Example 1 with JwtDecoder
use of org.springframework.security.oauth2.jwt.JwtDecoder in project spring-security by spring-projects.
the class OAuth2ResourceServerBeanDefinitionParserTests method requestWhenFormLoginAndResourceServerEntryPointsThenSessionCreatedByRequest.
@Test
public void requestWhenFormLoginAndResourceServerEntryPointsThenSessionCreatedByRequest() throws Exception {
// different from DSL
this.spring.configLocations(xml("MockJwtDecoder"), xml("FormAndResourceServer")).autowire();
JwtDecoder decoder = this.spring.getContext().getBean(JwtDecoder.class);
given(decoder.decode(anyString())).willThrow(BadJwtException.class);
MvcResult result = this.mvc.perform(get("/authenticated")).andExpect(status().isUnauthorized()).andReturn();
assertThat(result.getRequest().getSession(false)).isNotNull();
// @formatter:off
result = this.mvc.perform(get("/authenticated").header("Authorization", "Bearer token")).andExpect(status().isUnauthorized()).andReturn();
// @formatter:on
assertThat(result.getRequest().getSession(false)).isNull();
}
Also used :
NimbusJwtDecoder(org.springframework.security.oauth2.jwt.NimbusJwtDecoder)
JwtDecoder(org.springframework.security.oauth2.jwt.JwtDecoder)
MvcResult(org.springframework.test.web.servlet.MvcResult)
Test(org.junit.jupiter.api.Test)
Example 2 with JwtDecoder
use of org.springframework.security.oauth2.jwt.JwtDecoder in project spring-security by spring-projects.
the class OAuth2ResourceServerBeanDefinitionParserTests method requestWhenBearerTokenResolverAllowsRequestBodyThenEitherHeaderOrRequestBodyIsAccepted.
@Test
public void requestWhenBearerTokenResolverAllowsRequestBodyThenEitherHeaderOrRequestBodyIsAccepted() throws Exception {
this.spring.configLocations(xml("MockJwtDecoder"), xml("AllowBearerTokenInBody")).autowire();
JwtDecoder decoder = this.spring.getContext().getBean(JwtDecoder.class);
given(decoder.decode(anyString())).willReturn(TestJwts.jwt().build());
// @formatter:off
this.mvc.perform(get("/authenticated").header("Authorization", "Bearer token")).andExpect(status().isNotFound());
this.mvc.perform(post("/authenticated").header(HttpHeaders.CONTENT_TYPE, MediaType.APPLICATION_FORM_URLENCODED_VALUE).param("access_token", "token")).andExpect(status().isNotFound());
// @formatter:on
}
Also used :
NimbusJwtDecoder(org.springframework.security.oauth2.jwt.NimbusJwtDecoder)
JwtDecoder(org.springframework.security.oauth2.jwt.JwtDecoder)
Test(org.junit.jupiter.api.Test)
Example 3 with JwtDecoder
use of org.springframework.security.oauth2.jwt.JwtDecoder in project spring-security by spring-projects.
the class OAuth2ResourceServerBeanDefinitionParserTests method requestWhenRealmNameConfiguredThenUsesOnUnauthenticated.
@Test
public void requestWhenRealmNameConfiguredThenUsesOnUnauthenticated() throws Exception {
this.spring.configLocations(xml("MockJwtDecoder"), xml("AuthenticationEntryPoint")).autowire();
JwtDecoder decoder = this.spring.getContext().getBean(JwtDecoder.class);
Mockito.when(decoder.decode(anyString())).thenThrow(BadJwtException.class);
// @formatter:off
this.mvc.perform(get("/authenticated").header("Authorization", "Bearer invalid_token")).andExpect(status().isUnauthorized()).andExpect(header().string(HttpHeaders.WWW_AUTHENTICATE, startsWith("Bearer realm=\"myRealm\"")));
// @formatter:on
}
Also used :
NimbusJwtDecoder(org.springframework.security.oauth2.jwt.NimbusJwtDecoder)
JwtDecoder(org.springframework.security.oauth2.jwt.JwtDecoder)
Test(org.junit.jupiter.api.Test)
Example 4 with JwtDecoder
use of org.springframework.security.oauth2.jwt.JwtDecoder in project spring-security by spring-projects.
the class OAuth2ResourceServerBeanDefinitionParserTests method requestWhenJwtAuthenticationConverterThenUsed.
@Test
public void requestWhenJwtAuthenticationConverterThenUsed() throws Exception {
this.spring.configLocations(xml("MockJwtDecoder"), xml("MockJwtAuthenticationConverter"), xml("JwtAuthenticationConverter")).autowire();
Converter<Jwt, JwtAuthenticationToken> jwtAuthenticationConverter = (Converter<Jwt, JwtAuthenticationToken>) this.spring.getContext().getBean("jwtAuthenticationConverter");
given(jwtAuthenticationConverter.convert(any(Jwt.class))).willReturn(new JwtAuthenticationToken(TestJwts.jwt().build(), Collections.emptyList()));
JwtDecoder jwtDecoder = this.spring.getContext().getBean(JwtDecoder.class);
given(jwtDecoder.decode(anyString())).willReturn(TestJwts.jwt().build());
// @formatter:off
this.mvc.perform(get("/").header("Authorization", "Bearer token")).andExpect(status().isNotFound());
// @formatter:on
verify(jwtAuthenticationConverter).convert(any(Jwt.class));
}
Also used :
JwtAuthenticationToken(org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationToken)
Jwt(org.springframework.security.oauth2.jwt.Jwt)
NimbusJwtDecoder(org.springframework.security.oauth2.jwt.NimbusJwtDecoder)
JwtDecoder(org.springframework.security.oauth2.jwt.JwtDecoder)
Converter(org.springframework.core.convert.converter.Converter)
Test(org.junit.jupiter.api.Test)
Example 5 with JwtDecoder
use of org.springframework.security.oauth2.jwt.JwtDecoder in project spring-security by spring-projects.
the class OAuth2ResourceServerSpecTests method getWhenCustomDecoderThenAuthenticatesAccordingly.
@Test
public void getWhenCustomDecoderThenAuthenticatesAccordingly() {
this.spring.register(CustomDecoderConfig.class, RootController.class).autowire();
ReactiveJwtDecoder jwtDecoder = this.spring.getContext().getBean(ReactiveJwtDecoder.class);
given(jwtDecoder.decode(anyString())).willReturn(Mono.just(this.jwt));
// @formatter:off
this.client.get().headers((headers) -> headers.setBearerAuth("token")).exchange().expectStatus().isOk();
// @formatter:on
verify(jwtDecoder).decode(anyString());
}
Also used :
JwtAuthenticationConverter(org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationConverter)
Assertions.assertThat(org.assertj.core.api.Assertions.assertThat)
Autowired(org.springframework.beans.factory.annotation.Autowired)
CoreMatchers.startsWith(org.hamcrest.CoreMatchers.startsWith)
RSAPublicKey(java.security.interfaces.RSAPublicKey)
ExtendWith(org.junit.jupiter.api.extension.ExtendWith)
BDDMockito.given(org.mockito.BDDMockito.given)
RSAPublicKeySpec(java.security.spec.RSAPublicKeySpec)
MockWebServer(okhttp3.mockwebserver.MockWebServer)
ReactiveAuthenticationManager(org.springframework.security.authentication.ReactiveAuthenticationManager)
BigInteger(java.math.BigInteger)
ReactiveAuthenticationManagerResolver(org.springframework.security.authentication.ReactiveAuthenticationManagerResolver)
Jwt(org.springframework.security.oauth2.jwt.Jwt)
HttpHeaders(org.apache.http.HttpHeaders)
ReactiveJwtDecoder(org.springframework.security.oauth2.jwt.ReactiveJwtDecoder)
PostMapping(org.springframework.web.bind.annotation.PostMapping)
RecordedRequest(okhttp3.mockwebserver.RecordedRequest)
MediaType(org.springframework.http.MediaType)
OAuth2AuthenticationException(org.springframework.security.oauth2.core.OAuth2AuthenticationException)
TestJwts(org.springframework.security.oauth2.jwt.TestJwts)
PreDestroy(jakarta.annotation.PreDestroy)
Collectors(java.util.stream.Collectors)
RestController(org.springframework.web.bind.annotation.RestController)
KeyFactory(java.security.KeyFactory)
Test(org.junit.jupiter.api.Test)
Base64(java.util.Base64)
Stream(java.util.stream.Stream)
AbstractAuthenticationToken(org.springframework.security.authentication.AbstractAuthenticationToken)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
Optional(java.util.Optional)
MockResponse(okhttp3.mockwebserver.MockResponse)
Authentication(org.springframework.security.core.Authentication)
Mockito.mock(org.mockito.Mockito.mock)
ArgumentMatchers.any(org.mockito.ArgumentMatchers.any)
ReactiveJwtAuthenticationConverterAdapter(org.springframework.security.oauth2.server.resource.authentication.ReactiveJwtAuthenticationConverterAdapter)
InvalidKeySpecException(java.security.spec.InvalidKeySpecException)
ReactiveJwtAuthenticationConverter(org.springframework.security.oauth2.server.resource.authentication.ReactiveJwtAuthenticationConverter)
SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority)
DispatcherHandler(org.springframework.web.reactive.DispatcherHandler)
ServerWebExchange(org.springframework.web.server.ServerWebExchange)
Value(org.springframework.beans.factory.annotation.Value)
ServerAuthenticationConverter(org.springframework.security.web.server.authentication.ServerAuthenticationConverter)
WebTestClient(org.springframework.test.web.reactive.server.WebTestClient)
EnableWebFlux(org.springframework.web.reactive.config.EnableWebFlux)
Dispatcher(okhttp3.mockwebserver.Dispatcher)
BeanCreationException(org.springframework.beans.factory.BeanCreationException)
EnableWebFluxSecurity(org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity)
Assertions.assertThatExceptionOfType(org.assertj.core.api.Assertions.assertThatExceptionOfType)
GetMapping(org.springframework.web.bind.annotation.GetMapping)
NoUniqueBeanDefinitionException(org.springframework.beans.factory.NoUniqueBeanDefinitionException)
Converter(org.springframework.core.convert.converter.Converter)
IOException(java.io.IOException)
Mono(reactor.core.publisher.Mono)
ApplicationContext(org.springframework.context.ApplicationContext)
Mockito.verify(org.mockito.Mockito.verify)
HttpStatus(org.springframework.http.HttpStatus)
SecurityWebFilterChain(org.springframework.security.web.server.SecurityWebFilterChain)
HttpStatusServerEntryPoint(org.springframework.security.web.server.authentication.HttpStatusServerEntryPoint)
SpringTestContext(org.springframework.security.config.test.SpringTestContext)
NoSuchBeanDefinitionException(org.springframework.beans.factory.NoSuchBeanDefinitionException)
HttpStatusServerAccessDeniedHandler(org.springframework.security.web.server.authorization.HttpStatusServerAccessDeniedHandler)
GenericWebApplicationContext(org.springframework.web.context.support.GenericWebApplicationContext)
SpringTestContextExtension(org.springframework.security.config.test.SpringTestContextExtension)
OAuth2Error(org.springframework.security.oauth2.core.OAuth2Error)
Bean(org.springframework.context.annotation.Bean)
BearerTokenAuthenticationToken(org.springframework.security.oauth2.server.resource.BearerTokenAuthenticationToken)
ArgumentMatchers.anyString(org.mockito.ArgumentMatchers.anyString)
ReactiveJwtDecoder(org.springframework.security.oauth2.jwt.ReactiveJwtDecoder)
Test(org.junit.jupiter.api.Test)
Aggregations
Test (org.junit.jupiter.api.Test)37
NimbusJwtDecoder (org.springframework.security.oauth2.jwt.NimbusJwtDecoder)34
JwtDecoder (org.springframework.security.oauth2.jwt.JwtDecoder)33
Jwt (org.springframework.security.oauth2.jwt.Jwt)9
GenericWebApplicationContext (org.springframework.web.context.support.GenericWebApplicationContext)6
Map (java.util.Map)4
ApplicationContext (org.springframework.context.ApplicationContext)4
ClientRegistration (org.springframework.security.oauth2.client.registration.ClientRegistration)4
RSAKey (com.nimbusds.jose.jwk.RSAKey)3
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)3
Base64 (java.util.Base64)3
Assertions.assertThat (org.assertj.core.api.Assertions.assertThat)3
Assertions.assertThatExceptionOfType (org.assertj.core.api.Assertions.assertThatExceptionOfType)3
ArgumentMatchers.any (org.mockito.ArgumentMatchers.any)3
BDDMockito.given (org.mockito.BDDMockito.given)3
Mockito.mock (org.mockito.Mockito.mock)3
GenericApplicationContext (org.springframework.context.support.GenericApplicationContext)3
Converter (org.springframework.core.convert.converter.Converter)3
HttpStatus (org.springframework.http.HttpStatus)3
JWKSource (com.nimbusds.jose.jwk.source.JWKSource)2
