Examples with OidcUser org.springframework.security.oauth2.core.oidc.user.OidcUser used on opensource projects

Search in sources :

Example 16 with OidcUser

use of org.springframework.security.oauth2.core.oidc.user.OidcUser in project spring-security by spring-projects.

the class OidcUserServiceTests method loadUserWhenNonStandardScopesAuthorizedAndAccessibleScopesEmptyThenUserInfoEndpointRequested.

// gh-6886
@Test
public void loadUserWhenNonStandardScopesAuthorizedAndAccessibleScopesEmptyThenUserInfoEndpointRequested() {
    // @formatter:off
    String userInfoResponse = "{\n" + "   \"sub\": \"subject1\",\n" + "   \"name\": \"first last\",\n" + "   \"given_name\": \"first\",\n" + "   \"family_name\": \"last\",\n" + "   \"preferred_username\": \"user1\",\n" + "   \"email\": \"user1@example.com\"\n" + "}\n";
    // @formatter:on
    this.server.enqueue(jsonResponse(userInfoResponse));
    String userInfoUri = this.server.url("/user").toString();
    ClientRegistration clientRegistration = this.clientRegistrationBuilder.userInfoUri(userInfoUri).build();
    this.accessToken = TestOAuth2AccessTokens.scopes("scope1", "scope2");
    this.userService.setAccessibleScopes(Collections.emptySet());
    OidcUser user = this.userService.loadUser(new OidcUserRequest(clientRegistration, this.accessToken, this.idToken));
    assertThat(user.getUserInfo()).isNotNull();
}
Also used : ClientRegistration(org.springframework.security.oauth2.client.registration.ClientRegistration) OidcUser(org.springframework.security.oauth2.core.oidc.user.OidcUser) Test(org.junit.jupiter.api.Test)

Example 17 with OidcUser

use of org.springframework.security.oauth2.core.oidc.user.OidcUser in project spring-security by spring-projects.

the class OidcUserServiceTests method loadUserWhenUserInfoSuccessResponseThenReturnUser.

@Test
public void loadUserWhenUserInfoSuccessResponseThenReturnUser() {
    // @formatter:off
    String userInfoResponse = "{\n" + "   \"sub\": \"subject1\",\n" + "   \"name\": \"first last\",\n" + "   \"given_name\": \"first\",\n" + "   \"family_name\": \"last\",\n" + "   \"preferred_username\": \"user1\",\n" + "   \"email\": \"user1@example.com\"\n" + "}\n";
    // @formatter:on
    this.server.enqueue(jsonResponse(userInfoResponse));
    String userInfoUri = this.server.url("/user").toString();
    ClientRegistration clientRegistration = this.clientRegistrationBuilder.userInfoUri(userInfoUri).build();
    OidcUser user = this.userService.loadUser(new OidcUserRequest(clientRegistration, this.accessToken, this.idToken));
    assertThat(user.getIdToken()).isNotNull();
    assertThat(user.getUserInfo()).isNotNull();
    assertThat(user.getUserInfo().getClaims().size()).isEqualTo(6);
    assertThat(user.getIdToken()).isEqualTo(this.idToken);
    assertThat(user.getName()).isEqualTo("subject1");
    assertThat(user.getUserInfo().getSubject()).isEqualTo("subject1");
    assertThat(user.getUserInfo().getFullName()).isEqualTo("first last");
    assertThat(user.getUserInfo().getGivenName()).isEqualTo("first");
    assertThat(user.getUserInfo().getFamilyName()).isEqualTo("last");
    assertThat(user.getUserInfo().getPreferredUsername()).isEqualTo("user1");
    assertThat(user.getUserInfo().getEmail()).isEqualTo("user1@example.com");
    assertThat(user.getAuthorities().size()).isEqualTo(3);
    assertThat(user.getAuthorities().iterator().next()).isInstanceOf(OidcUserAuthority.class);
    OidcUserAuthority userAuthority = (OidcUserAuthority) user.getAuthorities().iterator().next();
    assertThat(userAuthority.getAuthority()).isEqualTo("ROLE_USER");
    assertThat(userAuthority.getIdToken()).isEqualTo(user.getIdToken());
    assertThat(userAuthority.getUserInfo()).isEqualTo(user.getUserInfo());
}
Also used : OidcUserAuthority(org.springframework.security.oauth2.core.oidc.user.OidcUserAuthority) ClientRegistration(org.springframework.security.oauth2.client.registration.ClientRegistration) OidcUser(org.springframework.security.oauth2.core.oidc.user.OidcUser) Test(org.junit.jupiter.api.Test)

Example 18 with OidcUser

use of org.springframework.security.oauth2.core.oidc.user.OidcUser in project spring-security by spring-projects.

the class OidcUserServiceTests method loadUserWhenNonStandardScopesAuthorizedThenUserInfoEndpointNotRequested.

@Test
public void loadUserWhenNonStandardScopesAuthorizedThenUserInfoEndpointNotRequested() {
    ClientRegistration clientRegistration = this.clientRegistrationBuilder.userInfoUri("https://provider.com/user").build();
    this.accessToken = TestOAuth2AccessTokens.scopes("scope1", "scope2");
    OidcUser user = this.userService.loadUser(new OidcUserRequest(clientRegistration, this.accessToken, this.idToken));
    assertThat(user.getUserInfo()).isNull();
}
Also used : ClientRegistration(org.springframework.security.oauth2.client.registration.ClientRegistration) OidcUser(org.springframework.security.oauth2.core.oidc.user.OidcUser) Test(org.junit.jupiter.api.Test)

Example 19 with OidcUser

use of org.springframework.security.oauth2.core.oidc.user.OidcUser in project spring-security by spring-projects.

the class OidcUserServiceTests method loadUserWhenStandardScopesAuthorizedThenUserInfoEndpointRequested.

// gh-6886
@Test
public void loadUserWhenStandardScopesAuthorizedThenUserInfoEndpointRequested() {
    // @formatter:off
    String userInfoResponse = "{\n" + "	\"sub\": \"subject1\",\n" + "   \"name\": \"first last\",\n" + "   \"given_name\": \"first\",\n" + "   \"family_name\": \"last\",\n" + "   \"preferred_username\": \"user1\",\n" + "   \"email\": \"user1@example.com\"\n" + "}\n";
    // @formatter:on
    this.server.enqueue(jsonResponse(userInfoResponse));
    String userInfoUri = this.server.url("/user").toString();
    ClientRegistration clientRegistration = this.clientRegistrationBuilder.userInfoUri(userInfoUri).build();
    OidcUser user = this.userService.loadUser(new OidcUserRequest(clientRegistration, this.accessToken, this.idToken));
    assertThat(user.getUserInfo()).isNotNull();
}
Also used : ClientRegistration(org.springframework.security.oauth2.client.registration.ClientRegistration) OidcUser(org.springframework.security.oauth2.core.oidc.user.OidcUser) Test(org.junit.jupiter.api.Test)

Example 20 with OidcUser

use of org.springframework.security.oauth2.core.oidc.user.OidcUser in project spring-security by spring-projects.

the class OidcUserServiceTests method loadUserWhenNonStandardScopesAuthorizedAndAccessibleScopesMatchThenUserInfoEndpointRequested.

// gh-6886
@Test
public void loadUserWhenNonStandardScopesAuthorizedAndAccessibleScopesMatchThenUserInfoEndpointRequested() {
    // @formatter:off
    String userInfoResponse = "{\n" + "   \"sub\": \"subject1\",\n" + "   \"name\": \"first last\",\n" + "   \"given_name\": \"first\",\n" + "   \"family_name\": \"last\",\n" + "   \"preferred_username\": \"user1\",\n" + "   \"email\": \"user1@example.com\"\n" + "}\n";
    // @formatter:on
    this.server.enqueue(jsonResponse(userInfoResponse));
    String userInfoUri = this.server.url("/user").toString();
    ClientRegistration clientRegistration = this.clientRegistrationBuilder.userInfoUri(userInfoUri).build();
    this.accessToken = TestOAuth2AccessTokens.scopes("scope1", "scope2");
    this.userService.setAccessibleScopes(Collections.singleton("scope2"));
    OidcUser user = this.userService.loadUser(new OidcUserRequest(clientRegistration, this.accessToken, this.idToken));
    assertThat(user.getUserInfo()).isNotNull();
}
Also used : ClientRegistration(org.springframework.security.oauth2.client.registration.ClientRegistration) OidcUser(org.springframework.security.oauth2.core.oidc.user.OidcUser) Test(org.junit.jupiter.api.Test)

Aggregations

OidcUser (org.springframework.security.oauth2.core.oidc.user.OidcUser)30 Test (org.junit.jupiter.api.Test)24 ClientRegistration (org.springframework.security.oauth2.client.registration.ClientRegistration)14 GrantedAuthority (org.springframework.security.core.GrantedAuthority)8 SimpleGrantedAuthority (org.springframework.security.core.authority.SimpleGrantedAuthority)8 OAuth2AuthenticationToken (org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken)8 DefaultOidcUser (org.springframework.security.oauth2.core.oidc.user.DefaultOidcUser)8 OidcUserRequest (org.springframework.security.oauth2.client.oidc.userinfo.OidcUserRequest)7 OAuth2AccessToken (org.springframework.security.oauth2.core.OAuth2AccessToken)6 OAuth2AuthenticationException (org.springframework.security.oauth2.core.OAuth2AuthenticationException)6 BeforeEach (org.junit.jupiter.api.BeforeEach)5 AuthorityUtils (org.springframework.security.core.authority.AuthorityUtils)5 OAuth2AccessTokenResponse (org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse)5 OAuth2AuthorizationRequest (org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest)5 OAuth2AuthorizationResponse (org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationResponse)5 HashMap (java.util.HashMap)4 LinkedHashSet (java.util.LinkedHashSet)4 List (java.util.List)4 Assertions.assertThat (org.assertj.core.api.Assertions.assertThat)4 GrantedAuthoritiesMapper (org.springframework.security.core.authority.mapping.GrantedAuthoritiesMapper)4
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial