Examples with OAuth2AuthorizationRequest org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest used on opensource projects

Search in sources :

Example 51 with OAuth2AuthorizationRequest

use of org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest in project spring-security by spring-projects.

the class OAuth2LoginConfigurerTests method oauth2LoginCustomWithBeanRegistration.

@Test
public void oauth2LoginCustomWithBeanRegistration() throws Exception {
    // setup application context
    loadConfig(OAuth2LoginConfigCustomWithBeanRegistration.class);
    // setup authorization request
    OAuth2AuthorizationRequest authorizationRequest = createOAuth2AuthorizationRequest();
    this.authorizationRequestRepository.saveAuthorizationRequest(authorizationRequest, this.request, this.response);
    // setup authentication parameters
    this.request.setParameter("code", "code123");
    this.request.setParameter("state", authorizationRequest.getState());
    // perform test
    this.springSecurityFilterChain.doFilter(this.request, this.response, this.filterChain);
    // assertions
    Authentication authentication = this.securityContextRepository.loadContext(new HttpRequestResponseHolder(this.request, this.response)).getAuthentication();
    assertThat(authentication.getAuthorities()).hasSize(2);
    assertThat(authentication.getAuthorities()).first().hasToString("ROLE_USER");
    assertThat(authentication.getAuthorities()).last().hasToString("ROLE_OAUTH2_USER");
}
Also used : HttpRequestResponseHolder(org.springframework.security.web.context.HttpRequestResponseHolder) Authentication(org.springframework.security.core.Authentication) OAuth2AuthorizationRequest(org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest) Test(org.junit.jupiter.api.Test)

Example 52 with OAuth2AuthorizationRequest

use of org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest in project spring-security by spring-projects.

the class OAuth2LoginConfigurerTests method requestWhenOauth2LoginInLambdaThenAuthenticationContainsOauth2UserAuthority.

@Test
public void requestWhenOauth2LoginInLambdaThenAuthenticationContainsOauth2UserAuthority() throws Exception {
    loadConfig(OAuth2LoginInLambdaConfig.class);
    OAuth2AuthorizationRequest authorizationRequest = createOAuth2AuthorizationRequest();
    this.authorizationRequestRepository.saveAuthorizationRequest(authorizationRequest, this.request, this.response);
    this.request.setParameter("code", "code123");
    this.request.setParameter("state", authorizationRequest.getState());
    this.springSecurityFilterChain.doFilter(this.request, this.response, this.filterChain);
    Authentication authentication = this.securityContextRepository.loadContext(new HttpRequestResponseHolder(this.request, this.response)).getAuthentication();
    assertThat(authentication.getAuthorities()).hasSize(1);
    assertThat(authentication.getAuthorities()).first().isInstanceOf(OAuth2UserAuthority.class).hasToString("ROLE_USER");
}
Also used : HttpRequestResponseHolder(org.springframework.security.web.context.HttpRequestResponseHolder) Authentication(org.springframework.security.core.Authentication) OAuth2UserAuthority(org.springframework.security.oauth2.core.user.OAuth2UserAuthority) OAuth2AuthorizationRequest(org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest) Test(org.junit.jupiter.api.Test)

Example 53 with OAuth2AuthorizationRequest

use of org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest in project spring-security by spring-projects.

the class HttpSessionOAuth2AuthorizationRequestRepositoryAllowMultipleAuthorizationRequestsTests method loadAuthorizationRequestWhenSavedWithAllowMultipleAuthorizationRequests.

@Test
public void loadAuthorizationRequestWhenSavedWithAllowMultipleAuthorizationRequests() {
    // save 2 requests with legacy (allowMultipleAuthorizationRequests=true) and load
    // with new
    HttpSessionOAuth2AuthorizationRequestRepository legacy = new HttpSessionOAuth2AuthorizationRequestRepository();
    legacy.setAllowMultipleAuthorizationRequests(true);
    MockHttpServletRequest request = new MockHttpServletRequest();
    MockHttpServletResponse response = new MockHttpServletResponse();
    String state1 = "state-1122";
    OAuth2AuthorizationRequest authorizationRequest1 = createAuthorizationRequest().state(state1).build();
    legacy.saveAuthorizationRequest(authorizationRequest1, request, response);
    String state2 = "state-3344";
    OAuth2AuthorizationRequest authorizationRequest2 = createAuthorizationRequest().state(state2).build();
    legacy.saveAuthorizationRequest(authorizationRequest2, request, response);
    request.setParameter(OAuth2ParameterNames.STATE, state1);
    OAuth2AuthorizationRequest loaded = this.authorizationRequestRepository.loadAuthorizationRequest(request);
    assertThat(loaded).isEqualTo(authorizationRequest1);
}
Also used : MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) OAuth2AuthorizationRequest(org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) Test(org.junit.jupiter.api.Test)

Example 54 with OAuth2AuthorizationRequest

use of org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest in project spring-security by spring-projects.

the class OAuth2AuthorizationRequestRedirectFilterTests method doFilterWhenAuthorizationRequestImplicitGrantThenAuthorizationRequestNotSaved.

@Test
public void doFilterWhenAuthorizationRequestImplicitGrantThenAuthorizationRequestNotSaved() throws Exception {
    String requestUri = OAuth2AuthorizationRequestRedirectFilter.DEFAULT_AUTHORIZATION_REQUEST_BASE_URI + "/" + this.registration3.getRegistrationId();
    MockHttpServletRequest request = new MockHttpServletRequest("GET", requestUri);
    request.setServletPath(requestUri);
    MockHttpServletResponse response = new MockHttpServletResponse();
    FilterChain filterChain = mock(FilterChain.class);
    AuthorizationRequestRepository<OAuth2AuthorizationRequest> authorizationRequestRepository = mock(AuthorizationRequestRepository.class);
    this.filter.setAuthorizationRequestRepository(authorizationRequestRepository);
    this.filter.doFilter(request, response, filterChain);
    verifyZeroInteractions(filterChain);
    verify(authorizationRequestRepository, times(0)).saveAuthorizationRequest(any(OAuth2AuthorizationRequest.class), any(HttpServletRequest.class), any(HttpServletResponse.class));
}
Also used : HttpServletRequest(jakarta.servlet.http.HttpServletRequest) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) FilterChain(jakarta.servlet.FilterChain) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) HttpServletResponse(jakarta.servlet.http.HttpServletResponse) OAuth2AuthorizationRequest(org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) Test(org.junit.jupiter.api.Test)

Example 55 with OAuth2AuthorizationRequest

use of org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest in project spring-security by spring-projects.

the class HttpSessionOAuth2AuthorizationRequestRepositoryAllowMultipleAuthorizationRequestsTests method saveAuthorizationRequestWhenSavedWithAllowMultipleAuthorizationRequests.

@Test
public void saveAuthorizationRequestWhenSavedWithAllowMultipleAuthorizationRequests() {
    // save 2 requests with legacy (allowMultipleAuthorizationRequests=true), save
    // with new, and load with new
    HttpSessionOAuth2AuthorizationRequestRepository legacy = new HttpSessionOAuth2AuthorizationRequestRepository();
    legacy.setAllowMultipleAuthorizationRequests(true);
    MockHttpServletRequest request = new MockHttpServletRequest();
    MockHttpServletResponse response = new MockHttpServletResponse();
    String state1 = "state-1122";
    OAuth2AuthorizationRequest authorizationRequest1 = createAuthorizationRequest().state(state1).build();
    legacy.saveAuthorizationRequest(authorizationRequest1, request, response);
    String state2 = "state-3344";
    OAuth2AuthorizationRequest authorizationRequest2 = createAuthorizationRequest().state(state2).build();
    legacy.saveAuthorizationRequest(authorizationRequest2, request, response);
    String state3 = "state-5566";
    OAuth2AuthorizationRequest authorizationRequest3 = createAuthorizationRequest().state(state3).build();
    this.authorizationRequestRepository.saveAuthorizationRequest(authorizationRequest3, request, response);
    request.setParameter(OAuth2ParameterNames.STATE, state3);
    OAuth2AuthorizationRequest loaded = this.authorizationRequestRepository.loadAuthorizationRequest(request);
    assertThat(loaded).isEqualTo(authorizationRequest3);
}
Also used : MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) OAuth2AuthorizationRequest(org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) Test(org.junit.jupiter.api.Test)

Aggregations

OAuth2AuthorizationRequest (org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest)137 Test (org.junit.jupiter.api.Test)112 ClientRegistration (org.springframework.security.oauth2.client.registration.ClientRegistration)52 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)49 HashMap (java.util.HashMap)26 MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)25 OAuth2AuthorizationResponse (org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationResponse)24 OAuth2AuthorizationExchange (org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationExchange)22 Authentication (org.springframework.security.core.Authentication)19 MockServerHttpRequest (org.springframework.mock.http.server.reactive.MockServerHttpRequest)18 OAuth2AccessTokenResponse (org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse)17 ServerWebExchange (org.springframework.web.server.ServerWebExchange)13 OAuth2ParameterNames (org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames)12 MockServerWebExchange (org.springframework.mock.web.server.MockServerWebExchange)11 OAuth2Error (org.springframework.security.oauth2.core.OAuth2Error)11 BeforeEach (org.junit.jupiter.api.BeforeEach)10 HttpRequestResponseHolder (org.springframework.security.web.context.HttpRequestResponseHolder)10 LinkedMultiValueMap (org.springframework.util.LinkedMultiValueMap)10 Map (java.util.Map)9 Mono (reactor.core.publisher.Mono)9
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial