Examples with JoseHeader org.springframework.security.oauth2.jwt.JoseHeader used on opensource projects

Search in sources :

Example 1 with JoseHeader

use of org.springframework.security.oauth2.jwt.JoseHeader in project spring-authorization-server by spring-projects.

the class JwtGeneratorTests method assertGeneratedTokenType.

private void assertGeneratedTokenType(OAuth2TokenContext tokenContext) {
    this.jwtGenerator.generate(tokenContext);
    ArgumentCaptor<JwtEncodingContext> jwtEncodingContextCaptor = ArgumentCaptor.forClass(JwtEncodingContext.class);
    verify(this.jwtCustomizer).customize(jwtEncodingContextCaptor.capture());
    JwtEncodingContext jwtEncodingContext = jwtEncodingContextCaptor.getValue();
    assertThat(jwtEncodingContext.getHeaders()).isNotNull();
    assertThat(jwtEncodingContext.getClaims()).isNotNull();
    assertThat(jwtEncodingContext.getRegisteredClient()).isEqualTo(tokenContext.getRegisteredClient());
    assertThat(jwtEncodingContext.<Authentication>getPrincipal()).isEqualTo(tokenContext.getPrincipal());
    assertThat(jwtEncodingContext.getAuthorization()).isEqualTo(tokenContext.getAuthorization());
    assertThat(jwtEncodingContext.getAuthorizedScopes()).isEqualTo(tokenContext.getAuthorizedScopes());
    assertThat(jwtEncodingContext.getTokenType()).isEqualTo(tokenContext.getTokenType());
    assertThat(jwtEncodingContext.getAuthorizationGrantType()).isEqualTo(tokenContext.getAuthorizationGrantType());
    assertThat(jwtEncodingContext.<Authentication>getAuthorizationGrant()).isEqualTo(tokenContext.getAuthorizationGrant());
    ArgumentCaptor<JoseHeader> joseHeaderCaptor = ArgumentCaptor.forClass(JoseHeader.class);
    ArgumentCaptor<JwtClaimsSet> jwtClaimsSetCaptor = ArgumentCaptor.forClass(JwtClaimsSet.class);
    verify(this.jwtEncoder).encode(joseHeaderCaptor.capture(), jwtClaimsSetCaptor.capture());
    JoseHeader joseHeader = joseHeaderCaptor.getValue();
    assertThat(joseHeader.<JwsAlgorithm>getAlgorithm()).isEqualTo(SignatureAlgorithm.RS256);
    JwtClaimsSet jwtClaimsSet = jwtClaimsSetCaptor.getValue();
    assertThat(jwtClaimsSet.getIssuer().toExternalForm()).isEqualTo(tokenContext.getProviderContext().getIssuer());
    assertThat(jwtClaimsSet.getSubject()).isEqualTo(tokenContext.getAuthorization().getPrincipalName());
    assertThat(jwtClaimsSet.getAudience()).containsExactly(tokenContext.getRegisteredClient().getClientId());
    Instant issuedAt = Instant.now();
    Instant expiresAt;
    if (tokenContext.getTokenType().equals(OAuth2TokenType.ACCESS_TOKEN)) {
        expiresAt = issuedAt.plus(tokenContext.getRegisteredClient().getTokenSettings().getAccessTokenTimeToLive());
    } else {
        expiresAt = issuedAt.plus(30, ChronoUnit.MINUTES);
    }
    assertThat(jwtClaimsSet.getIssuedAt()).isBetween(issuedAt.minusSeconds(1), issuedAt.plusSeconds(1));
    assertThat(jwtClaimsSet.getExpiresAt()).isBetween(expiresAt.minusSeconds(1), expiresAt.plusSeconds(1));
    if (tokenContext.getTokenType().equals(OAuth2TokenType.ACCESS_TOKEN)) {
        assertThat(jwtClaimsSet.getNotBefore()).isBetween(issuedAt.minusSeconds(1), issuedAt.plusSeconds(1));
        Set<String> scopes = jwtClaimsSet.getClaim(OAuth2ParameterNames.SCOPE);
        assertThat(scopes).isEqualTo(tokenContext.getAuthorizedScopes());
    } else {
        assertThat(jwtClaimsSet.<String>getClaim(IdTokenClaimNames.AZP)).isEqualTo(tokenContext.getRegisteredClient().getClientId());
        OAuth2AuthorizationRequest authorizationRequest = tokenContext.getAuthorization().getAttribute(OAuth2AuthorizationRequest.class.getName());
        String nonce = (String) authorizationRequest.getAdditionalParameters().get(OidcParameterNames.NONCE);
        assertThat(jwtClaimsSet.<String>getClaim(IdTokenClaimNames.NONCE)).isEqualTo(nonce);
    }
}
Also used : JwsAlgorithm(org.springframework.security.oauth2.jose.jws.JwsAlgorithm) JwtClaimsSet(org.springframework.security.oauth2.jwt.JwtClaimsSet) Authentication(org.springframework.security.core.Authentication) Instant(java.time.Instant) JoseHeader(org.springframework.security.oauth2.jwt.JoseHeader) OAuth2AuthorizationRequest(org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest)

Example 2 with JoseHeader

use of org.springframework.security.oauth2.jwt.JoseHeader in project spring-authorization-server by spring-projects.

the class JwtGenerator method generate.

@Nullable
@Override
public Jwt generate(OAuth2TokenContext context) {
    if (context.getTokenType() == null || (!OAuth2TokenType.ACCESS_TOKEN.equals(context.getTokenType()) && !OidcParameterNames.ID_TOKEN.equals(context.getTokenType().getValue()))) {
        return null;
    }
    if (OAuth2TokenType.ACCESS_TOKEN.equals(context.getTokenType()) && !OAuth2TokenFormat.SELF_CONTAINED.equals(context.getRegisteredClient().getTokenSettings().getAccessTokenFormat())) {
        return null;
    }
    String issuer = null;
    if (context.getProviderContext() != null) {
        issuer = context.getProviderContext().getIssuer();
    }
    RegisteredClient registeredClient = context.getRegisteredClient();
    Instant issuedAt = Instant.now();
    Instant expiresAt;
    if (OidcParameterNames.ID_TOKEN.equals(context.getTokenType().getValue())) {
        // TODO Allow configuration for ID Token time-to-live
        expiresAt = issuedAt.plus(30, ChronoUnit.MINUTES);
    } else {
        expiresAt = issuedAt.plus(registeredClient.getTokenSettings().getAccessTokenTimeToLive());
    }
    // @formatter:off
    JwtClaimsSet.Builder claimsBuilder = JwtClaimsSet.builder();
    if (StringUtils.hasText(issuer)) {
        claimsBuilder.issuer(issuer);
    }
    claimsBuilder.subject(context.getPrincipal().getName()).audience(Collections.singletonList(registeredClient.getClientId())).issuedAt(issuedAt).expiresAt(expiresAt);
    if (OAuth2TokenType.ACCESS_TOKEN.equals(context.getTokenType())) {
        claimsBuilder.notBefore(issuedAt);
        if (!CollectionUtils.isEmpty(context.getAuthorizedScopes())) {
            claimsBuilder.claim(OAuth2ParameterNames.SCOPE, context.getAuthorizedScopes());
        }
    } else if (OidcParameterNames.ID_TOKEN.equals(context.getTokenType().getValue())) {
        claimsBuilder.claim(IdTokenClaimNames.AZP, registeredClient.getClientId());
        if (AuthorizationGrantType.AUTHORIZATION_CODE.equals(context.getAuthorizationGrantType())) {
            OAuth2AuthorizationRequest authorizationRequest = context.getAuthorization().getAttribute(OAuth2AuthorizationRequest.class.getName());
            String nonce = (String) authorizationRequest.getAdditionalParameters().get(OidcParameterNames.NONCE);
            if (StringUtils.hasText(nonce)) {
                claimsBuilder.claim(IdTokenClaimNames.NONCE, nonce);
            }
        }
    // TODO Add 'auth_time' claim
    }
    // @formatter:on
    JoseHeader.Builder headersBuilder = JoseHeader.withAlgorithm(SignatureAlgorithm.RS256);
    if (this.jwtCustomizer != null) {
        // @formatter:off
        JwtEncodingContext.Builder jwtContextBuilder = JwtEncodingContext.with(headersBuilder, claimsBuilder).registeredClient(context.getRegisteredClient()).principal(context.getPrincipal()).providerContext(context.getProviderContext()).authorizedScopes(context.getAuthorizedScopes()).tokenType(context.getTokenType()).authorizationGrantType(context.getAuthorizationGrantType());
        if (context.getAuthorization() != null) {
            jwtContextBuilder.authorization(context.getAuthorization());
        }
        if (context.getAuthorizationGrant() != null) {
            jwtContextBuilder.authorizationGrant(context.getAuthorizationGrant());
        }
        // @formatter:on
        JwtEncodingContext jwtContext = jwtContextBuilder.build();
        this.jwtCustomizer.customize(jwtContext);
    }
    JoseHeader headers = headersBuilder.build();
    JwtClaimsSet claims = claimsBuilder.build();
    Jwt jwt = this.jwtEncoder.encode(headers, claims);
    return jwt;
}
Also used : JwtClaimsSet(org.springframework.security.oauth2.jwt.JwtClaimsSet) Jwt(org.springframework.security.oauth2.jwt.Jwt) Instant(java.time.Instant) JoseHeader(org.springframework.security.oauth2.jwt.JoseHeader) OAuth2AuthorizationRequest(org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest) RegisteredClient(org.springframework.security.oauth2.server.authorization.client.RegisteredClient) Nullable(org.springframework.lang.Nullable)

Example 3 with JoseHeader

use of org.springframework.security.oauth2.jwt.JoseHeader in project spring-authorization-server by spring-projects.

the class OidcClientRegistrationEndpointFilterTests method createJwt.

private static Jwt createJwt(String scope) {
    // @formatter:off
    JoseHeader joseHeader = TestJoseHeaders.joseHeader().build();
    JwtClaimsSet jwtClaimsSet = TestJwtClaimsSets.jwtClaimsSet().claim(OAuth2ParameterNames.SCOPE, Collections.singleton(scope)).build();
    Jwt jwt = Jwt.withTokenValue("jwt-access-token").headers(headers -> headers.putAll(joseHeader.getHeaders())).claims(claims -> claims.putAll(jwtClaimsSet.getClaims())).build();
    // @formatter:on
    return jwt;
}
Also used : ArgumentMatchers.any(org.mockito.ArgumentMatchers.any) OAuth2ParameterNames(org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames) FilterChain(javax.servlet.FilterChain) TestJoseHeaders(org.springframework.security.oauth2.jwt.TestJoseHeaders) OAuth2AuthorizationResponseType(org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationResponseType) Assertions.assertThat(org.assertj.core.api.Assertions.assertThat) MockClientHttpResponse(org.springframework.mock.http.client.MockClientHttpResponse) MockClientHttpRequest(org.springframework.mock.http.client.MockClientHttpRequest) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) Mockito.verifyNoInteractions(org.mockito.Mockito.verifyNoInteractions) JwtClaimsSet(org.springframework.security.oauth2.jwt.JwtClaimsSet) HttpServletRequest(javax.servlet.http.HttpServletRequest) ClientAuthenticationMethod(org.springframework.security.oauth2.core.ClientAuthenticationMethod) After(org.junit.After) SecurityContextHolder(org.springframework.security.core.context.SecurityContextHolder) Jwt(org.springframework.security.oauth2.jwt.Jwt) Before(org.junit.Before) JwtAuthenticationToken(org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationToken) AuthenticationManager(org.springframework.security.authentication.AuthenticationManager) HttpServletResponse(javax.servlet.http.HttpServletResponse) OAuth2AuthenticationException(org.springframework.security.oauth2.core.OAuth2AuthenticationException) Test(org.junit.Test) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) Mockito.when(org.mockito.Mockito.when) Instant(java.time.Instant) OAuth2ErrorCodes(org.springframework.security.oauth2.core.OAuth2ErrorCodes) Mockito.verify(org.mockito.Mockito.verify) OidcClientRegistrationAuthenticationToken(org.springframework.security.oauth2.server.authorization.oidc.authentication.OidcClientRegistrationAuthenticationToken) HttpStatus(org.springframework.http.HttpStatus) JoseHeader(org.springframework.security.oauth2.jwt.JoseHeader) OAuth2ErrorHttpMessageConverter(org.springframework.security.oauth2.core.http.converter.OAuth2ErrorHttpMessageConverter) SecurityContext(org.springframework.security.core.context.SecurityContext) SignatureAlgorithm(org.springframework.security.oauth2.jose.jws.SignatureAlgorithm) HttpMessageConverter(org.springframework.http.converter.HttpMessageConverter) OidcClientRegistration(org.springframework.security.oauth2.core.oidc.OidcClientRegistration) Assertions.assertThatIllegalArgumentException(org.assertj.core.api.Assertions.assertThatIllegalArgumentException) OAuth2Error(org.springframework.security.oauth2.core.OAuth2Error) TestJwtClaimsSets(org.springframework.security.oauth2.jwt.TestJwtClaimsSets) OidcClientRegistrationHttpMessageConverter(org.springframework.security.oauth2.core.oidc.http.converter.OidcClientRegistrationHttpMessageConverter) Collections(java.util.Collections) AuthorityUtils(org.springframework.security.core.authority.AuthorityUtils) AuthorizationGrantType(org.springframework.security.oauth2.core.AuthorizationGrantType) Mockito.mock(org.mockito.Mockito.mock) JwtClaimsSet(org.springframework.security.oauth2.jwt.JwtClaimsSet) Jwt(org.springframework.security.oauth2.jwt.Jwt) JoseHeader(org.springframework.security.oauth2.jwt.JoseHeader)

Example 4 with JoseHeader

use of org.springframework.security.oauth2.jwt.JoseHeader in project spring-authorization-server by spring-projects.

the class OidcClientRegistrationTests method registerClient.

private OidcClientRegistration registerClient(OidcClientRegistration clientRegistration) throws Exception {
    // ***** (1) Obtain the "initial" access token used for registering the client
    String clientRegistrationScope = "client.create";
    // @formatter:off
    RegisteredClient clientRegistrar = RegisteredClient.withId("client-registrar-1").clientId("client-registrar-1").clientAuthenticationMethod(ClientAuthenticationMethod.PRIVATE_KEY_JWT).authorizationGrantType(AuthorizationGrantType.CLIENT_CREDENTIALS).scope(clientRegistrationScope).clientSettings(ClientSettings.builder().jwkSetUrl(this.clientJwkSetUrl).tokenEndpointAuthenticationSigningAlgorithm(SignatureAlgorithm.RS256).build()).build();
    // @formatter:on
    this.registeredClientRepository.save(clientRegistrar);
    // @formatter:off
    JoseHeader joseHeader = JoseHeader.withAlgorithm(SignatureAlgorithm.RS256).build();
    JwtClaimsSet jwtClaimsSet = jwtClientAssertionClaims(clientRegistrar).build();
    // @formatter:on
    Jwt jwtAssertion = jwtClientAssertionEncoder.encode(joseHeader, jwtClaimsSet);
    MvcResult mvcResult = this.mvc.perform(post(DEFAULT_TOKEN_ENDPOINT_URI).param(OAuth2ParameterNames.GRANT_TYPE, AuthorizationGrantType.CLIENT_CREDENTIALS.getValue()).param(OAuth2ParameterNames.SCOPE, clientRegistrationScope).param(OAuth2ParameterNames.CLIENT_ASSERTION_TYPE, "urn:ietf:params:oauth:client-assertion-type:jwt-bearer").param(OAuth2ParameterNames.CLIENT_ASSERTION, jwtAssertion.getTokenValue()).param(OAuth2ParameterNames.CLIENT_ID, clientRegistrar.getClientId())).andExpect(status().isOk()).andExpect(jsonPath("$.access_token").isNotEmpty()).andExpect(jsonPath("$.scope").value(clientRegistrationScope)).andReturn();
    OAuth2AccessToken accessToken = readAccessTokenResponse(mvcResult.getResponse()).getAccessToken();
    // ***** (2) Register the client
    HttpHeaders httpHeaders = new HttpHeaders();
    httpHeaders.setBearerAuth(accessToken.getTokenValue());
    // Register the client
    mvcResult = this.mvc.perform(post(DEFAULT_OIDC_CLIENT_REGISTRATION_ENDPOINT_URI).headers(httpHeaders).contentType(MediaType.APPLICATION_JSON).content(getClientRegistrationRequestContent(clientRegistration))).andExpect(status().isCreated()).andExpect(header().string(HttpHeaders.CACHE_CONTROL, containsString("no-store"))).andExpect(header().string(HttpHeaders.PRAGMA, containsString("no-cache"))).andReturn();
    return readClientRegistrationResponse(mvcResult.getResponse());
}
Also used : HttpHeaders(org.springframework.http.HttpHeaders) JwtClaimsSet(org.springframework.security.oauth2.jwt.JwtClaimsSet) Jwt(org.springframework.security.oauth2.jwt.Jwt) OAuth2AccessToken(org.springframework.security.oauth2.core.OAuth2AccessToken) JoseHeader(org.springframework.security.oauth2.jwt.JoseHeader) CoreMatchers.containsString(org.hamcrest.CoreMatchers.containsString) MvcResult(org.springframework.test.web.servlet.MvcResult) RegisteredClient(org.springframework.security.oauth2.server.authorization.client.RegisteredClient)

Example 5 with JoseHeader

use of org.springframework.security.oauth2.jwt.JoseHeader in project spring-authorization-server by spring-projects.

the class OidcUserInfoTests method createAuthorization.

private OAuth2Authorization createAuthorization() {
    JoseHeader headers = JoseHeader.withAlgorithm(SignatureAlgorithm.RS256).build();
    // @formatter:off
    JwtClaimsSet claimSet = JwtClaimsSet.builder().claims(claims -> claims.putAll(createUserInfo().getClaims())).build();
    // @formatter:on
    Jwt jwt = this.jwtEncoder.encode(headers, claimSet);
    Instant now = Instant.now();
    Set<String> scopes = new HashSet<>(Arrays.asList(OidcScopes.OPENID, OidcScopes.ADDRESS, OidcScopes.EMAIL, OidcScopes.PHONE, OidcScopes.PROFILE));
    OAuth2AccessToken accessToken = new OAuth2AccessToken(OAuth2AccessToken.TokenType.BEARER, jwt.getTokenValue(), now, now.plusSeconds(300), scopes);
    OidcIdToken idToken = OidcIdToken.withTokenValue("id-token").claims(claims -> claims.putAll(createUserInfo().getClaims())).build();
    return TestOAuth2Authorizations.authorization().accessToken(accessToken).token(idToken).build();
}
Also used : Arrays(java.util.Arrays) MockMvcResultMatchers.jsonPath(org.springframework.test.web.servlet.result.MockMvcResultMatchers.jsonPath) OAuth2AuthorizationServerConfiguration(org.springframework.security.config.annotation.web.configuration.OAuth2AuthorizationServerConfiguration) SpringTestRule(org.springframework.security.config.test.SpringTestRule) RegisteredClientRepository(org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository) Autowired(org.springframework.beans.factory.annotation.Autowired) JWKSet(com.nimbusds.jose.jwk.JWKSet) HttpSecurity(org.springframework.security.config.annotation.web.builders.HttpSecurity) HttpSessionSecurityContextRepository(org.springframework.security.web.context.HttpSessionSecurityContextRepository) TestOAuth2Authorizations(org.springframework.security.oauth2.server.authorization.TestOAuth2Authorizations) OidcScopes(org.springframework.security.oauth2.core.oidc.OidcScopes) OAuth2ResourceServerConfigurer(org.springframework.security.config.annotation.web.configurers.oauth2.server.resource.OAuth2ResourceServerConfigurer) Jwt(org.springframework.security.oauth2.jwt.Jwt) ProviderSettings(org.springframework.security.oauth2.server.authorization.config.ProviderSettings) JWKSource(com.nimbusds.jose.jwk.source.JWKSource) HttpHeaders(org.springframework.http.HttpHeaders) OidcUserInfoAuthenticationToken(org.springframework.security.oauth2.server.authorization.oidc.authentication.OidcUserInfoAuthenticationToken) Set(java.util.Set) Instant(java.time.Instant) RequestMatcher(org.springframework.security.web.util.matcher.RequestMatcher) ArgumentMatchers.any(org.mockito.ArgumentMatchers.any) SecurityContext(com.nimbusds.jose.proc.SecurityContext) BeforeClass(org.junit.BeforeClass) ResultMatcher(org.springframework.test.web.servlet.ResultMatcher) JwtEncoder(org.springframework.security.oauth2.jwt.JwtEncoder) Mockito.spy(org.mockito.Mockito.spy) Function(java.util.function.Function) HashSet(java.util.HashSet) JwtClaimsSet(org.springframework.security.oauth2.jwt.JwtClaimsSet) MockMvc(org.springframework.test.web.servlet.MockMvc) ResultMatcher.matchAll(org.springframework.test.web.servlet.ResultMatcher.matchAll) MockMvcResultMatchers.status(org.springframework.test.web.servlet.result.MockMvcResultMatchers.status) MockMvcRequestBuilders.post(org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post) OAuth2AccessToken(org.springframework.security.oauth2.core.OAuth2AccessToken) OidcUserInfo(org.springframework.security.oauth2.core.oidc.OidcUserInfo) Before(org.junit.Before) OAuth2Authorization(org.springframework.security.oauth2.server.authorization.OAuth2Authorization) OidcIdToken(org.springframework.security.oauth2.core.oidc.OidcIdToken) JwtAuthenticationToken(org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationToken) RegisteredClient(org.springframework.security.oauth2.server.authorization.client.RegisteredClient) ImmutableJWKSet(com.nimbusds.jose.jwk.source.ImmutableJWKSet) TestJwks(org.springframework.security.oauth2.jose.TestJwks) InMemoryOAuth2AuthorizationService(org.springframework.security.oauth2.server.authorization.InMemoryOAuth2AuthorizationService) Test(org.junit.Test) NimbusJwsEncoder(org.springframework.security.oauth2.jwt.NimbusJwsEncoder) TestRegisteredClients(org.springframework.security.oauth2.server.authorization.client.TestRegisteredClients) OAuth2AuthorizationService(org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService) SecurityFilterChain(org.springframework.security.web.SecurityFilterChain) Mockito.verify(org.mockito.Mockito.verify) JoseHeader(org.springframework.security.oauth2.jwt.JoseHeader) Mockito.never(org.mockito.Mockito.never) Rule(org.junit.Rule) JwtDecoder(org.springframework.security.oauth2.jwt.JwtDecoder) EnableWebSecurity(org.springframework.security.config.annotation.web.configuration.EnableWebSecurity) SignatureAlgorithm(org.springframework.security.oauth2.jose.jws.SignatureAlgorithm) InMemoryRegisteredClientRepository(org.springframework.security.oauth2.server.authorization.client.InMemoryRegisteredClientRepository) MockMvcRequestBuilders.get(org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get) SecurityContextRepository(org.springframework.security.web.context.SecurityContextRepository) Bean(org.springframework.context.annotation.Bean) Collections(java.util.Collections) Mockito.reset(org.mockito.Mockito.reset) OidcUserInfoAuthenticationContext(org.springframework.security.oauth2.server.authorization.oidc.authentication.OidcUserInfoAuthenticationContext) JwtClaimsSet(org.springframework.security.oauth2.jwt.JwtClaimsSet) OidcIdToken(org.springframework.security.oauth2.core.oidc.OidcIdToken) Jwt(org.springframework.security.oauth2.jwt.Jwt) OAuth2AccessToken(org.springframework.security.oauth2.core.OAuth2AccessToken) Instant(java.time.Instant) JoseHeader(org.springframework.security.oauth2.jwt.JoseHeader) HashSet(java.util.HashSet)

Aggregations

JoseHeader (org.springframework.security.oauth2.jwt.JoseHeader)8 Jwt (org.springframework.security.oauth2.jwt.Jwt)8 JwtClaimsSet (org.springframework.security.oauth2.jwt.JwtClaimsSet)8 RegisteredClient (org.springframework.security.oauth2.server.authorization.client.RegisteredClient)7 Instant (java.time.Instant)5 Test (org.junit.Test)5 Collections (java.util.Collections)4 Before (org.junit.Before)4 ArgumentMatchers.any (org.mockito.ArgumentMatchers.any)4 Mockito.verify (org.mockito.Mockito.verify)4 OAuth2ParameterNames (org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames)4 SignatureAlgorithm (org.springframework.security.oauth2.jose.jws.SignatureAlgorithm)4 OAuth2Authorization (org.springframework.security.oauth2.server.authorization.OAuth2Authorization)4 OAuth2AuthorizationService (org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService)4 ProviderSettings (org.springframework.security.oauth2.server.authorization.config.ProviderSettings)4 Assertions.assertThat (org.assertj.core.api.Assertions.assertThat)3 JwtEncoder (org.springframework.security.oauth2.jwt.JwtEncoder)3 JWKSet (com.nimbusds.jose.jwk.JWKSet)2 JWKSource (com.nimbusds.jose.jwk.source.JWKSource)2 SecurityContext (com.nimbusds.jose.proc.SecurityContext)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial