Search in sources :

Example 16 with OAuth2TokenValidator

use of org.springframework.security.oauth2.core.OAuth2TokenValidator in project spring-security by spring-projects.

the class NimbusJwtDecoderTests method decodeWhenReadingErrorPickTheFirstErrorMessage.

@Test
public void decodeWhenReadingErrorPickTheFirstErrorMessage() {
    OAuth2TokenValidator<Jwt> jwtValidator = mock(OAuth2TokenValidator.class);
    this.jwtDecoder.setJwtValidator(jwtValidator);
    OAuth2Error errorEmpty = new OAuth2Error("mock-error", "", "mock-uri");
    OAuth2Error error = new OAuth2Error("mock-error", "mock-description", "mock-uri");
    OAuth2Error error2 = new OAuth2Error("mock-error-second", "mock-description-second", "mock-uri-second");
    OAuth2TokenValidatorResult result = OAuth2TokenValidatorResult.failure(errorEmpty, error, error2);
    given(jwtValidator.validate(any(Jwt.class))).willReturn(result);
    // @formatter:off
    assertThatExceptionOfType(JwtValidationException.class).isThrownBy(() -> this.jwtDecoder.decode(SIGNED_JWT)).withMessageContaining("mock-description");
// @formatter:on
}
Also used : OAuth2Error(org.springframework.security.oauth2.core.OAuth2Error) OAuth2TokenValidatorResult(org.springframework.security.oauth2.core.OAuth2TokenValidatorResult) Test(org.junit.jupiter.api.Test)

Example 17 with OAuth2TokenValidator

use of org.springframework.security.oauth2.core.OAuth2TokenValidator in project spring-security by spring-projects.

the class NimbusJwtDecoderTests method decodeWhenJwtValidationHasTwoErrorsThenJwtExceptionMessageShowsFirstError.

@Test
public void decodeWhenJwtValidationHasTwoErrorsThenJwtExceptionMessageShowsFirstError() {
    OAuth2Error firstFailure = new OAuth2Error("mock-error", "mock-description", "mock-uri");
    OAuth2Error secondFailure = new OAuth2Error("another-error", "another-description", "another-uri");
    OAuth2TokenValidatorResult result = OAuth2TokenValidatorResult.failure(firstFailure, secondFailure);
    OAuth2TokenValidator<Jwt> jwtValidator = mock(OAuth2TokenValidator.class);
    given(jwtValidator.validate(any(Jwt.class))).willReturn(result);
    this.jwtDecoder.setJwtValidator(jwtValidator);
    // @formatter:off
    assertThatExceptionOfType(JwtValidationException.class).isThrownBy(() -> this.jwtDecoder.decode(SIGNED_JWT)).withMessageContaining("mock-description").satisfies((ex) -> assertThat(ex).hasFieldOrPropertyWithValue("errors", Arrays.asList(firstFailure, secondFailure)));
// @formatter:on
}
Also used : OAuth2Error(org.springframework.security.oauth2.core.OAuth2Error) OAuth2TokenValidatorResult(org.springframework.security.oauth2.core.OAuth2TokenValidatorResult) Test(org.junit.jupiter.api.Test)

Example 18 with OAuth2TokenValidator

use of org.springframework.security.oauth2.core.OAuth2TokenValidator in project spring-security by spring-projects.

the class NimbusReactiveJwtDecoderTests method decodeWhenUsingCustomValidatorThenValidatorIsInvoked.

@Test
public void decodeWhenUsingCustomValidatorThenValidatorIsInvoked() {
    OAuth2TokenValidator jwtValidator = mock(OAuth2TokenValidator.class);
    this.decoder.setJwtValidator(jwtValidator);
    OAuth2Error error = new OAuth2Error("mock-error", "mock-description", "mock-uri");
    OAuth2TokenValidatorResult result = OAuth2TokenValidatorResult.failure(error);
    given(jwtValidator.validate(any(Jwt.class))).willReturn(result);
    // @formatter:off
    assertThatExceptionOfType(JwtValidationException.class).isThrownBy(() -> this.decoder.decode(this.messageReadToken).block()).withMessageContaining("mock-description");
// @formatter:on
}
Also used : OAuth2TokenValidator(org.springframework.security.oauth2.core.OAuth2TokenValidator) OAuth2Error(org.springframework.security.oauth2.core.OAuth2Error) OAuth2TokenValidatorResult(org.springframework.security.oauth2.core.OAuth2TokenValidatorResult) Test(org.junit.jupiter.api.Test)

Example 19 with OAuth2TokenValidator

use of org.springframework.security.oauth2.core.OAuth2TokenValidator in project spring-security by spring-projects.

the class NimbusJwtDecoderJwkSupportTests method decodeWhenJwtValidationHasTwoErrorsThenJwtExceptionMessageShowsFirstError.

@Test
public void decodeWhenJwtValidationHasTwoErrorsThenJwtExceptionMessageShowsFirstError() throws Exception {
    try (MockWebServer server = new MockWebServer()) {
        server.enqueue(new MockResponse().setBody(JWK_SET));
        String jwkSetUrl = server.url("/.well-known/jwks.json").toString();
        NimbusJwtDecoderJwkSupport decoder = new NimbusJwtDecoderJwkSupport(jwkSetUrl);
        OAuth2Error firstFailure = new OAuth2Error("mock-error", "mock-description", "mock-uri");
        OAuth2Error secondFailure = new OAuth2Error("another-error", "another-description", "another-uri");
        OAuth2TokenValidatorResult result = OAuth2TokenValidatorResult.failure(firstFailure, secondFailure);
        OAuth2TokenValidator<Jwt> jwtValidator = mock(OAuth2TokenValidator.class);
        given(jwtValidator.validate(any(Jwt.class))).willReturn(result);
        decoder.setJwtValidator(jwtValidator);
        // @formatter:off
        assertThatExceptionOfType(JwtValidationException.class).isThrownBy(() -> decoder.decode(SIGNED_JWT)).withMessageContaining("mock-description").satisfies((ex) -> assertThat(ex).hasFieldOrPropertyWithValue("errors", Arrays.asList(firstFailure, secondFailure)));
    // @formatter:on
    }
}
Also used : MockResponse(okhttp3.mockwebserver.MockResponse) MockWebServer(okhttp3.mockwebserver.MockWebServer) OAuth2Error(org.springframework.security.oauth2.core.OAuth2Error) OAuth2TokenValidatorResult(org.springframework.security.oauth2.core.OAuth2TokenValidatorResult) Test(org.junit.jupiter.api.Test)

Example 20 with OAuth2TokenValidator

use of org.springframework.security.oauth2.core.OAuth2TokenValidator in project spring-security by spring-projects.

the class NimbusJwtDecoderJwkSupportTests method decodeWhenJwtFailsValidationThenReturnsCorrespondingErrorMessage.

@Test
public void decodeWhenJwtFailsValidationThenReturnsCorrespondingErrorMessage() throws Exception {
    try (MockWebServer server = new MockWebServer()) {
        server.enqueue(new MockResponse().setBody(JWK_SET));
        String jwkSetUrl = server.url("/.well-known/jwks.json").toString();
        NimbusJwtDecoderJwkSupport decoder = new NimbusJwtDecoderJwkSupport(jwkSetUrl);
        OAuth2Error failure = new OAuth2Error("mock-error", "mock-description", "mock-uri");
        OAuth2TokenValidator<Jwt> jwtValidator = mock(OAuth2TokenValidator.class);
        given(jwtValidator.validate(any(Jwt.class))).willReturn(OAuth2TokenValidatorResult.failure(failure));
        decoder.setJwtValidator(jwtValidator);
        // @formatter:off
        assertThatExceptionOfType(JwtValidationException.class).isThrownBy(() -> decoder.decode(SIGNED_JWT)).withMessageContaining("mock-description");
    // @formatter:on
    }
}
Also used : MockResponse(okhttp3.mockwebserver.MockResponse) MockWebServer(okhttp3.mockwebserver.MockWebServer) OAuth2Error(org.springframework.security.oauth2.core.OAuth2Error) Test(org.junit.jupiter.api.Test)

Aggregations

OAuth2TokenValidator (org.springframework.security.oauth2.core.OAuth2TokenValidator)17 DelegatingOAuth2TokenValidator (org.springframework.security.oauth2.core.DelegatingOAuth2TokenValidator)14 Test (org.junit.jupiter.api.Test)13 JWSHeader (com.nimbusds.jose.JWSHeader)10 JWTClaimsSet (com.nimbusds.jwt.JWTClaimsSet)10 SignedJWT (com.nimbusds.jwt.SignedJWT)10 Test (org.junit.Test)10 Jwt (org.springframework.security.oauth2.jwt.Jwt)10 OAuth2Error (org.springframework.security.oauth2.core.OAuth2Error)9 ArrayList (java.util.ArrayList)8 JwtTimestampValidator (org.springframework.security.oauth2.jwt.JwtTimestampValidator)8 RestOperations (org.springframework.web.client.RestOperations)8 JwtIssuerValidator (org.springframework.security.oauth2.jwt.JwtIssuerValidator)6 OAuth2TokenValidatorResult (org.springframework.security.oauth2.core.OAuth2TokenValidatorResult)5 MockWebServer (okhttp3.mockwebserver.MockWebServer)4 Collection (java.util.Collection)2 MockResponse (okhttp3.mockwebserver.MockResponse)2 CoreMatchers.containsString (org.hamcrest.CoreMatchers.containsString)2 ArgumentMatchers.anyString (org.mockito.ArgumentMatchers.anyString)2 ConditionalOnMissingBean (org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean)2