Search in sources :

Example 11 with OAuth2AuthorizationExchange

use of org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationExchange in project spring-security by spring-projects.

the class OAuth2AuthorizationCodeGrantRequestEntityConverterTests method convertWhenPkceGrantRequestValidThenConverts.

@SuppressWarnings("unchecked")
@Test
public void convertWhenPkceGrantRequestValidThenConverts() {
    ClientRegistration clientRegistration = TestClientRegistrations.clientRegistration().clientAuthenticationMethod(null).clientSecret(null).build();
    Map<String, Object> attributes = new HashMap<>();
    attributes.put(PkceParameterNames.CODE_VERIFIER, "code-verifier-1234");
    Map<String, Object> additionalParameters = new HashMap<>();
    additionalParameters.put(PkceParameterNames.CODE_CHALLENGE, "code-challenge-1234");
    additionalParameters.put(PkceParameterNames.CODE_CHALLENGE_METHOD, "S256");
    OAuth2AuthorizationRequest authorizationRequest = TestOAuth2AuthorizationRequests.request().attributes(attributes).additionalParameters(additionalParameters).build();
    OAuth2AuthorizationResponse authorizationResponse = TestOAuth2AuthorizationResponses.success().build();
    OAuth2AuthorizationExchange authorizationExchange = new OAuth2AuthorizationExchange(authorizationRequest, authorizationResponse);
    OAuth2AuthorizationCodeGrantRequest authorizationCodeGrantRequest = new OAuth2AuthorizationCodeGrantRequest(clientRegistration, authorizationExchange);
    RequestEntity<?> requestEntity = this.converter.convert(authorizationCodeGrantRequest);
    assertThat(requestEntity.getMethod()).isEqualTo(HttpMethod.POST);
    assertThat(requestEntity.getUrl().toASCIIString()).isEqualTo(clientRegistration.getProviderDetails().getTokenUri());
    HttpHeaders headers = requestEntity.getHeaders();
    assertThat(headers.getAccept()).contains(MediaType.APPLICATION_JSON_UTF8);
    assertThat(headers.getContentType()).isEqualTo(MediaType.valueOf(MediaType.APPLICATION_FORM_URLENCODED_VALUE + ";charset=UTF-8"));
    assertThat(headers.getFirst(HttpHeaders.AUTHORIZATION)).isNull();
    MultiValueMap<String, String> formParameters = (MultiValueMap<String, String>) requestEntity.getBody();
    assertThat(formParameters.getFirst(OAuth2ParameterNames.GRANT_TYPE)).isEqualTo(AuthorizationGrantType.AUTHORIZATION_CODE.getValue());
    assertThat(formParameters.getFirst(OAuth2ParameterNames.CODE)).isEqualTo(authorizationResponse.getCode());
    assertThat(formParameters.getFirst(OAuth2ParameterNames.REDIRECT_URI)).isEqualTo(authorizationRequest.getRedirectUri());
    assertThat(formParameters.getFirst(OAuth2ParameterNames.CLIENT_ID)).isEqualTo(authorizationRequest.getClientId());
    assertThat(formParameters.getFirst(PkceParameterNames.CODE_VERIFIER)).isEqualTo(authorizationRequest.getAttribute(PkceParameterNames.CODE_VERIFIER));
}
Also used : HttpHeaders(org.springframework.http.HttpHeaders) HashMap(java.util.HashMap) OAuth2AuthorizationResponse(org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationResponse) ClientRegistration(org.springframework.security.oauth2.client.registration.ClientRegistration) OAuth2AuthorizationExchange(org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationExchange) OAuth2AuthorizationRequest(org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest) MultiValueMap(org.springframework.util.MultiValueMap) Test(org.junit.jupiter.api.Test)

Example 12 with OAuth2AuthorizationExchange

use of org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationExchange in project spring-security by spring-projects.

the class OAuth2AuthorizationCodeGrantRequestEntityConverterTests method convertWhenParametersConverterSetThenCalled.

@Test
public void convertWhenParametersConverterSetThenCalled() {
    Converter<OAuth2AuthorizationCodeGrantRequest, MultiValueMap<String, String>> parametersConverter1 = mock(Converter.class);
    this.converter.setParametersConverter(parametersConverter1);
    Converter<OAuth2AuthorizationCodeGrantRequest, MultiValueMap<String, String>> parametersConverter2 = mock(Converter.class);
    this.converter.addParametersConverter(parametersConverter2);
    ClientRegistration clientRegistration = TestClientRegistrations.clientRegistration().build();
    OAuth2AuthorizationExchange authorizationExchange = TestOAuth2AuthorizationExchanges.success();
    OAuth2AuthorizationCodeGrantRequest authorizationCodeGrantRequest = new OAuth2AuthorizationCodeGrantRequest(clientRegistration, authorizationExchange);
    this.converter.convert(authorizationCodeGrantRequest);
    InOrder inOrder = inOrder(parametersConverter1, parametersConverter2);
    inOrder.verify(parametersConverter1).convert(any(OAuth2AuthorizationCodeGrantRequest.class));
    inOrder.verify(parametersConverter2).convert(any(OAuth2AuthorizationCodeGrantRequest.class));
}
Also used : ClientRegistration(org.springframework.security.oauth2.client.registration.ClientRegistration) InOrder(org.mockito.InOrder) OAuth2AuthorizationExchange(org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationExchange) MultiValueMap(org.springframework.util.MultiValueMap) Test(org.junit.jupiter.api.Test)

Example 13 with OAuth2AuthorizationExchange

use of org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationExchange in project spring-security by spring-projects.

the class OAuth2LoginAuthenticationProviderTests method setUp.

