the class OAuth2AuthenticationExceptionMixinTests method deserializeWhenMixinNotRegisteredThenThrowJsonProcessingException.
@Test
public void deserializeWhenMixinNotRegisteredThenThrowJsonProcessingException() {
String json = asJson(new OAuth2AuthenticationException(new OAuth2Error("[authorization_request_not_found]")));
assertThatExceptionOfType(JsonProcessingException.class).isThrownBy(() -> new ObjectMapper().readValue(json, OAuth2AuthenticationException.class));
}
Also used :
OAuth2Error(org.springframework.security.oauth2.core.OAuth2Error)
OAuth2AuthenticationException(org.springframework.security.oauth2.core.OAuth2AuthenticationException)
JsonProcessingException(com.fasterxml.jackson.core.JsonProcessingException)
ObjectMapper(com.fasterxml.jackson.databind.ObjectMapper)
Test(org.junit.jupiter.api.Test)
Aggregations
OAuth2AuthenticationException (org.springframework.security.oauth2.core.OAuth2AuthenticationException)54
OAuth2Error (org.springframework.security.oauth2.core.OAuth2Error)31
Test (org.junit.jupiter.api.Test)27
BearerTokenError (org.springframework.security.oauth2.server.resource.BearerTokenError)21
MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)10
MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)10
OAuth2AccessToken (org.springframework.security.oauth2.core.OAuth2AccessToken)9
SimpleGrantedAuthority (org.springframework.security.core.authority.SimpleGrantedAuthority)8
ClientRegistration (org.springframework.security.oauth2.client.registration.ClientRegistration)8
OAuth2AuthorizationRequest (org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest)7
OAuth2AuthorizationResponse (org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationResponse)7
OAuth2User (org.springframework.security.oauth2.core.user.OAuth2User)7
Map (java.util.Map)6
Authentication (org.springframework.security.core.Authentication)6
AuthenticationException (org.springframework.security.core.AuthenticationException)6
GrantedAuthority (org.springframework.security.core.GrantedAuthority)6
OAuth2LoginAuthenticationToken (org.springframework.security.oauth2.client.authentication.OAuth2LoginAuthenticationToken)6
Mono (reactor.core.publisher.Mono)6
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)5
Base64 (java.util.Base64)5
