use of org.springframework.security.oauth2.core.user.OAuth2User in project spring-security by spring-projects.
the class OAuth2LoginAuthenticationProviderTests method authenticateWhenLoginSuccessThenReturnAuthentication.
@Test
public void authenticateWhenLoginSuccessThenReturnAuthentication() {
OAuth2AccessTokenResponse accessTokenResponse = this.accessTokenSuccessResponse();
given(this.accessTokenResponseClient.getTokenResponse(any())).willReturn(accessTokenResponse);
OAuth2User principal = mock(OAuth2User.class);
List<GrantedAuthority> authorities = AuthorityUtils.createAuthorityList("ROLE_USER");
given(principal.getAuthorities()).willAnswer((Answer<List<GrantedAuthority>>) (invocation) -> authorities);
given(this.userService.loadUser(any())).willReturn(principal);
OAuth2LoginAuthenticationToken authentication = (OAuth2LoginAuthenticationToken) this.authenticationProvider.authenticate(new OAuth2LoginAuthenticationToken(this.clientRegistration, this.authorizationExchange));
assertThat(authentication.isAuthenticated()).isTrue();
assertThat(authentication.getPrincipal()).isEqualTo(principal);
assertThat(authentication.getCredentials()).isEqualTo("");
assertThat(authentication.getAuthorities()).isEqualTo(authorities);
assertThat(authentication.getClientRegistration()).isEqualTo(this.clientRegistration);
assertThat(authentication.getAuthorizationExchange()).isEqualTo(this.authorizationExchange);
assertThat(authentication.getAccessToken()).isEqualTo(accessTokenResponse.getAccessToken());
assertThat(authentication.getRefreshToken()).isEqualTo(accessTokenResponse.getRefreshToken());
}
use of org.springframework.security.oauth2.core.user.OAuth2User in project spring-security by spring-projects.
the class OAuth2LoginAuthenticationProviderTests method authenticateWhenAuthoritiesMapperSetThenReturnMappedAuthorities.
@Test
public void authenticateWhenAuthoritiesMapperSetThenReturnMappedAuthorities() {
OAuth2AccessTokenResponse accessTokenResponse = this.accessTokenSuccessResponse();
given(this.accessTokenResponseClient.getTokenResponse(any())).willReturn(accessTokenResponse);
OAuth2User principal = mock(OAuth2User.class);
List<GrantedAuthority> authorities = AuthorityUtils.createAuthorityList("ROLE_USER");
given(principal.getAuthorities()).willAnswer((Answer<List<GrantedAuthority>>) (invocation) -> authorities);
given(this.userService.loadUser(any())).willReturn(principal);
List<GrantedAuthority> mappedAuthorities = AuthorityUtils.createAuthorityList("ROLE_OAUTH2_USER");
GrantedAuthoritiesMapper authoritiesMapper = mock(GrantedAuthoritiesMapper.class);
given(authoritiesMapper.mapAuthorities(anyCollection())).willAnswer((Answer<List<GrantedAuthority>>) (invocation) -> mappedAuthorities);
this.authenticationProvider.setAuthoritiesMapper(authoritiesMapper);
OAuth2LoginAuthenticationToken authentication = (OAuth2LoginAuthenticationToken) this.authenticationProvider.authenticate(new OAuth2LoginAuthenticationToken(this.clientRegistration, this.authorizationExchange));
assertThat(authentication.getAuthorities()).isEqualTo(mappedAuthorities);
}
use of org.springframework.security.oauth2.core.user.OAuth2User in project spring-security by spring-projects.
the class CustomUserTypesOAuth2UserServiceTests method loadUserWhenUserInfoSuccessResponseThenReturnUser.
@Test
public void loadUserWhenUserInfoSuccessResponseThenReturnUser() {
// @formatter:off
String userInfoResponse = "{\n" + " \"id\": \"12345\",\n" + " \"name\": \"first last\",\n" + " \"login\": \"user1\",\n" + " \"email\": \"user1@example.com\"\n" + "}\n";
// @formatter:on
this.server.enqueue(jsonResponse(userInfoResponse));
String userInfoUri = this.server.url("/user").toString();
ClientRegistration clientRegistration = this.clientRegistrationBuilder.userInfoUri(userInfoUri).build();
OAuth2User user = this.userService.loadUser(new OAuth2UserRequest(clientRegistration, this.accessToken));
assertThat(user.getName()).isEqualTo("first last");
assertThat(user.getAttributes().size()).isEqualTo(4);
assertThat((String) user.getAttribute("id")).isEqualTo("12345");
assertThat((String) user.getAttribute("name")).isEqualTo("first last");
assertThat((String) user.getAttribute("login")).isEqualTo("user1");
assertThat((String) user.getAttribute("email")).isEqualTo("user1@example.com");
assertThat(user.getAuthorities().size()).isEqualTo(1);
assertThat(user.getAuthorities().iterator().next().getAuthority()).isEqualTo("ROLE_USER");
}
use of org.springframework.security.oauth2.core.user.OAuth2User in project spring-security by spring-projects.
the class DefaultReactiveOAuth2UserServiceTests method loadUserWhenUserInfoSuccessResponseThenReturnUser.
@Test
public void loadUserWhenUserInfoSuccessResponseThenReturnUser() {
// @formatter:off
String userInfoResponse = "{\n" + " \"id\": \"user1\",\n" + " \"first-name\": \"first\",\n" + " \"last-name\": \"last\",\n" + " \"middle-name\": \"middle\",\n" + " \"address\": \"address\",\n" + " \"email\": \"user1@example.com\"\n" + "}\n";
// @formatter:on
enqueueApplicationJsonBody(userInfoResponse);
OAuth2User user = this.userService.loadUser(oauth2UserRequest()).block();
assertThat(user.getName()).isEqualTo("user1");
assertThat(user.getAttributes().size()).isEqualTo(6);
assertThat((String) user.getAttribute("id")).isEqualTo("user1");
assertThat((String) user.getAttribute("first-name")).isEqualTo("first");
assertThat((String) user.getAttribute("last-name")).isEqualTo("last");
assertThat((String) user.getAttribute("middle-name")).isEqualTo("middle");
assertThat((String) user.getAttribute("address")).isEqualTo("address");
assertThat((String) user.getAttribute("email")).isEqualTo("user1@example.com");
assertThat(user.getAuthorities().size()).isEqualTo(1);
assertThat(user.getAuthorities().iterator().next()).isInstanceOf(OAuth2UserAuthority.class);
OAuth2UserAuthority userAuthority = (OAuth2UserAuthority) user.getAuthorities().iterator().next();
assertThat(userAuthority.getAuthority()).isEqualTo("ROLE_USER");
assertThat(userAuthority.getAttributes()).isEqualTo(user.getAttributes());
}
use of org.springframework.security.oauth2.core.user.OAuth2User in project spring-security by spring-projects.
the class DefaultReactiveOAuth2UserServiceTests method loadUserWhenTokenDoesNotContainScopesThenNoScopeAuthorities.
@Test
public void loadUserWhenTokenDoesNotContainScopesThenNoScopeAuthorities() {
Map<String, Object> body = new HashMap<>();
body.put("id", "id");
DefaultReactiveOAuth2UserService userService = withMockResponse(body);
OAuth2UserRequest request = new OAuth2UserRequest(TestClientRegistrations.clientRegistration().build(), TestOAuth2AccessTokens.noScopes());
OAuth2User user = userService.loadUser(request).block();
assertThat(user.getAuthorities()).hasSize(1);
Iterator<? extends GrantedAuthority> authorities = user.getAuthorities().iterator();
assertThat(authorities.next()).isInstanceOf(OAuth2UserAuthority.class);
}
Aggregations