Examples with OAuth2AuthorizationExchange org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationExchange used on opensource projects

Search in sources :

Example 6 with OAuth2AuthorizationExchange

use of org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationExchange in project spring-security by spring-projects.

the class OidcAuthorizationCodeAuthenticationProviderTests method setUp.

@BeforeEach
@SuppressWarnings("unchecked")
public void setUp() {
    this.clientRegistration = TestClientRegistrations.clientRegistration().clientId("client1").build();
    Map<String, Object> attributes = new HashMap<>();
    Map<String, Object> additionalParameters = new HashMap<>();
    try {
        String nonce = this.secureKeyGenerator.generateKey();
        this.nonceHash = OidcAuthorizationCodeAuthenticationProvider.createHash(nonce);
        attributes.put(OidcParameterNames.NONCE, nonce);
        additionalParameters.put(OidcParameterNames.NONCE, this.nonceHash);
    } catch (NoSuchAlgorithmException ex) {
    }
    // @formatter:off
    this.authorizationRequest = TestOAuth2AuthorizationRequests.request().scope("openid", "profile", "email").attributes(attributes).additionalParameters(additionalParameters).build();
    this.authorizationResponse = TestOAuth2AuthorizationResponses.success().build();
    // @formatter:on
    this.authorizationExchange = new OAuth2AuthorizationExchange(this.authorizationRequest, this.authorizationResponse);
    this.accessTokenResponseClient = mock(OAuth2AccessTokenResponseClient.class);
    this.accessTokenResponse = this.accessTokenSuccessResponse();
    this.userService = mock(OAuth2UserService.class);
    this.authenticationProvider = new OidcAuthorizationCodeAuthenticationProvider(this.accessTokenResponseClient, this.userService);
    given(this.accessTokenResponseClient.getTokenResponse(any())).willReturn(this.accessTokenResponse);
}
Also used : HashMap(java.util.HashMap) OAuth2AuthorizationExchange(org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationExchange) OAuth2UserService(org.springframework.security.oauth2.client.userinfo.OAuth2UserService) ArgumentMatchers.anyString(org.mockito.ArgumentMatchers.anyString) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) OAuth2AccessTokenResponseClient(org.springframework.security.oauth2.client.endpoint.OAuth2AccessTokenResponseClient) BeforeEach(org.junit.jupiter.api.BeforeEach)

Example 7 with OAuth2AuthorizationExchange

use of org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationExchange in project spring-security by spring-projects.

the class OidcAuthorizationCodeAuthenticationProviderTests method authenticateWhenAuthorizationErrorResponseThenThrowOAuth2AuthenticationException.

@Test
public void authenticateWhenAuthorizationErrorResponseThenThrowOAuth2AuthenticationException() {
    // @formatter:off
    OAuth2AuthorizationResponse authorizationResponse = TestOAuth2AuthorizationResponses.error().errorCode(OAuth2ErrorCodes.INVALID_SCOPE).build();
    // @formatter:on
    OAuth2AuthorizationExchange authorizationExchange = new OAuth2AuthorizationExchange(this.authorizationRequest, authorizationResponse);
    assertThatExceptionOfType(OAuth2AuthenticationException.class).isThrownBy(() -> this.authenticationProvider.authenticate(new OAuth2LoginAuthenticationToken(this.clientRegistration, authorizationExchange))).withMessageContaining(OAuth2ErrorCodes.INVALID_SCOPE);
}
Also used : OAuth2AuthorizationExchange(org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationExchange) OAuth2AuthorizationResponse(org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationResponse) OAuth2LoginAuthenticationToken(org.springframework.security.oauth2.client.authentication.OAuth2LoginAuthenticationToken) Test(org.junit.jupiter.api.Test)

Example 8 with OAuth2AuthorizationExchange

use of org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationExchange in project spring-security by spring-projects.

the class OidcAuthorizationCodeAuthenticationProviderTests method authenticateWhenAuthorizationResponseStateNotEqualAuthorizationRequestStateThenThrowOAuth2AuthenticationException.

@Test
public void authenticateWhenAuthorizationResponseStateNotEqualAuthorizationRequestStateThenThrowOAuth2AuthenticationException() {
    // @formatter:off
    OAuth2AuthorizationResponse authorizationResponse = TestOAuth2AuthorizationResponses.success().state("89012").build();
    // @formatter:on
    OAuth2AuthorizationExchange authorizationExchange = new OAuth2AuthorizationExchange(this.authorizationRequest, authorizationResponse);
    assertThatExceptionOfType(OAuth2AuthenticationException.class).isThrownBy(() -> this.authenticationProvider.authenticate(new OAuth2LoginAuthenticationToken(this.clientRegistration, authorizationExchange))).withMessageContaining("invalid_state_parameter");
}
Also used : OAuth2AuthorizationExchange(org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationExchange) OAuth2AuthorizationResponse(org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationResponse) OAuth2LoginAuthenticationToken(org.springframework.security.oauth2.client.authentication.OAuth2LoginAuthenticationToken) Test(org.junit.jupiter.api.Test)

Example 9 with OAuth2AuthorizationExchange

use of org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationExchange in project spring-security by spring-projects.

the class WebClientReactiveAuthorizationCodeTokenResponseClientTests method pkceAuthorizationCodeGrantRequest.

private OAuth2AuthorizationCodeGrantRequest pkceAuthorizationCodeGrantRequest() {
    ClientRegistration registration = this.clientRegistration.clientAuthenticationMethod(null).clientSecret(null).build();
    Map<String, Object> attributes = new HashMap<>();
    attributes.put(PkceParameterNames.CODE_VERIFIER, "code-verifier-1234");
    Map<String, Object> additionalParameters = new HashMap<>();
    additionalParameters.put(PkceParameterNames.CODE_CHALLENGE, "code-challenge-1234");
    additionalParameters.put(PkceParameterNames.CODE_CHALLENGE_METHOD, "S256");
    // @formatter:off
    OAuth2AuthorizationRequest authorizationRequest = OAuth2AuthorizationRequest.authorizationCode().clientId(registration.getClientId()).state("state").authorizationUri(registration.getProviderDetails().getAuthorizationUri()).redirectUri(registration.getRedirectUri()).scopes(registration.getScopes()).attributes(attributes).additionalParameters(additionalParameters).build();
    OAuth2AuthorizationResponse authorizationResponse = OAuth2AuthorizationResponse.success("code").state("state").redirectUri(registration.getRedirectUri()).build();
    // @formatter:on
    OAuth2AuthorizationExchange authorizationExchange = new OAuth2AuthorizationExchange(authorizationRequest, authorizationResponse);
    return new OAuth2AuthorizationCodeGrantRequest(registration, authorizationExchange);
}
Also used : ClientRegistration(org.springframework.security.oauth2.client.registration.ClientRegistration) HashMap(java.util.HashMap) OAuth2AuthorizationExchange(org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationExchange) OAuth2AuthorizationResponse(org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationResponse) OAuth2AuthorizationRequest(org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest)

Example 10 with OAuth2AuthorizationExchange

use of org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationExchange in project spring-security by spring-projects.

the class WebClientReactiveAuthorizationCodeTokenResponseClientTests method authorizationCodeGrantRequest.

private OAuth2AuthorizationCodeGrantRequest authorizationCodeGrantRequest(ClientRegistration registration) {
    OAuth2AuthorizationRequest authorizationRequest = OAuth2AuthorizationRequest.authorizationCode().clientId(registration.getClientId()).state("state").authorizationUri(registration.getProviderDetails().getAuthorizationUri()).redirectUri(registration.getRedirectUri()).scopes(registration.getScopes()).build();
    OAuth2AuthorizationResponse authorizationResponse = OAuth2AuthorizationResponse.success("code").state("state").redirectUri(registration.getRedirectUri()).build();
    OAuth2AuthorizationExchange authorizationExchange = new OAuth2AuthorizationExchange(authorizationRequest, authorizationResponse);
    return new OAuth2AuthorizationCodeGrantRequest(registration, authorizationExchange);
}
Also used : OAuth2AuthorizationExchange(org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationExchange) OAuth2AuthorizationResponse(org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationResponse) OAuth2AuthorizationRequest(org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest)

Aggregations

OAuth2AuthorizationExchange (org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationExchange)44 OAuth2AuthorizationResponse (org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationResponse)26 Test (org.junit.jupiter.api.Test)24 OAuth2AuthorizationRequest (org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest)23 ClientRegistration (org.springframework.security.oauth2.client.registration.ClientRegistration)19 OAuth2AuthorizationCodeAuthenticationToken (org.springframework.security.oauth2.client.authentication.OAuth2AuthorizationCodeAuthenticationToken)10 HashMap (java.util.HashMap)9 OAuth2AccessToken (org.springframework.security.oauth2.core.OAuth2AccessToken)9 OAuth2LoginAuthenticationToken (org.springframework.security.oauth2.client.authentication.OAuth2LoginAuthenticationToken)8 OAuth2AccessTokenResponse (org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse)8 OAuth2Error (org.springframework.security.oauth2.core.OAuth2Error)7 ServerAuthenticationConverter (org.springframework.security.web.server.authentication.ServerAuthenticationConverter)7 WebTestClient (org.springframework.test.web.reactive.server.WebTestClient)7 BeforeEach (org.junit.jupiter.api.BeforeEach)5 HttpHeaders (org.springframework.http.HttpHeaders)5 OAuth2AuthorizationCodeGrantRequest (org.springframework.security.oauth2.client.endpoint.OAuth2AuthorizationCodeGrantRequest)5 ExtendWith (org.junit.jupiter.api.extension.ExtendWith)4 ArgumentMatchers.any (org.mockito.ArgumentMatchers.any)4 BDDMockito.given (org.mockito.BDDMockito.given)4 Mockito.mock (org.mockito.Mockito.mock)4
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial