use of org.springframework.security.oauth2.core.user.DefaultOAuth2User in project spring-security by spring-projects.
the class OAuth2LoginAuthenticationWebFilterTests method loginToken.
private OAuth2LoginAuthenticationToken loginToken() {
OAuth2AccessToken accessToken = new OAuth2AccessToken(OAuth2AccessToken.TokenType.BEARER, "token", Instant.now(), Instant.now().plus(Duration.ofDays(1)), Collections.singleton("user"));
DefaultOAuth2User user = new DefaultOAuth2User(AuthorityUtils.createAuthorityList("ROLE_USER"), Collections.singletonMap("user", "rob"), "user");
ClientRegistration clientRegistration = this.registration.build();
// @formatter:off
OAuth2AuthorizationRequest authorizationRequest = OAuth2AuthorizationRequest.authorizationCode().state("state").clientId(clientRegistration.getClientId()).authorizationUri(clientRegistration.getProviderDetails().getAuthorizationUri()).redirectUri(clientRegistration.getRedirectUri()).scopes(clientRegistration.getScopes()).build();
OAuth2AuthorizationResponse authorizationResponse = this.authorizationResponseBldr.redirectUri(clientRegistration.getRedirectUri()).build();
// @formatter:on
OAuth2AuthorizationExchange authorizationExchange = new OAuth2AuthorizationExchange(authorizationRequest, authorizationResponse);
return new OAuth2LoginAuthenticationToken(clientRegistration, authorizationExchange, user, user.getAuthorities(), accessToken);
}
use of org.springframework.security.oauth2.core.user.DefaultOAuth2User in project spring-security by spring-projects.
the class SecurityMockServerConfigurersOAuth2LoginTests method oauth2LoginWhenOAuth2UserSpecifiedThenLastCalledTakesPrecedence.
@Test
public void oauth2LoginWhenOAuth2UserSpecifiedThenLastCalledTakesPrecedence() throws Exception {
OAuth2User oauth2User = new DefaultOAuth2User(AuthorityUtils.createAuthorityList("SCOPE_read"), Collections.singletonMap("sub", "subject"), "sub");
this.client.mutateWith(SecurityMockServerConfigurers.mockOAuth2Login().attributes((a) -> a.put("subject", "foo")).oauth2User(oauth2User)).get().uri("/token").exchange().expectStatus().isOk();
OAuth2AuthenticationToken token = this.controller.token;
assertThat(token.getPrincipal().getAttributes()).containsEntry("sub", "subject");
this.client.mutateWith(SecurityMockServerConfigurers.mockOAuth2Login().oauth2User(oauth2User).attributes((a) -> a.put("sub", "bar"))).get().uri("/token").exchange().expectStatus().isOk();
token = this.controller.token;
assertThat(token.getPrincipal().getAttributes()).containsEntry("sub", "bar");
}
use of org.springframework.security.oauth2.core.user.DefaultOAuth2User in project spring-security by spring-projects.
the class SecurityMockMvcRequestPostProcessorsOAuth2LoginTests method oauth2LoginWhenNameSpecifiedThenUserHasName.
@Test
public void oauth2LoginWhenNameSpecifiedThenUserHasName() throws Exception {
OAuth2User oauth2User = new DefaultOAuth2User(AuthorityUtils.commaSeparatedStringToAuthorityList("SCOPE_read"), Collections.singletonMap("custom-attribute", "test-subject"), "custom-attribute");
this.mvc.perform(get("/attributes/custom-attribute").with(oauth2Login().oauth2User(oauth2User))).andExpect(content().string("test-subject"));
this.mvc.perform(get("/name").with(oauth2Login().oauth2User(oauth2User))).andExpect(content().string("test-subject"));
this.mvc.perform(get("/client-name").with(oauth2Login().oauth2User(oauth2User))).andExpect(content().string("test-subject"));
}
use of org.springframework.security.oauth2.core.user.DefaultOAuth2User in project spring-security by spring-projects.
the class OidcReactiveOAuth2UserServiceTests method loadUserWhenOAuth2UserSubjectNullThenOAuth2AuthenticationException.
@Test
public void loadUserWhenOAuth2UserSubjectNullThenOAuth2AuthenticationException() {
OAuth2User oauth2User = new DefaultOAuth2User(AuthorityUtils.createAuthorityList("ROLE_USER"), Collections.singletonMap("user", "rob"), "user");
given(this.oauth2UserService.loadUser(any())).willReturn(Mono.just(oauth2User));
assertThatExceptionOfType(OAuth2AuthenticationException.class).isThrownBy(() -> this.userService.loadUser(userRequest()).block());
}
use of org.springframework.security.oauth2.core.user.DefaultOAuth2User in project spring-security by spring-projects.
the class OidcReactiveOAuth2UserServiceTests method loadUserWhenOAuth2UserAndUser.
@Test
public void loadUserWhenOAuth2UserAndUser() {
this.registration.userNameAttributeName("user");
Map<String, Object> attributes = new HashMap<>();
attributes.put(StandardClaimNames.SUB, "subject");
attributes.put("user", "rob");
OAuth2User oauth2User = new DefaultOAuth2User(AuthorityUtils.createAuthorityList("ROLE_USER"), attributes, "user");
given(this.oauth2UserService.loadUser(any())).willReturn(Mono.just(oauth2User));
assertThat(this.userService.loadUser(userRequest()).block().getName()).isEqualTo("rob");
}
Aggregations