use of org.springframework.security.oauth2.core.OAuth2TokenValidator in project spring-security by spring-projects.
the class OAuth2ResourceServerBeanDefinitionParserTests method requestWhenCustomJwtValidatorFailsThenCorrespondingErrorMessage.
@Test
public void requestWhenCustomJwtValidatorFailsThenCorrespondingErrorMessage() throws Exception {
this.spring.configLocations(xml("MockJwtValidator"), xml("Jwt")).autowire();
mockRestOperations(jwks("Default"));
String token = this.token("ValidNoScopes");
OAuth2TokenValidator<Jwt> jwtValidator = this.spring.getContext().getBean(OAuth2TokenValidator.class);
OAuth2Error error = new OAuth2Error("custom-error", "custom-description", "custom-uri");
given(jwtValidator.validate(any(Jwt.class))).willReturn(OAuth2TokenValidatorResult.failure(error));
// @formatter:off
this.mvc.perform(get("/").header("Authorization", "Bearer " + token)).andExpect(status().isUnauthorized()).andExpect(header().string(HttpHeaders.WWW_AUTHENTICATE, containsString("custom-description")));
// @formatter:on
}
use of org.springframework.security.oauth2.core.OAuth2TokenValidator in project spring-security by spring-projects.
the class OidcIdTokenDecoderFactoryTests method createDecoderWhenCustomJwtValidatorFactorySetThenApplied.
@Test
public void createDecoderWhenCustomJwtValidatorFactorySetThenApplied() {
Function<ClientRegistration, OAuth2TokenValidator<Jwt>> customJwtValidatorFactory = mock(Function.class);
this.idTokenDecoderFactory.setJwtValidatorFactory(customJwtValidatorFactory);
ClientRegistration clientRegistration = this.registration.build();
given(customJwtValidatorFactory.apply(same(clientRegistration))).willReturn(new OidcIdTokenValidator(clientRegistration));
this.idTokenDecoderFactory.createDecoder(clientRegistration);
verify(customJwtValidatorFactory).apply(same(clientRegistration));
}
use of org.springframework.security.oauth2.core.OAuth2TokenValidator in project spring-security by spring-projects.
the class ReactiveOidcIdTokenDecoderFactoryTests method createDecoderWhenCustomJwtValidatorFactorySetThenApplied.
@Test
public void createDecoderWhenCustomJwtValidatorFactorySetThenApplied() {
Function<ClientRegistration, OAuth2TokenValidator<Jwt>> customJwtValidatorFactory = mock(Function.class);
this.idTokenDecoderFactory.setJwtValidatorFactory(customJwtValidatorFactory);
ClientRegistration clientRegistration = this.registration.build();
given(customJwtValidatorFactory.apply(same(clientRegistration))).willReturn(new OidcIdTokenValidator(clientRegistration));
this.idTokenDecoderFactory.createDecoder(clientRegistration);
verify(customJwtValidatorFactory).apply(same(clientRegistration));
}
use of org.springframework.security.oauth2.core.OAuth2TokenValidator in project spring-security by spring-projects.
the class NimbusJwtDecoderTests method decodeWhenJwtFailsValidationThenReturnsCorrespondingErrorMessage.
@Test
public void decodeWhenJwtFailsValidationThenReturnsCorrespondingErrorMessage() {
OAuth2Error failure = new OAuth2Error("mock-error", "mock-description", "mock-uri");
OAuth2TokenValidator<Jwt> jwtValidator = mock(OAuth2TokenValidator.class);
given(jwtValidator.validate(any(Jwt.class))).willReturn(OAuth2TokenValidatorResult.failure(failure));
this.jwtDecoder.setJwtValidator(jwtValidator);
// @formatter:off
assertThatExceptionOfType(JwtValidationException.class).isThrownBy(() -> this.jwtDecoder.decode(SIGNED_JWT)).withMessageContaining("mock-description");
// @formatter:on
}
use of org.springframework.security.oauth2.core.OAuth2TokenValidator in project spring-security by spring-projects.
the class NimbusReactiveJwtDecoderTests method decodeWhenReadingErrorPickTheFirstErrorMessage.
@Test
public void decodeWhenReadingErrorPickTheFirstErrorMessage() {
OAuth2TokenValidator<Jwt> jwtValidator = mock(OAuth2TokenValidator.class);
this.decoder.setJwtValidator(jwtValidator);
OAuth2Error errorEmpty = new OAuth2Error("mock-error", "", "mock-uri");
OAuth2Error error = new OAuth2Error("mock-error", "mock-description", "mock-uri");
OAuth2Error error2 = new OAuth2Error("mock-error-second", "mock-description-second", "mock-uri-second");
OAuth2TokenValidatorResult result = OAuth2TokenValidatorResult.failure(errorEmpty, error, error2);
given(jwtValidator.validate(any(Jwt.class))).willReturn(result);
// @formatter:off
assertThatExceptionOfType(JwtValidationException.class).isThrownBy(() -> this.decoder.decode(this.messageReadToken).block()).withMessageContaining("mock-description");
// @formatter:on
}
Aggregations