Examples with OAuth2AuthorizationRequest org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest used on opensource projects

Search in sources :

Example 81 with OAuth2AuthorizationRequest

use of org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest in project spring-security by spring-projects.

the class OAuth2LoginConfigurerTests method oauth2LoginWhenSuccessThenAuthenticationSuccessEventPublished.

// gh-6009
@Test
public void oauth2LoginWhenSuccessThenAuthenticationSuccessEventPublished() throws Exception {
    // setup application context
    loadConfig(OAuth2LoginConfig.class);
    // setup authorization request
    OAuth2AuthorizationRequest authorizationRequest = createOAuth2AuthorizationRequest();
    this.authorizationRequestRepository.saveAuthorizationRequest(authorizationRequest, this.request, this.response);
    // setup authentication parameters
    this.request.setParameter("code", "code123");
    this.request.setParameter("state", authorizationRequest.getState());
    // perform test
    this.springSecurityFilterChain.doFilter(this.request, this.response, this.filterChain);
    // assertions
    assertThat(OAuth2LoginConfig.EVENTS).isNotEmpty();
    assertThat(OAuth2LoginConfig.EVENTS).hasSize(1);
    assertThat(OAuth2LoginConfig.EVENTS.get(0)).isInstanceOf(AuthenticationSuccessEvent.class);
}
Also used : OAuth2AuthorizationRequest(org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest) Test(org.junit.jupiter.api.Test)

Example 82 with OAuth2AuthorizationRequest

use of org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest in project spring-security by spring-projects.

the class OAuth2LoginConfigurerTests method oidcLoginCustomWithConfigurer.

@Test
public void oidcLoginCustomWithConfigurer() throws Exception {
    // setup application context
    loadConfig(OAuth2LoginConfigCustomWithConfigurer.class, JwtDecoderFactoryConfig.class);
    // setup authorization request
    OAuth2AuthorizationRequest authorizationRequest = createOAuth2AuthorizationRequest("openid");
    this.authorizationRequestRepository.saveAuthorizationRequest(authorizationRequest, this.request, this.response);
    // setup authentication parameters
    this.request.setParameter("code", "code123");
    this.request.setParameter("state", authorizationRequest.getState());
    // perform test
    this.springSecurityFilterChain.doFilter(this.request, this.response, this.filterChain);
    // assertions
    Authentication authentication = this.securityContextRepository.loadContext(new HttpRequestResponseHolder(this.request, this.response)).getAuthentication();
    assertThat(authentication.getAuthorities()).hasSize(2);
    assertThat(authentication.getAuthorities()).first().hasToString("ROLE_USER");
    assertThat(authentication.getAuthorities()).last().hasToString("ROLE_OIDC_USER");
}
Also used : HttpRequestResponseHolder(org.springframework.security.web.context.HttpRequestResponseHolder) Authentication(org.springframework.security.core.Authentication) OAuth2AuthorizationRequest(org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest) Test(org.junit.jupiter.api.Test)

Example 83 with OAuth2AuthorizationRequest

use of org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest in project spring-security by spring-projects.

the class OAuth2LoginConfigurerTests method requestWhenOauth2LoginInLambdaAndOidcThenAuthenticationContainsOidcUserAuthority.

@Test
public void requestWhenOauth2LoginInLambdaAndOidcThenAuthenticationContainsOidcUserAuthority() throws Exception {
    // setup application context
    loadConfig(OAuth2LoginInLambdaConfig.class, JwtDecoderFactoryConfig.class);
    // setup authorization request
    OAuth2AuthorizationRequest authorizationRequest = createOAuth2AuthorizationRequest("openid");
    this.authorizationRequestRepository.saveAuthorizationRequest(authorizationRequest, this.request, this.response);
    // setup authentication parameters
    this.request.setParameter("code", "code123");
    this.request.setParameter("state", authorizationRequest.getState());
    // perform test
    this.springSecurityFilterChain.doFilter(this.request, this.response, this.filterChain);
    // assertions
    Authentication authentication = this.securityContextRepository.loadContext(new HttpRequestResponseHolder(this.request, this.response)).getAuthentication();
    assertThat(authentication.getAuthorities()).hasSize(1);
    assertThat(authentication.getAuthorities()).first().isInstanceOf(OidcUserAuthority.class).hasToString("ROLE_USER");
}
Also used : HttpRequestResponseHolder(org.springframework.security.web.context.HttpRequestResponseHolder) OidcUserAuthority(org.springframework.security.oauth2.core.oidc.user.OidcUserAuthority) Authentication(org.springframework.security.core.Authentication) OAuth2AuthorizationRequest(org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest) Test(org.junit.jupiter.api.Test)

Example 84 with OAuth2AuthorizationRequest

use of org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest in project spring-security by spring-projects.

the class OAuth2ClientConfigurerTests method configureWhenRequestCacheProvidedAndClientAuthorizationSucceedsThenRequestCacheUsed.

@Test
public void configureWhenRequestCacheProvidedAndClientAuthorizationSucceedsThenRequestCacheUsed() throws Exception {
    this.spring.register(OAuth2ClientConfig.class).autowire();
    // Setup the Authorization Request in the session
    Map<String, Object> attributes = new HashMap<>();
    attributes.put(OAuth2ParameterNames.REGISTRATION_ID, this.registration1.getRegistrationId());
    // @formatter:off
    OAuth2AuthorizationRequest authorizationRequest = OAuth2AuthorizationRequest.authorizationCode().authorizationUri(this.registration1.getProviderDetails().getAuthorizationUri()).clientId(this.registration1.getClientId()).redirectUri("http://localhost/client-1").state("state").attributes(attributes).build();
    // @formatter:on
    AuthorizationRequestRepository<OAuth2AuthorizationRequest> authorizationRequestRepository = new HttpSessionOAuth2AuthorizationRequestRepository();
    MockHttpServletRequest request = new MockHttpServletRequest("GET", "");
    MockHttpServletResponse response = new MockHttpServletResponse();
    authorizationRequestRepository.saveAuthorizationRequest(authorizationRequest, request, response);
    MockHttpSession session = (MockHttpSession) request.getSession();
    String principalName = "user1";
    TestingAuthenticationToken authentication = new TestingAuthenticationToken(principalName, "password");
    // @formatter:off
    MockHttpServletRequestBuilder clientRequest = get("/client-1").param(OAuth2ParameterNames.CODE, "code").param(OAuth2ParameterNames.STATE, "state").with(authentication(authentication)).session(session);
    this.mockMvc.perform(clientRequest).andExpect(status().is3xxRedirection()).andExpect(redirectedUrl("http://localhost/client-1"));
    // @formatter:on
    verify(requestCache).getRequest(any(HttpServletRequest.class), any(HttpServletResponse.class));
}
Also used : HashMap(java.util.HashMap) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) MockHttpServletRequestBuilder(org.springframework.test.web.servlet.request.MockHttpServletRequestBuilder) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) HttpServletResponse(jakarta.servlet.http.HttpServletResponse) TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken) HttpSessionOAuth2AuthorizationRequestRepository(org.springframework.security.oauth2.client.web.HttpSessionOAuth2AuthorizationRequestRepository) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) HttpServletRequest(jakarta.servlet.http.HttpServletRequest) MockHttpSession(org.springframework.mock.web.MockHttpSession) OAuth2AuthorizationRequest(org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) Test(org.junit.jupiter.api.Test)

Example 85 with OAuth2AuthorizationRequest

use of org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest in project spring-security by spring-projects.

the class OAuth2ClientConfigurerTests method configureWhenAuthorizationCodeResponseSuccessThenAuthorizedClientSaved.

@Test
public void configureWhenAuthorizationCodeResponseSuccessThenAuthorizedClientSaved() throws Exception {
    this.spring.register(OAuth2ClientConfig.class).autowire();
    // Setup the Authorization Request in the session
    Map<String, Object> attributes = new HashMap<>();
    attributes.put(OAuth2ParameterNames.REGISTRATION_ID, this.registration1.getRegistrationId());
    // @formatter:off
    OAuth2AuthorizationRequest authorizationRequest = OAuth2AuthorizationRequest.authorizationCode().authorizationUri(this.registration1.getProviderDetails().getAuthorizationUri()).clientId(this.registration1.getClientId()).redirectUri("http://localhost/client-1").state("state").attributes(attributes).build();
    // @formatter:on
    AuthorizationRequestRepository<OAuth2AuthorizationRequest> authorizationRequestRepository = new HttpSessionOAuth2AuthorizationRequestRepository();
    MockHttpServletRequest request = new MockHttpServletRequest("GET", "");
    MockHttpServletResponse response = new MockHttpServletResponse();
    authorizationRequestRepository.saveAuthorizationRequest(authorizationRequest, request, response);
    MockHttpSession session = (MockHttpSession) request.getSession();
    String principalName = "user1";
    TestingAuthenticationToken authentication = new TestingAuthenticationToken(principalName, "password");
    // @formatter:off
    MockHttpServletRequestBuilder clientRequest = get("/client-1").param(OAuth2ParameterNames.CODE, "code").param(OAuth2ParameterNames.STATE, "state").with(authentication(authentication)).session(session);
    this.mockMvc.perform(clientRequest).andExpect(status().is3xxRedirection()).andExpect(redirectedUrl("http://localhost/client-1"));
    // @formatter:on
    OAuth2AuthorizedClient authorizedClient = authorizedClientRepository.loadAuthorizedClient(this.registration1.getRegistrationId(), authentication, request);
    assertThat(authorizedClient).isNotNull();
}
Also used : HashMap(java.util.HashMap) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) MockHttpServletRequestBuilder(org.springframework.test.web.servlet.request.MockHttpServletRequestBuilder) TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken) HttpSessionOAuth2AuthorizationRequestRepository(org.springframework.security.oauth2.client.web.HttpSessionOAuth2AuthorizationRequestRepository) MockHttpSession(org.springframework.mock.web.MockHttpSession) RegisteredOAuth2AuthorizedClient(org.springframework.security.oauth2.client.annotation.RegisteredOAuth2AuthorizedClient) OAuth2AuthorizedClient(org.springframework.security.oauth2.client.OAuth2AuthorizedClient) OAuth2AuthorizationRequest(org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) Test(org.junit.jupiter.api.Test)

Aggregations

OAuth2AuthorizationRequest (org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest)137 Test (org.junit.jupiter.api.Test)112 ClientRegistration (org.springframework.security.oauth2.client.registration.ClientRegistration)52 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)49 HashMap (java.util.HashMap)26 MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)25 OAuth2AuthorizationResponse (org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationResponse)24 OAuth2AuthorizationExchange (org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationExchange)22 Authentication (org.springframework.security.core.Authentication)19 MockServerHttpRequest (org.springframework.mock.http.server.reactive.MockServerHttpRequest)18 OAuth2AccessTokenResponse (org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse)17 ServerWebExchange (org.springframework.web.server.ServerWebExchange)13 OAuth2ParameterNames (org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames)12 MockServerWebExchange (org.springframework.mock.web.server.MockServerWebExchange)11 OAuth2Error (org.springframework.security.oauth2.core.OAuth2Error)11 BeforeEach (org.junit.jupiter.api.BeforeEach)10 HttpRequestResponseHolder (org.springframework.security.web.context.HttpRequestResponseHolder)10 LinkedMultiValueMap (org.springframework.util.LinkedMultiValueMap)10 Map (java.util.Map)9 Mono (reactor.core.publisher.Mono)9
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial