Search in sources :

Example 16 with OAuth2User

use of org.springframework.security.oauth2.core.user.OAuth2User in project spring-security by spring-projects.

the class OAuth2LoginAuthenticationProviderTests method authenticateWhenLoginSuccessThenReturnAuthentication.

@Test
public void authenticateWhenLoginSuccessThenReturnAuthentication() {
    OAuth2AccessTokenResponse accessTokenResponse = this.accessTokenSuccessResponse();
    given(this.accessTokenResponseClient.getTokenResponse(any())).willReturn(accessTokenResponse);
    OAuth2User principal = mock(OAuth2User.class);
    List<GrantedAuthority> authorities = AuthorityUtils.createAuthorityList("ROLE_USER");
    given(principal.getAuthorities()).willAnswer((Answer<List<GrantedAuthority>>) (invocation) -> authorities);
    given(this.userService.loadUser(any())).willReturn(principal);
    OAuth2LoginAuthenticationToken authentication = (OAuth2LoginAuthenticationToken) this.authenticationProvider.authenticate(new OAuth2LoginAuthenticationToken(this.clientRegistration, this.authorizationExchange));
    assertThat(authentication.isAuthenticated()).isTrue();
    assertThat(authentication.getPrincipal()).isEqualTo(principal);
    assertThat(authentication.getCredentials()).isEqualTo("");
    assertThat(authentication.getAuthorities()).isEqualTo(authorities);
    assertThat(authentication.getClientRegistration()).isEqualTo(this.clientRegistration);
    assertThat(authentication.getAuthorizationExchange()).isEqualTo(this.authorizationExchange);
    assertThat(authentication.getAccessToken()).isEqualTo(accessTokenResponse.getAccessToken());
    assertThat(authentication.getRefreshToken()).isEqualTo(accessTokenResponse.getRefreshToken());
}
Also used : OAuth2AccessTokenResponse(org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse) ArgumentMatchers.any(org.mockito.ArgumentMatchers.any) BeforeEach(org.junit.jupiter.api.BeforeEach) Arrays(java.util.Arrays) OAuth2UserRequest(org.springframework.security.oauth2.client.userinfo.OAuth2UserRequest) Assertions.assertThat(org.assertj.core.api.Assertions.assertThat) TestOAuth2AuthorizationRequests(org.springframework.security.oauth2.core.endpoint.TestOAuth2AuthorizationRequests) HashMap(java.util.HashMap) Answer(org.mockito.stubbing.Answer) ArgumentCaptor(org.mockito.ArgumentCaptor) BDDMockito.given(org.mockito.BDDMockito.given) Map(java.util.Map) Assertions.assertThatExceptionOfType(org.assertj.core.api.Assertions.assertThatExceptionOfType) OAuth2AccessToken(org.springframework.security.oauth2.core.OAuth2AccessToken) LinkedHashSet(java.util.LinkedHashSet) TestClientRegistrations(org.springframework.security.oauth2.client.registration.TestClientRegistrations) OAuth2AuthorizationResponse(org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationResponse) OAuth2AuthorizationExchange(org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationExchange) OAuth2AuthenticationException(org.springframework.security.oauth2.core.OAuth2AuthenticationException) OAuth2AuthorizationRequest(org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest) Set(java.util.Set) Instant(java.time.Instant) OAuth2ErrorCodes(org.springframework.security.oauth2.core.OAuth2ErrorCodes) OAuth2AccessTokenResponse(org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse) ClientRegistration(org.springframework.security.oauth2.client.registration.ClientRegistration) GrantedAuthority(org.springframework.security.core.GrantedAuthority) Test(org.junit.jupiter.api.Test) OAuth2AccessTokenResponseClient(org.springframework.security.oauth2.client.endpoint.OAuth2AccessTokenResponseClient) OAuth2AuthorizationCodeGrantRequest(org.springframework.security.oauth2.client.endpoint.OAuth2AuthorizationCodeGrantRequest) ArgumentMatchers.anyCollection(org.mockito.ArgumentMatchers.anyCollection) List(java.util.List) GrantedAuthoritiesMapper(org.springframework.security.core.authority.mapping.GrantedAuthoritiesMapper) OAuth2UserService(org.springframework.security.oauth2.client.userinfo.OAuth2UserService) OAuth2User(org.springframework.security.oauth2.core.user.OAuth2User) TestOAuth2AuthorizationResponses(org.springframework.security.oauth2.core.endpoint.TestOAuth2AuthorizationResponses) Assertions.assertThatIllegalArgumentException(org.assertj.core.api.Assertions.assertThatIllegalArgumentException) AuthorityUtils(org.springframework.security.core.authority.AuthorityUtils) Mockito.mock(org.mockito.Mockito.mock) OAuth2User(org.springframework.security.oauth2.core.user.OAuth2User) GrantedAuthority(org.springframework.security.core.GrantedAuthority) List(java.util.List) Test(org.junit.jupiter.api.Test)

