Examples with OAuth2Error org.springframework.security.oauth2.core.OAuth2Error used on opensource projects

Search in sources :

Example 26 with OAuth2Error

use of org.springframework.security.oauth2.core.OAuth2Error in project spring-security by spring-projects.

the class OidcIdTokenValidatorTests method validateIdToken.

private Collection<OAuth2Error> validateIdToken() {
    // @formatter:off
    Jwt idToken = Jwt.withTokenValue("token").issuedAt(this.issuedAt).expiresAt(this.expiresAt).headers((h) -> h.putAll(this.headers)).claims((c) -> c.putAll(this.claims)).build();
    // @formatter:on
    OidcIdTokenValidator validator = new OidcIdTokenValidator(this.registration.build());
    validator.setClockSkew(this.clockSkew);
    return validator.validate(idToken).getErrors();
}
Also used : BeforeEach(org.junit.jupiter.api.BeforeEach) Arrays(java.util.Arrays) Collection(java.util.Collection) IdTokenClaimNames(org.springframework.security.oauth2.core.oidc.IdTokenClaimNames) Assertions.assertThat(org.assertj.core.api.Assertions.assertThat) HashMap(java.util.HashMap) Instant(java.time.Instant) ClientRegistration(org.springframework.security.oauth2.client.registration.ClientRegistration) Test(org.junit.jupiter.api.Test) Duration(java.time.Duration) Map(java.util.Map) JwsAlgorithms(org.springframework.security.oauth2.jose.jws.JwsAlgorithms) Assertions.assertThatIllegalArgumentException(org.assertj.core.api.Assertions.assertThatIllegalArgumentException) OAuth2Error(org.springframework.security.oauth2.core.OAuth2Error) Jwt(org.springframework.security.oauth2.jwt.Jwt) Collections(java.util.Collections) TestClientRegistrations(org.springframework.security.oauth2.client.registration.TestClientRegistrations) Jwt(org.springframework.security.oauth2.jwt.Jwt)

Example 27 with OAuth2Error

use of org.springframework.security.oauth2.core.OAuth2Error in project spring-security by spring-projects.

the class DefaultReactiveOAuth2AuthorizedClientManagerTests method authorizeWhenOAuth2AuthorizationExceptionAndCustomFailureHandlerThenInvokeCustomFailureHandler.

@SuppressWarnings("unchecked")
@Test
public void authorizeWhenOAuth2AuthorizationExceptionAndCustomFailureHandlerThenInvokeCustomFailureHandler() {
    given(this.clientRegistrationRepository.findByRegistrationId(eq(this.clientRegistration.getRegistrationId()))).willReturn(Mono.just(this.clientRegistration));
    OAuth2AuthorizeRequest authorizeRequest = OAuth2AuthorizeRequest.withClientRegistrationId(this.clientRegistration.getRegistrationId()).principal(this.principal).build();
    OAuth2AuthorizationException exception = new OAuth2AuthorizationException(new OAuth2Error(OAuth2ErrorCodes.INVALID_GRANT, null, null));
    given(this.authorizedClientProvider.authorize(any(OAuth2AuthorizationContext.class))).willReturn(Mono.error(exception));
    PublisherProbe<Void> authorizationFailureHandlerProbe = PublisherProbe.empty();
    this.authorizedClientManager.setAuthorizationFailureHandler((client, principal, attributes) -> authorizationFailureHandlerProbe.mono());
    assertThatExceptionOfType(OAuth2AuthorizationException.class).isThrownBy(() -> this.authorizedClientManager.authorize(authorizeRequest).subscriberContext(this.context).block()).isEqualTo(exception);
    verify(this.authorizedClientProvider).authorize(this.authorizationContextCaptor.capture());
    verify(this.contextAttributesMapper).apply(eq(authorizeRequest));
    OAuth2AuthorizationContext authorizationContext = this.authorizationContextCaptor.getValue();
    assertThat(authorizationContext.getClientRegistration()).isEqualTo(this.clientRegistration);
    assertThat(authorizationContext.getAuthorizedClient()).isNull();
    assertThat(authorizationContext.getPrincipal()).isEqualTo(this.principal);
    authorizationFailureHandlerProbe.assertWasSubscribed();
    verify(this.authorizedClientRepository, never()).removeAuthorizedClient(any(), any(), any());
    verify(this.authorizedClientRepository, never()).saveAuthorizedClient(any(), any(), any());
}
Also used : OAuth2AuthorizationException(org.springframework.security.oauth2.core.OAuth2AuthorizationException) OAuth2AuthorizationContext(org.springframework.security.oauth2.client.OAuth2AuthorizationContext) OAuth2Error(org.springframework.security.oauth2.core.OAuth2Error) OAuth2AuthorizeRequest(org.springframework.security.oauth2.client.OAuth2AuthorizeRequest) Test(org.junit.jupiter.api.Test)

Example 28 with OAuth2Error

use of org.springframework.security.oauth2.core.OAuth2Error in project spring-security by spring-projects.

the class NimbusJwtDecoderTests method decodeWhenJwtFailsValidationThenReturnsCorrespondingErrorMessage.

@Test
public void decodeWhenJwtFailsValidationThenReturnsCorrespondingErrorMessage() {
    OAuth2Error failure = new OAuth2Error("mock-error", "mock-description", "mock-uri");
    OAuth2TokenValidator<Jwt> jwtValidator = mock(OAuth2TokenValidator.class);
    given(jwtValidator.validate(any(Jwt.class))).willReturn(OAuth2TokenValidatorResult.failure(failure));
    this.jwtDecoder.setJwtValidator(jwtValidator);
    // @formatter:off
    assertThatExceptionOfType(JwtValidationException.class).isThrownBy(() -> this.jwtDecoder.decode(SIGNED_JWT)).withMessageContaining("mock-description");
// @formatter:on
}
Also used : OAuth2Error(org.springframework.security.oauth2.core.OAuth2Error) Test(org.junit.jupiter.api.Test)

Example 29 with OAuth2Error

use of org.springframework.security.oauth2.core.OAuth2Error in project spring-security by spring-projects.

the class NimbusJwtDecoder method validateJwt.

private Jwt validateJwt(Jwt jwt) {
    OAuth2TokenValidatorResult result = this.jwtValidator.validate(jwt);
    if (result.hasErrors()) {
        Collection<OAuth2Error> errors = result.getErrors();
        String validationErrorString = getJwtValidationExceptionMessage(errors);
        throw new JwtValidationException(validationErrorString, errors);
    }
    return jwt;
}
Also used : OAuth2TokenValidatorResult(org.springframework.security.oauth2.core.OAuth2TokenValidatorResult) OAuth2Error(org.springframework.security.oauth2.core.OAuth2Error)

Example 30 with OAuth2Error

use of org.springframework.security.oauth2.core.OAuth2Error in project spring-security by spring-projects.

the class NimbusReactiveJwtDecoderTests method decodeWhenReadingErrorPickTheFirstErrorMessage.

@Test
public void decodeWhenReadingErrorPickTheFirstErrorMessage() {
    OAuth2TokenValidator<Jwt> jwtValidator = mock(OAuth2TokenValidator.class);
    this.decoder.setJwtValidator(jwtValidator);
    OAuth2Error errorEmpty = new OAuth2Error("mock-error", "", "mock-uri");
    OAuth2Error error = new OAuth2Error("mock-error", "mock-description", "mock-uri");
    OAuth2Error error2 = new OAuth2Error("mock-error-second", "mock-description-second", "mock-uri-second");
    OAuth2TokenValidatorResult result = OAuth2TokenValidatorResult.failure(errorEmpty, error, error2);
    given(jwtValidator.validate(any(Jwt.class))).willReturn(result);
    // @formatter:off
    assertThatExceptionOfType(JwtValidationException.class).isThrownBy(() -> this.decoder.decode(this.messageReadToken).block()).withMessageContaining("mock-description");
// @formatter:on
}
Also used : OAuth2Error(org.springframework.security.oauth2.core.OAuth2Error) OAuth2TokenValidatorResult(org.springframework.security.oauth2.core.OAuth2TokenValidatorResult) Test(org.junit.jupiter.api.Test)

Aggregations

OAuth2Error (org.springframework.security.oauth2.core.OAuth2Error)129 OAuth2AuthenticationException (org.springframework.security.oauth2.core.OAuth2AuthenticationException)54 Test (org.junit.jupiter.api.Test)53 OAuth2AuthorizationException (org.springframework.security.oauth2.core.OAuth2AuthorizationException)25 Authentication (org.springframework.security.core.Authentication)22 OAuth2AccessToken (org.springframework.security.oauth2.core.OAuth2AccessToken)18 ClientRegistration (org.springframework.security.oauth2.client.registration.ClientRegistration)17 MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)16 OAuth2AuthorizationRequest (org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest)16 Jwt (org.springframework.security.oauth2.jwt.Jwt)15 Instant (java.time.Instant)13 Map (java.util.Map)13 FilterChain (javax.servlet.FilterChain)12 OAuth2AuthorizationResponse (org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationResponse)12 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)10 OAuth2TokenValidatorResult (org.springframework.security.oauth2.core.OAuth2TokenValidatorResult)10 Assertions.assertThat (org.assertj.core.api.Assertions.assertThat)9 OAuth2AuthorizationContext (org.springframework.security.oauth2.client.OAuth2AuthorizationContext)9 ArgumentMatchers.any (org.mockito.ArgumentMatchers.any)8 BDDMockito.given (org.mockito.BDDMockito.given)8
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial