Search in sources :

Example 11 with OAuth2Error

use of org.springframework.security.oauth2.core.OAuth2Error in project spring-security by spring-projects.

the class AuthorizedClientServiceReactiveOAuth2AuthorizedClientManagerTests method authorizeWhenInvalidTokenThenRemoveAuthorizedClient.

@Test
public void authorizeWhenInvalidTokenThenRemoveAuthorizedClient() {
    given(this.clientRegistrationRepository.findByRegistrationId(eq(this.clientRegistration.getRegistrationId()))).willReturn(Mono.just(this.clientRegistration));
    given(this.authorizedClientService.loadAuthorizedClient(any(), any())).willReturn(Mono.empty());
    // @formatter:off
    OAuth2AuthorizeRequest authorizeRequest = OAuth2AuthorizeRequest.withClientRegistrationId(this.clientRegistration.getRegistrationId()).principal(this.principal).build();
    // @formatter:on
    ClientAuthorizationException exception = new ClientAuthorizationException(new OAuth2Error(OAuth2ErrorCodes.INVALID_TOKEN, null, null), this.clientRegistration.getRegistrationId());
    given(this.authorizedClientProvider.authorize(any(OAuth2AuthorizationContext.class))).willReturn(Mono.error(exception));
    assertThatExceptionOfType(ClientAuthorizationException.class).isThrownBy(() -> this.authorizedClientManager.authorize(authorizeRequest).block()).isEqualTo(exception);
    verify(this.authorizedClientProvider).authorize(this.authorizationContextCaptor.capture());
    verify(this.contextAttributesMapper).apply(eq(authorizeRequest));
    OAuth2AuthorizationContext authorizationContext = this.authorizationContextCaptor.getValue();
    assertThat(authorizationContext.getClientRegistration()).isEqualTo(this.clientRegistration);
    assertThat(authorizationContext.getAuthorizedClient()).isNull();
    assertThat(authorizationContext.getPrincipal()).isEqualTo(this.principal);
    verify(this.authorizedClientService).removeAuthorizedClient(eq(this.clientRegistration.getRegistrationId()), eq(this.principal.getName()));
    this.removeAuthorizedClientProbe.assertWasSubscribed();
    verify(this.authorizedClientService, never()).saveAuthorizedClient(any(), any());
}
Also used : OAuth2Error(org.springframework.security.oauth2.core.OAuth2Error) Test(org.junit.jupiter.api.Test)

Example 12 with OAuth2Error

use of org.springframework.security.oauth2.core.OAuth2Error in project spring-security by spring-projects.

the class AuthorizedClientServiceReactiveOAuth2AuthorizedClientManagerTests method authorizeWhenOAuth2AuthorizationExceptionThenDoNotRemoveAuthorizedClient.

@Test
public void authorizeWhenOAuth2AuthorizationExceptionThenDoNotRemoveAuthorizedClient() {
    given(this.clientRegistrationRepository.findByRegistrationId(eq(this.clientRegistration.getRegistrationId()))).willReturn(Mono.just(this.clientRegistration));
    given(this.authorizedClientService.loadAuthorizedClient(any(), any())).willReturn(Mono.empty());
    // @formatter:off
    OAuth2AuthorizeRequest authorizeRequest = OAuth2AuthorizeRequest.withClientRegistrationId(this.clientRegistration.getRegistrationId()).principal(this.principal).build();
    // @formatter:on
    OAuth2AuthorizationException exception = new OAuth2AuthorizationException(new OAuth2Error(OAuth2ErrorCodes.INVALID_GRANT, null, null));
    given(this.authorizedClientProvider.authorize(any(OAuth2AuthorizationContext.class))).willReturn(Mono.error(exception));
    assertThatExceptionOfType(OAuth2AuthorizationException.class).isThrownBy(() -> this.authorizedClientManager.authorize(authorizeRequest).block()).isEqualTo(exception);
    verify(this.authorizedClientProvider).authorize(this.authorizationContextCaptor.capture());
    verify(this.contextAttributesMapper).apply(eq(authorizeRequest));
    OAuth2AuthorizationContext authorizationContext = this.authorizationContextCaptor.getValue();
    assertThat(authorizationContext.getClientRegistration()).isEqualTo(this.clientRegistration);
    assertThat(authorizationContext.getAuthorizedClient()).isNull();
    assertThat(authorizationContext.getPrincipal()).isEqualTo(this.principal);
    verify(this.authorizedClientService, never()).removeAuthorizedClient(any(), any());
    verify(this.authorizedClientService, never()).saveAuthorizedClient(any(), any());
}
Also used : OAuth2AuthorizationException(org.springframework.security.oauth2.core.OAuth2AuthorizationException) OAuth2Error(org.springframework.security.oauth2.core.OAuth2Error) Test(org.junit.jupiter.api.Test)

Example 13 with OAuth2Error

use of org.springframework.security.oauth2.core.OAuth2Error in project spring-security by spring-projects.

the class JwtBearerReactiveOAuth2AuthorizedClientProviderTests method authorizeWhenInvalidRequestThenThrowClientAuthorizationException.

@Test
public void authorizeWhenInvalidRequestThenThrowClientAuthorizationException() {
    given(this.accessTokenResponseClient.getTokenResponse(any())).willReturn(Mono.error(new OAuth2AuthorizationException(new OAuth2Error(OAuth2ErrorCodes.INVALID_REQUEST))));
    // @formatter:off
    OAuth2AuthorizationContext authorizationContext = OAuth2AuthorizationContext.withClientRegistration(this.clientRegistration).principal(this.principal).build();
    // @formatter:on
    // @formatter:off
    assertThatExceptionOfType(ClientAuthorizationException.class).isThrownBy(() -> this.authorizedClientProvider.authorize(authorizationContext).block()).withMessageContaining(OAuth2ErrorCodes.INVALID_REQUEST);
// @formatter:on
}
Also used : OAuth2AuthorizationException(org.springframework.security.oauth2.core.OAuth2AuthorizationException) OAuth2Error(org.springframework.security.oauth2.core.OAuth2Error) Test(org.junit.jupiter.api.Test)

Example 14 with OAuth2Error

use of org.springframework.security.oauth2.core.OAuth2Error in project spring-security by spring-projects.

the class AuthorizedClientServiceOAuth2AuthorizedClientManagerTests method reauthorizeWhenErrorCodeDoesNotMatchThenDoNotRemoveAuthorizedClient.

@Test
public void reauthorizeWhenErrorCodeDoesNotMatchThenDoNotRemoveAuthorizedClient() {
    ClientAuthorizationException authorizationException = new ClientAuthorizationException(new OAuth2Error("non-matching-error-code", null, null), this.clientRegistration.getRegistrationId());
    given(this.authorizedClientProvider.authorize(any(OAuth2AuthorizationContext.class))).willThrow(authorizationException);
    // @formatter:off
    OAuth2AuthorizeRequest reauthorizeRequest = OAuth2AuthorizeRequest.withAuthorizedClient(this.authorizedClient).principal(this.principal).build();
    assertThatExceptionOfType(ClientAuthorizationException.class).isThrownBy(() -> this.authorizedClientManager.authorize(reauthorizeRequest)).isEqualTo(authorizationException);
    // @formatter:on
    verify(this.authorizationFailureHandler).onAuthorizationFailure(eq(authorizationException), eq(this.principal), any());
    verifyNoInteractions(this.authorizedClientService);
}
Also used : OAuth2Error(org.springframework.security.oauth2.core.OAuth2Error) Test(org.junit.jupiter.api.Test)

Example 15 with OAuth2Error

use of org.springframework.security.oauth2.core.OAuth2Error in project spring-security by spring-projects.

the class OAuth2ErrorHttpMessageConverterTests method writeInternalWhenConversionFailsThenThrowHttpMessageNotWritableException.

@Test
public void writeInternalWhenConversionFailsThenThrowHttpMessageNotWritableException() {
    Converter errorParametersConverter = mock(Converter.class);
    given(errorParametersConverter.convert(any())).willThrow(RuntimeException.class);
    this.messageConverter.setErrorParametersConverter(errorParametersConverter);
    OAuth2Error oauth2Error = new OAuth2Error("unauthorized_client", "The client is not authorized", "https://tools.ietf.org/html/rfc6749#section-5.2");
    MockHttpOutputMessage outputMessage = new MockHttpOutputMessage();
    assertThatExceptionOfType(HttpMessageNotWritableException.class).isThrownBy(() -> this.messageConverter.writeInternal(oauth2Error, outputMessage)).withMessageContaining("An error occurred writing the OAuth 2.0 Error");
}
Also used : MockHttpOutputMessage(org.springframework.mock.http.MockHttpOutputMessage) Converter(org.springframework.core.convert.converter.Converter) OAuth2Error(org.springframework.security.oauth2.core.OAuth2Error) Test(org.junit.jupiter.api.Test)

Aggregations

OAuth2Error (org.springframework.security.oauth2.core.OAuth2Error)89 Test (org.junit.jupiter.api.Test)52 OAuth2AuthenticationException (org.springframework.security.oauth2.core.OAuth2AuthenticationException)32 OAuth2AuthorizationException (org.springframework.security.oauth2.core.OAuth2AuthorizationException)21 ClientRegistration (org.springframework.security.oauth2.client.registration.ClientRegistration)16 Authentication (org.springframework.security.core.Authentication)15 OAuth2AuthorizationRequest (org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest)12 Map (java.util.Map)11 OAuth2AuthorizationResponse (org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationResponse)11 Jwt (org.springframework.security.oauth2.jwt.Jwt)11 OAuth2AccessToken (org.springframework.security.oauth2.core.OAuth2AccessToken)10 OAuth2TokenValidatorResult (org.springframework.security.oauth2.core.OAuth2TokenValidatorResult)10 Instant (java.time.Instant)9 Assertions.assertThat (org.assertj.core.api.Assertions.assertThat)9 OAuth2AuthorizationContext (org.springframework.security.oauth2.client.OAuth2AuthorizationContext)9 ArgumentMatchers.any (org.mockito.ArgumentMatchers.any)8 BDDMockito.given (org.mockito.BDDMockito.given)8 Mockito.mock (org.mockito.Mockito.mock)8 Mockito.verify (org.mockito.Mockito.verify)8 Mono (reactor.core.publisher.Mono)8