Examples with OAuth2User org.springframework.security.oauth2.core.user.OAuth2User used on opensource projects

Example 11 with OAuth2User

use of org.springframework.security.oauth2.core.user.OAuth2User in project spring-security by spring-projects.

the class DefaultOAuth2UserServiceTests method loadUserWhenTokenContainsScopesThenIndividualScopeAuthorities.

@Test
public void loadUserWhenTokenContainsScopesThenIndividualScopeAuthorities() {
    Map<String, Object> body = new HashMap<>();
    body.put("id", "id");
    DefaultOAuth2UserService userService = withMockResponse(body);
    OAuth2UserRequest request = new OAuth2UserRequest(TestClientRegistrations.clientRegistration().build(), TestOAuth2AccessTokens.scopes("message:read", "message:write"));
    OAuth2User user = userService.loadUser(request);
    assertThat(user.getAuthorities()).hasSize(3);
    Iterator<? extends GrantedAuthority> authorities = user.getAuthorities().iterator();
    assertThat(authorities.next()).isInstanceOf(OAuth2UserAuthority.class);
    assertThat(authorities.next()).isEqualTo(new SimpleGrantedAuthority("SCOPE_message:read"));
    assertThat(authorities.next()).isEqualTo(new SimpleGrantedAuthority("SCOPE_message:write"));
}

Example 12 with OAuth2User

use of org.springframework.security.oauth2.core.user.OAuth2User in project spring-security by spring-projects.

the class DefaultOAuth2UserServiceTests method loadUserWhenTokenDoesNotContainScopesThenNoScopeAuthorities.

@Test
public void loadUserWhenTokenDoesNotContainScopesThenNoScopeAuthorities() {
    Map<String, Object> body = new HashMap<>();
    body.put("id", "id");
    DefaultOAuth2UserService userService = withMockResponse(body);
    OAuth2UserRequest request = new OAuth2UserRequest(TestClientRegistrations.clientRegistration().build(), TestOAuth2AccessTokens.noScopes());
    OAuth2User user = userService.loadUser(request);
    assertThat(user.getAuthorities()).hasSize(1);
    Iterator<? extends GrantedAuthority> authorities = user.getAuthorities().iterator();
    assertThat(authorities.next()).isInstanceOf(OAuth2UserAuthority.class);
}

Example 13 with OAuth2User

use of org.springframework.security.oauth2.core.user.OAuth2User in project spring-security by spring-projects.

the class DefaultOAuth2UserServiceTests method loadUserWhenUserInfoSuccessResponseThenReturnUser.

@Test
public void loadUserWhenUserInfoSuccessResponseThenReturnUser() {
    // @formatter:off
    String userInfoResponse = "{\n" + "   \"user-name\": \"user1\",\n" + "   \"first-name\": \"first\",\n" + "   \"last-name\": \"last\",\n" + "   \"middle-name\": \"middle\",\n" + "   \"address\": \"address\",\n" + "   \"email\": \"user1@example.com\"\n" + "}\n";
    // @formatter:on
    this.server.enqueue(jsonResponse(userInfoResponse));
    String userInfoUri = this.server.url("/user").toString();
    ClientRegistration clientRegistration = this.clientRegistrationBuilder.userInfoUri(userInfoUri).userInfoAuthenticationMethod(AuthenticationMethod.HEADER).userNameAttributeName("user-name").build();
    OAuth2User user = this.userService.loadUser(new OAuth2UserRequest(clientRegistration, this.accessToken));
    assertThat(user.getName()).isEqualTo("user1");
    assertThat(user.getAttributes().size()).isEqualTo(6);
    assertThat((String) user.getAttribute("user-name")).isEqualTo("user1");
    assertThat((String) user.getAttribute("first-name")).isEqualTo("first");
    assertThat((String) user.getAttribute("last-name")).isEqualTo("last");
    assertThat((String) user.getAttribute("middle-name")).isEqualTo("middle");
    assertThat((String) user.getAttribute("address")).isEqualTo("address");
    assertThat((String) user.getAttribute("email")).isEqualTo("user1@example.com");
    assertThat(user.getAuthorities().size()).isEqualTo(1);
    assertThat(user.getAuthorities().iterator().next()).isInstanceOf(OAuth2UserAuthority.class);
    OAuth2UserAuthority userAuthority = (OAuth2UserAuthority) user.getAuthorities().iterator().next();
    assertThat(userAuthority.getAuthority()).isEqualTo("ROLE_USER");
    assertThat(userAuthority.getAttributes()).isEqualTo(user.getAttributes());
}

Example 14 with OAuth2User

use of org.springframework.security.oauth2.core.user.OAuth2User in project spring-security by spring-projects.

the class OidcReactiveOAuth2UserServiceTests method loadUserWhenOAuth2UserSubjectNullThenOAuth2AuthenticationException.

@Test
public void loadUserWhenOAuth2UserSubjectNullThenOAuth2AuthenticationException() {
    OAuth2User oauth2User = new DefaultOAuth2User(AuthorityUtils.createAuthorityList("ROLE_USER"), Collections.singletonMap("user", "rob"), "user");
    given(this.oauth2UserService.loadUser(any())).willReturn(Mono.just(oauth2User));
    assertThatExceptionOfType(OAuth2AuthenticationException.class).isThrownBy(() -> this.userService.loadUser(userRequest()).block());
}

Example 15 with OAuth2User

use of org.springframework.security.oauth2.core.user.OAuth2User in project spring-security by spring-projects.

the class OidcReactiveOAuth2UserServiceTests method loadUserWhenOAuth2UserAndUser.

@Test
public void loadUserWhenOAuth2UserAndUser() {
    this.registration.userNameAttributeName("user");
    Map<String, Object> attributes = new HashMap<>();
    attributes.put(StandardClaimNames.SUB, "subject");
    attributes.put("user", "rob");
    OAuth2User oauth2User = new DefaultOAuth2User(AuthorityUtils.createAuthorityList("ROLE_USER"), attributes, "user");
    given(this.oauth2UserService.loadUser(any())).willReturn(Mono.just(oauth2User));
    assertThat(this.userService.loadUser(userRequest()).block().getName()).isEqualTo("rob");
}