Example 17 with OAuth2User

use of org.springframework.security.oauth2.core.user.OAuth2User in project spring-security by spring-projects.

the class OAuth2LoginAuthenticationProviderTests method authenticateWhenAuthoritiesMapperSetThenReturnMappedAuthorities.

@Test
public void authenticateWhenAuthoritiesMapperSetThenReturnMappedAuthorities() {
    OAuth2AccessTokenResponse accessTokenResponse = this.accessTokenSuccessResponse();
    given(this.accessTokenResponseClient.getTokenResponse(any())).willReturn(accessTokenResponse);
    OAuth2User principal = mock(OAuth2User.class);
    List<GrantedAuthority> authorities = AuthorityUtils.createAuthorityList("ROLE_USER");
    given(principal.getAuthorities()).willAnswer((Answer<List<GrantedAuthority>>) (invocation) -> authorities);
    given(this.userService.loadUser(any())).willReturn(principal);
    List<GrantedAuthority> mappedAuthorities = AuthorityUtils.createAuthorityList("ROLE_OAUTH2_USER");
    GrantedAuthoritiesMapper authoritiesMapper = mock(GrantedAuthoritiesMapper.class);
    given(authoritiesMapper.mapAuthorities(anyCollection())).willAnswer((Answer<List<GrantedAuthority>>) (invocation) -> mappedAuthorities);
    this.authenticationProvider.setAuthoritiesMapper(authoritiesMapper);
    OAuth2LoginAuthenticationToken authentication = (OAuth2LoginAuthenticationToken) this.authenticationProvider.authenticate(new OAuth2LoginAuthenticationToken(this.clientRegistration, this.authorizationExchange));
    assertThat(authentication.getAuthorities()).isEqualTo(mappedAuthorities);
}
Also used : OAuth2AccessTokenResponse(org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse) ArgumentMatchers.any(org.mockito.ArgumentMatchers.any) BeforeEach(org.junit.jupiter.api.BeforeEach) Arrays(java.util.Arrays) OAuth2UserRequest(org.springframework.security.oauth2.client.userinfo.OAuth2UserRequest) Assertions.assertThat(org.assertj.core.api.Assertions.assertThat) TestOAuth2AuthorizationRequests(org.springframework.security.oauth2.core.endpoint.TestOAuth2AuthorizationRequests) HashMap(java.util.HashMap) Answer(org.mockito.stubbing.Answer) ArgumentCaptor(org.mockito.ArgumentCaptor) BDDMockito.given(org.mockito.BDDMockito.given) Map(java.util.Map) Assertions.assertThatExceptionOfType(org.assertj.core.api.Assertions.assertThatExceptionOfType) OAuth2AccessToken(org.springframework.security.oauth2.core.OAuth2AccessToken) LinkedHashSet(java.util.LinkedHashSet) TestClientRegistrations(org.springframework.security.oauth2.client.registration.TestClientRegistrations) OAuth2AuthorizationResponse(org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationResponse) OAuth2AuthorizationExchange(org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationExchange) OAuth2AuthenticationException(org.springframework.security.oauth2.core.OAuth2AuthenticationException) OAuth2AuthorizationRequest(org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest) Set(java.util.Set) Instant(java.time.Instant) OAuth2ErrorCodes(org.springframework.security.oauth2.core.OAuth2ErrorCodes) OAuth2AccessTokenResponse(org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse) ClientRegistration(org.springframework.security.oauth2.client.registration.ClientRegistration) GrantedAuthority(org.springframework.security.core.GrantedAuthority) Test(org.junit.jupiter.api.Test) OAuth2AccessTokenResponseClient(org.springframework.security.oauth2.client.endpoint.OAuth2AccessTokenResponseClient) OAuth2AuthorizationCodeGrantRequest(org.springframework.security.oauth2.client.endpoint.OAuth2AuthorizationCodeGrantRequest) ArgumentMatchers.anyCollection(org.mockito.ArgumentMatchers.anyCollection) List(java.util.List) GrantedAuthoritiesMapper(org.springframework.security.core.authority.mapping.GrantedAuthoritiesMapper) OAuth2UserService(org.springframework.security.oauth2.client.userinfo.OAuth2UserService) OAuth2User(org.springframework.security.oauth2.core.user.OAuth2User) TestOAuth2AuthorizationResponses(org.springframework.security.oauth2.core.endpoint.TestOAuth2AuthorizationResponses) Assertions.assertThatIllegalArgumentException(org.assertj.core.api.Assertions.assertThatIllegalArgumentException) AuthorityUtils(org.springframework.security.core.authority.AuthorityUtils) Mockito.mock(org.mockito.Mockito.mock) OAuth2User(org.springframework.security.oauth2.core.user.OAuth2User) GrantedAuthority(org.springframework.security.core.GrantedAuthority) List(java.util.List) GrantedAuthoritiesMapper(org.springframework.security.core.authority.mapping.GrantedAuthoritiesMapper) Test(org.junit.jupiter.api.Test)

Example 18 with OAuth2User

use of org.springframework.security.oauth2.core.user.OAuth2User in project spring-security by spring-projects.

the class CustomUserTypesOAuth2UserServiceTests method loadUserWhenUserInfoSuccessResponseThenReturnUser.

@Test
public void loadUserWhenUserInfoSuccessResponseThenReturnUser() {
    // @formatter:off
    String userInfoResponse = "{\n" + "   \"id\": \"12345\",\n" + "   \"name\": \"first last\",\n" + "   \"login\": \"user1\",\n" + "   \"email\": \"user1@example.com\"\n" + "}\n";
    // @formatter:on
    this.server.enqueue(jsonResponse(userInfoResponse));
    String userInfoUri = this.server.url("/user").toString();
    ClientRegistration clientRegistration = this.clientRegistrationBuilder.userInfoUri(userInfoUri).build();
    OAuth2User user = this.userService.loadUser(new OAuth2UserRequest(clientRegistration, this.accessToken));
    assertThat(user.getName()).isEqualTo("first last");
    assertThat(user.getAttributes().size()).isEqualTo(4);
    assertThat((String) user.getAttribute("id")).isEqualTo("12345");
    assertThat((String) user.getAttribute("name")).isEqualTo("first last");
    assertThat((String) user.getAttribute("login")).isEqualTo("user1");
    assertThat((String) user.getAttribute("email")).isEqualTo("user1@example.com");
    assertThat(user.getAuthorities().size()).isEqualTo(1);
    assertThat(user.getAuthorities().iterator().next().getAuthority()).isEqualTo("ROLE_USER");
}
Also used : OAuth2User(org.springframework.security.oauth2.core.user.OAuth2User) ClientRegistration(org.springframework.security.oauth2.client.registration.ClientRegistration) Test(org.junit.jupiter.api.Test)

Example 19 with OAuth2User

use of org.springframework.security.oauth2.core.user.OAuth2User in project spring-security by spring-projects.

the class DefaultReactiveOAuth2UserServiceTests method loadUserWhenUserInfoSuccessResponseThenReturnUser.

@Test
public void loadUserWhenUserInfoSuccessResponseThenReturnUser() {
    // @formatter:off
    String userInfoResponse = "{\n" + "   \"id\": \"user1\",\n" + "   \"first-name\": \"first\",\n" + "   \"last-name\": \"last\",\n" + "   \"middle-name\": \"middle\",\n" + "   \"address\": \"address\",\n" + "   \"email\": \"user1@example.com\"\n" + "}\n";
    // @formatter:on
    enqueueApplicationJsonBody(userInfoResponse);
    OAuth2User user = this.userService.loadUser(oauth2UserRequest()).block();
    assertThat(user.getName()).isEqualTo("user1");
    assertThat(user.getAttributes().size()).isEqualTo(6);
    assertThat((String) user.getAttribute("id")).isEqualTo("user1");
    assertThat((String) user.getAttribute("first-name")).isEqualTo("first");
    assertThat((String) user.getAttribute("last-name")).isEqualTo("last");
    assertThat((String) user.getAttribute("middle-name")).isEqualTo("middle");
    assertThat((String) user.getAttribute("address")).isEqualTo("address");
    assertThat((String) user.getAttribute("email")).isEqualTo("user1@example.com");
    assertThat(user.getAuthorities().size()).isEqualTo(1);
    assertThat(user.getAuthorities().iterator().next()).isInstanceOf(OAuth2UserAuthority.class);
    OAuth2UserAuthority userAuthority = (OAuth2UserAuthority) user.getAuthorities().iterator().next();
    assertThat(userAuthority.getAuthority()).isEqualTo("ROLE_USER");
    assertThat(userAuthority.getAttributes()).isEqualTo(user.getAttributes());
}
Also used : OAuth2User(org.springframework.security.oauth2.core.user.OAuth2User) OAuth2UserAuthority(org.springframework.security.oauth2.core.user.OAuth2UserAuthority) Test(org.junit.jupiter.api.Test)

Example 20 with OAuth2User

use of org.springframework.security.oauth2.core.user.OAuth2User in project spring-security by spring-projects.

the class DefaultReactiveOAuth2UserServiceTests method loadUserWhenTokenDoesNotContainScopesThenNoScopeAuthorities.

@Test
public void loadUserWhenTokenDoesNotContainScopesThenNoScopeAuthorities() {
    Map<String, Object> body = new HashMap<>();
    body.put("id", "id");
    DefaultReactiveOAuth2UserService userService = withMockResponse(body);
    OAuth2UserRequest request = new OAuth2UserRequest(TestClientRegistrations.clientRegistration().build(), TestOAuth2AccessTokens.noScopes());
    OAuth2User user = userService.loadUser(request).block();
    assertThat(user.getAuthorities()).hasSize(1);
    Iterator<? extends GrantedAuthority> authorities = user.getAuthorities().iterator();
    assertThat(authorities.next()).isInstanceOf(OAuth2UserAuthority.class);
}
Also used : OAuth2User(org.springframework.security.oauth2.core.user.OAuth2User) HashMap(java.util.HashMap) Test(org.junit.jupiter.api.Test)

Aggregations

OAuth2User (org.springframework.security.oauth2.core.user.OAuth2User)46 Test (org.junit.jupiter.api.Test)37 HashMap (java.util.HashMap)22 ClientRegistration (org.springframework.security.oauth2.client.registration.ClientRegistration)16 DefaultOAuth2User (org.springframework.security.oauth2.core.user.DefaultOAuth2User)16 OAuth2AccessTokenResponse (org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse)14 OAuth2AccessToken (org.springframework.security.oauth2.core.OAuth2AccessToken)13 OAuth2AuthorizationRequest (org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest)13 GrantedAuthority (org.springframework.security.core.GrantedAuthority)12 OAuth2AuthenticationException (org.springframework.security.oauth2.core.OAuth2AuthenticationException)12 Map (java.util.Map)10 SimpleGrantedAuthority (org.springframework.security.core.authority.SimpleGrantedAuthority)10 OAuth2AuthenticationToken (org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken)10 OAuth2AuthorizedClient (org.springframework.security.oauth2.client.OAuth2AuthorizedClient)9 Authentication (org.springframework.security.core.Authentication)8 AuthorityUtils (org.springframework.security.core.authority.AuthorityUtils)8 OAuth2UserRequest (org.springframework.security.oauth2.client.userinfo.OAuth2UserRequest)8 OAuth2Error (org.springframework.security.oauth2.core.OAuth2Error)8 Assertions.assertThat (org.assertj.core.api.Assertions.assertThat)7 BeforeEach (org.junit.jupiter.api.BeforeEach)7