@BeforeEach
@SuppressWarnings("unchecked")
public void setUp() {
    this.clientRegistration = TestClientRegistrations.clientRegistration().build();
    this.authorizationRequest = TestOAuth2AuthorizationRequests.request().scope("scope1", "scope2").build();
    this.authorizationResponse = TestOAuth2AuthorizationResponses.success().build();
    this.authorizationExchange = new OAuth2AuthorizationExchange(this.authorizationRequest, this.authorizationResponse);
    this.accessTokenResponseClient = mock(OAuth2AccessTokenResponseClient.class);
    this.userService = mock(OAuth2UserService.class);
    this.authenticationProvider = new OAuth2LoginAuthenticationProvider(this.accessTokenResponseClient, this.userService);
}
Also used : OAuth2AuthorizationExchange(org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationExchange) OAuth2UserService(org.springframework.security.oauth2.client.userinfo.OAuth2UserService) OAuth2AccessTokenResponseClient(org.springframework.security.oauth2.client.endpoint.OAuth2AccessTokenResponseClient) BeforeEach(org.junit.jupiter.api.BeforeEach)

Example 14 with OAuth2AuthorizationExchange

use of org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationExchange in project spring-security by spring-projects.

the class OAuth2LoginAuthenticationProviderTests method authenticateWhenAuthorizationErrorResponseThenThrowOAuth2AuthenticationException.

@Test
public void authenticateWhenAuthorizationErrorResponseThenThrowOAuth2AuthenticationException() {
    OAuth2AuthorizationResponse authorizationResponse = TestOAuth2AuthorizationResponses.error().errorCode(OAuth2ErrorCodes.INVALID_REQUEST).build();
    OAuth2AuthorizationExchange authorizationExchange = new OAuth2AuthorizationExchange(this.authorizationRequest, authorizationResponse);
    assertThatExceptionOfType(OAuth2AuthenticationException.class).isThrownBy(() -> this.authenticationProvider.authenticate(new OAuth2LoginAuthenticationToken(this.clientRegistration, authorizationExchange))).withMessageContaining(OAuth2ErrorCodes.INVALID_REQUEST);
}
Also used : OAuth2AuthorizationExchange(org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationExchange) OAuth2AuthorizationResponse(org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationResponse) Test(org.junit.jupiter.api.Test)

Example 15 with OAuth2AuthorizationExchange

use of org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationExchange in project spring-security by spring-projects.

the class OAuth2LoginAuthenticationProviderTests method authenticateWhenAuthorizationRequestContainsOpenidScopeThenReturnNull.

@Test
public void authenticateWhenAuthorizationRequestContainsOpenidScopeThenReturnNull() {
    OAuth2AuthorizationRequest authorizationRequest = TestOAuth2AuthorizationRequests.request().scope("openid").build();
    OAuth2AuthorizationExchange authorizationExchange = new OAuth2AuthorizationExchange(authorizationRequest, this.authorizationResponse);
    OAuth2LoginAuthenticationToken authentication = (OAuth2LoginAuthenticationToken) this.authenticationProvider.authenticate(new OAuth2LoginAuthenticationToken(this.clientRegistration, authorizationExchange));
    assertThat(authentication).isNull();
}
Also used : OAuth2AuthorizationExchange(org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationExchange) OAuth2AuthorizationRequest(org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest) Test(org.junit.jupiter.api.Test)

Aggregations

OAuth2AuthorizationExchange (org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationExchange)44 OAuth2AuthorizationResponse (org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationResponse)26 Test (org.junit.jupiter.api.Test)24 OAuth2AuthorizationRequest (org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest)23 ClientRegistration (org.springframework.security.oauth2.client.registration.ClientRegistration)19 OAuth2AuthorizationCodeAuthenticationToken (org.springframework.security.oauth2.client.authentication.OAuth2AuthorizationCodeAuthenticationToken)10 HashMap (java.util.HashMap)9 OAuth2AccessToken (org.springframework.security.oauth2.core.OAuth2AccessToken)9 OAuth2LoginAuthenticationToken (org.springframework.security.oauth2.client.authentication.OAuth2LoginAuthenticationToken)8 OAuth2AccessTokenResponse (org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse)8 OAuth2Error (org.springframework.security.oauth2.core.OAuth2Error)7 ServerAuthenticationConverter (org.springframework.security.web.server.authentication.ServerAuthenticationConverter)7 WebTestClient (org.springframework.test.web.reactive.server.WebTestClient)7 BeforeEach (org.junit.jupiter.api.BeforeEach)5 HttpHeaders (org.springframework.http.HttpHeaders)5 OAuth2AuthorizationCodeGrantRequest (org.springframework.security.oauth2.client.endpoint.OAuth2AuthorizationCodeGrantRequest)5 ExtendWith (org.junit.jupiter.api.extension.ExtendWith)4 ArgumentMatchers.any (org.mockito.ArgumentMatchers.any)4 BDDMockito.given (org.mockito.BDDMockito.given)4 Mockito.mock (org.mockito.Mockito.mock)4