use of org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationExchange in project spring-security by spring-projects.
the class OAuth2AuthorizationCodeGrantRequestEntityConverterTests method convertWhenPkceGrantRequestValidThenConverts.
@SuppressWarnings("unchecked")
@Test
public void convertWhenPkceGrantRequestValidThenConverts() {
ClientRegistration clientRegistration = TestClientRegistrations.clientRegistration().clientAuthenticationMethod(null).clientSecret(null).build();
Map<String, Object> attributes = new HashMap<>();
attributes.put(PkceParameterNames.CODE_VERIFIER, "code-verifier-1234");
Map<String, Object> additionalParameters = new HashMap<>();
additionalParameters.put(PkceParameterNames.CODE_CHALLENGE, "code-challenge-1234");
additionalParameters.put(PkceParameterNames.CODE_CHALLENGE_METHOD, "S256");
OAuth2AuthorizationRequest authorizationRequest = TestOAuth2AuthorizationRequests.request().attributes(attributes).additionalParameters(additionalParameters).build();
OAuth2AuthorizationResponse authorizationResponse = TestOAuth2AuthorizationResponses.success().build();
OAuth2AuthorizationExchange authorizationExchange = new OAuth2AuthorizationExchange(authorizationRequest, authorizationResponse);
OAuth2AuthorizationCodeGrantRequest authorizationCodeGrantRequest = new OAuth2AuthorizationCodeGrantRequest(clientRegistration, authorizationExchange);
RequestEntity<?> requestEntity = this.converter.convert(authorizationCodeGrantRequest);
assertThat(requestEntity.getMethod()).isEqualTo(HttpMethod.POST);
assertThat(requestEntity.getUrl().toASCIIString()).isEqualTo(clientRegistration.getProviderDetails().getTokenUri());
HttpHeaders headers = requestEntity.getHeaders();
assertThat(headers.getAccept()).contains(MediaType.APPLICATION_JSON_UTF8);
assertThat(headers.getContentType()).isEqualTo(MediaType.valueOf(MediaType.APPLICATION_FORM_URLENCODED_VALUE + ";charset=UTF-8"));
assertThat(headers.getFirst(HttpHeaders.AUTHORIZATION)).isNull();
MultiValueMap<String, String> formParameters = (MultiValueMap<String, String>) requestEntity.getBody();
assertThat(formParameters.getFirst(OAuth2ParameterNames.GRANT_TYPE)).isEqualTo(AuthorizationGrantType.AUTHORIZATION_CODE.getValue());
assertThat(formParameters.getFirst(OAuth2ParameterNames.CODE)).isEqualTo(authorizationResponse.getCode());
assertThat(formParameters.getFirst(OAuth2ParameterNames.REDIRECT_URI)).isEqualTo(authorizationRequest.getRedirectUri());
assertThat(formParameters.getFirst(OAuth2ParameterNames.CLIENT_ID)).isEqualTo(authorizationRequest.getClientId());
assertThat(formParameters.getFirst(PkceParameterNames.CODE_VERIFIER)).isEqualTo(authorizationRequest.getAttribute(PkceParameterNames.CODE_VERIFIER));
}
use of org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationExchange in project spring-security by spring-projects.
the class OAuth2AuthorizationCodeGrantRequestEntityConverterTests method convertWhenParametersConverterSetThenCalled.
@Test
public void convertWhenParametersConverterSetThenCalled() {
Converter<OAuth2AuthorizationCodeGrantRequest, MultiValueMap<String, String>> parametersConverter1 = mock(Converter.class);
this.converter.setParametersConverter(parametersConverter1);
Converter<OAuth2AuthorizationCodeGrantRequest, MultiValueMap<String, String>> parametersConverter2 = mock(Converter.class);
this.converter.addParametersConverter(parametersConverter2);
ClientRegistration clientRegistration = TestClientRegistrations.clientRegistration().build();
OAuth2AuthorizationExchange authorizationExchange = TestOAuth2AuthorizationExchanges.success();
OAuth2AuthorizationCodeGrantRequest authorizationCodeGrantRequest = new OAuth2AuthorizationCodeGrantRequest(clientRegistration, authorizationExchange);
this.converter.convert(authorizationCodeGrantRequest);
InOrder inOrder = inOrder(parametersConverter1, parametersConverter2);
inOrder.verify(parametersConverter1).convert(any(OAuth2AuthorizationCodeGrantRequest.class));
inOrder.verify(parametersConverter2).convert(any(OAuth2AuthorizationCodeGrantRequest.class));
}
use of org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationExchange in project spring-security by spring-projects.
the class OAuth2LoginAuthenticationProviderTests method setUp.
@BeforeEach
@SuppressWarnings("unchecked")
public void setUp() {
this.clientRegistration = TestClientRegistrations.clientRegistration().build();
this.authorizationRequest = TestOAuth2AuthorizationRequests.request().scope("scope1", "scope2").build();
this.authorizationResponse = TestOAuth2AuthorizationResponses.success().build();
this.authorizationExchange = new OAuth2AuthorizationExchange(this.authorizationRequest, this.authorizationResponse);
this.accessTokenResponseClient = mock(OAuth2AccessTokenResponseClient.class);
this.userService = mock(OAuth2UserService.class);
this.authenticationProvider = new OAuth2LoginAuthenticationProvider(this.accessTokenResponseClient, this.userService);
}
use of org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationExchange in project spring-security by spring-projects.
the class OAuth2LoginAuthenticationProviderTests method authenticateWhenAuthorizationErrorResponseThenThrowOAuth2AuthenticationException.
@Test
public void authenticateWhenAuthorizationErrorResponseThenThrowOAuth2AuthenticationException() {
OAuth2AuthorizationResponse authorizationResponse = TestOAuth2AuthorizationResponses.error().errorCode(OAuth2ErrorCodes.INVALID_REQUEST).build();
OAuth2AuthorizationExchange authorizationExchange = new OAuth2AuthorizationExchange(this.authorizationRequest, authorizationResponse);
assertThatExceptionOfType(OAuth2AuthenticationException.class).isThrownBy(() -> this.authenticationProvider.authenticate(new OAuth2LoginAuthenticationToken(this.clientRegistration, authorizationExchange))).withMessageContaining(OAuth2ErrorCodes.INVALID_REQUEST);
}
use of org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationExchange in project spring-security by spring-projects.
the class OAuth2LoginAuthenticationProviderTests method authenticateWhenAuthorizationRequestContainsOpenidScopeThenReturnNull.
@Test
public void authenticateWhenAuthorizationRequestContainsOpenidScopeThenReturnNull() {
OAuth2AuthorizationRequest authorizationRequest = TestOAuth2AuthorizationRequests.request().scope("openid").build();
OAuth2AuthorizationExchange authorizationExchange = new OAuth2AuthorizationExchange(authorizationRequest, this.authorizationResponse);
OAuth2LoginAuthenticationToken authentication = (OAuth2LoginAuthenticationToken) this.authenticationProvider.authenticate(new OAuth2LoginAuthenticationToken(this.clientRegistration, authorizationExchange));
assertThat(authentication).isNull();
}
Aggregations