Examples with JwtDecoder org.springframework.security.oauth2.jwt.JwtDecoder used on opensource projects

Search in sources :

Example 16 with JwtDecoder

use of org.springframework.security.oauth2.jwt.JwtDecoder in project spring-security by spring-projects.

the class OAuth2ResourceServerConfigurerTests method requestWhenJwtAuthenticationConverterCustomizedAuthoritiesThenThoseAuthoritiesArePropagated.

@Test
public void requestWhenJwtAuthenticationConverterCustomizedAuthoritiesThenThoseAuthoritiesArePropagated() throws Exception {
    this.spring.register(JwtDecoderConfig.class, CustomAuthorityMappingConfig.class, BasicController.class).autowire();
    JwtDecoder decoder = this.spring.getContext().getBean(JwtDecoder.class);
    given(decoder.decode(JWT_TOKEN)).willReturn(JWT);
    // @formatter:off
    this.mvc.perform(get("/requires-read-scope").with(bearerToken(JWT_TOKEN))).andExpect(status().isOk());
// @formatter:on
}
Also used : NimbusJwtDecoder(org.springframework.security.oauth2.jwt.NimbusJwtDecoder) JwtDecoder(org.springframework.security.oauth2.jwt.JwtDecoder) Test(org.junit.jupiter.api.Test)

Example 17 with JwtDecoder

use of org.springframework.security.oauth2.jwt.JwtDecoder in project spring-security by spring-projects.

the class OAuth2ResourceServerConfigurerTests method requestWhenCustomJwtDecoderWiredOnDslThenUsed.

@Test
public void requestWhenCustomJwtDecoderWiredOnDslThenUsed() throws Exception {
    this.spring.register(CustomJwtDecoderOnDsl.class, BasicController.class).autowire();
    CustomJwtDecoderOnDsl config = this.spring.getContext().getBean(CustomJwtDecoderOnDsl.class);
    JwtDecoder decoder = config.decoder();
    given(decoder.decode(anyString())).willReturn(JWT);
    // @formatter:off
    this.mvc.perform(get("/authenticated").with(bearerToken(JWT_TOKEN))).andExpect(status().isOk()).andExpect(content().string(JWT_SUBJECT));
// @formatter:on
}
Also used : NimbusJwtDecoder(org.springframework.security.oauth2.jwt.NimbusJwtDecoder) JwtDecoder(org.springframework.security.oauth2.jwt.JwtDecoder) Test(org.junit.jupiter.api.Test)

Example 18 with JwtDecoder

use of org.springframework.security.oauth2.jwt.JwtDecoder in project spring-security by spring-projects.

the class OAuth2ResourceServerConfigurerTests method getJwtDecoderWhenContextHasBeanAndUserConfiguresJwkSetUriThenJwkSetUriTakesPrecedence.

@Test
public void getJwtDecoderWhenContextHasBeanAndUserConfiguresJwkSetUriThenJwkSetUriTakesPrecedence() {
    JwtDecoder decoder = mock(JwtDecoder.class);
    ApplicationContext context = mock(ApplicationContext.class);
    given(context.getBean(JwtDecoder.class)).willReturn(decoder);
    OAuth2ResourceServerConfigurer.JwtConfigurer jwtConfigurer = new OAuth2ResourceServerConfigurer(context).jwt();
    jwtConfigurer.jwkSetUri(JWK_SET_URI);
    assertThat(jwtConfigurer.getJwtDecoder()).isNotEqualTo(decoder);
    assertThat(jwtConfigurer.getJwtDecoder()).isInstanceOf(NimbusJwtDecoder.class);
}
Also used : GenericWebApplicationContext(org.springframework.web.context.support.GenericWebApplicationContext) ApplicationContext(org.springframework.context.ApplicationContext) GenericApplicationContext(org.springframework.context.support.GenericApplicationContext) NimbusJwtDecoder(org.springframework.security.oauth2.jwt.NimbusJwtDecoder) JwtDecoder(org.springframework.security.oauth2.jwt.JwtDecoder) Test(org.junit.jupiter.api.Test)

Example 19 with JwtDecoder

use of org.springframework.security.oauth2.jwt.JwtDecoder in project spring-security by spring-projects.

the class OAuth2ResourceServerConfigurerTests method requestWhenBearerTokenResolverAllowsRequestBodyAndRequestContainsTwoTokensThenInvalidRequest.

@Test
public void requestWhenBearerTokenResolverAllowsRequestBodyAndRequestContainsTwoTokensThenInvalidRequest() throws Exception {
    this.spring.register(AllowBearerTokenInRequestBodyConfig.class, JwtDecoderConfig.class, BasicController.class).autowire();
    JwtDecoder decoder = this.spring.getContext().getBean(JwtDecoder.class);
    given(decoder.decode(anyString())).willReturn(JWT);
    // @formatter:off
    MockHttpServletRequestBuilder request = post("/authenticated").header(HttpHeaders.CONTENT_TYPE, MediaType.APPLICATION_FORM_URLENCODED_VALUE).param("access_token", JWT_TOKEN).with(bearerToken(JWT_TOKEN)).with(csrf());
    this.mvc.perform(request).andExpect(status().isBadRequest()).andExpect(header().string(HttpHeaders.WWW_AUTHENTICATE, containsString("invalid_request")));
// @formatter:on
}
Also used : NimbusJwtDecoder(org.springframework.security.oauth2.jwt.NimbusJwtDecoder) JwtDecoder(org.springframework.security.oauth2.jwt.JwtDecoder) MockHttpServletRequestBuilder(org.springframework.test.web.servlet.request.MockHttpServletRequestBuilder) Test(org.junit.jupiter.api.Test)

Example 20 with JwtDecoder

use of org.springframework.security.oauth2.jwt.JwtDecoder in project dhis2-core by dhis2.

the class JwtBearerTokenTest method setUpClass.

@BeforeAll
static void setUpClass() throws JOSEException {
    DhisWebApiWebSecurityConfig.setApiContextPath("");
    JWKSource<SecurityContext> jwkSource = (jwkSelector, securityContext) -> jwkSelector.select(new JWKSet(ImmutableList.of(RSA_KEY)));
    jwsEncoder = new JwtUtils(jwkSource);
    jwtDecoder = NimbusJwtDecoder.withPublicKey(RSA_KEY.toRSAPublicKey()).build();
}
Also used : BeforeEach(org.junit.jupiter.api.BeforeEach) SecurityContext(com.nimbusds.jose.proc.SecurityContext) ConfigurationKey(org.hisp.dhis.external.conf.ConfigurationKey) NimbusJwtDecoder(org.springframework.security.oauth2.jwt.NimbusJwtDecoder) Contracts.assertNotNull(org.hibernate.validator.internal.util.Contracts.assertNotNull) JOSEException(com.nimbusds.jose.JOSEException) Autowired(org.springframework.beans.factory.annotation.Autowired) DhisOidcProviderRepository(org.hisp.dhis.security.oidc.DhisOidcProviderRepository) JWKSet(com.nimbusds.jose.jwk.JWKSet) JwtClaimsSet(org.hisp.dhis.webapi.security.utils.JwtClaimsSet) TestJwks(org.hisp.dhis.webapi.security.utils.TestJwks) TestJwtClaimsSets(org.hisp.dhis.webapi.security.utils.TestJwtClaimsSets) Dhis2JwtAuthenticationManagerResolver(org.hisp.dhis.security.jwt.Dhis2JwtAuthenticationManagerResolver) ImmutableList(com.google.common.collect.ImmutableList) BeforeAll(org.junit.jupiter.api.BeforeAll) JsonError(org.hisp.dhis.webapi.json.domain.JsonError) DhisWebApiWebSecurityConfig(org.hisp.dhis.webapi.security.config.DhisWebApiWebSecurityConfig) JoseHeaderNames(org.hisp.dhis.webapi.security.utils.JoseHeaderNames) User(org.hisp.dhis.user.User) Assertions.assertEquals(org.junit.jupiter.api.Assertions.assertEquals) JwtTokenHeader(org.hisp.dhis.webapi.WebClient.JwtTokenHeader) Jwt(org.springframework.security.oauth2.jwt.Jwt) JsonUser(org.hisp.dhis.webapi.json.domain.JsonUser) JWKSource(com.nimbusds.jose.jwk.source.JWKSource) Properties(java.util.Properties) TestJoseHeaders(org.hisp.dhis.webapi.security.utils.TestJoseHeaders) JoseHeader(org.hisp.dhis.webapi.security.utils.JoseHeader) DhisControllerWithJwtTokenAuthTest(org.hisp.dhis.webapi.DhisControllerWithJwtTokenAuthTest) GenericOidcProviderConfigParser(org.hisp.dhis.security.oidc.GenericOidcProviderConfigParser) Test(org.junit.jupiter.api.Test) HttpStatus(org.springframework.http.HttpStatus) RSAKey(com.nimbusds.jose.jwk.RSAKey) JwtUtils(org.hisp.dhis.webapi.security.utils.JwtUtils) DhisOidcClientRegistration(org.hisp.dhis.security.oidc.DhisOidcClientRegistration) GoogleProvider(org.hisp.dhis.security.oidc.provider.GoogleProvider) JWKSet(com.nimbusds.jose.jwk.JWKSet) SecurityContext(com.nimbusds.jose.proc.SecurityContext) JwtUtils(org.hisp.dhis.webapi.security.utils.JwtUtils) BeforeAll(org.junit.jupiter.api.BeforeAll)

Aggregations

Test (org.junit.jupiter.api.Test)37 NimbusJwtDecoder (org.springframework.security.oauth2.jwt.NimbusJwtDecoder)34 JwtDecoder (org.springframework.security.oauth2.jwt.JwtDecoder)33 Jwt (org.springframework.security.oauth2.jwt.Jwt)9 GenericWebApplicationContext (org.springframework.web.context.support.GenericWebApplicationContext)6 Map (java.util.Map)4 ApplicationContext (org.springframework.context.ApplicationContext)4 ClientRegistration (org.springframework.security.oauth2.client.registration.ClientRegistration)4 RSAKey (com.nimbusds.jose.jwk.RSAKey)3 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)3 Base64 (java.util.Base64)3 Assertions.assertThat (org.assertj.core.api.Assertions.assertThat)3 Assertions.assertThatExceptionOfType (org.assertj.core.api.Assertions.assertThatExceptionOfType)3 ArgumentMatchers.any (org.mockito.ArgumentMatchers.any)3 BDDMockito.given (org.mockito.BDDMockito.given)3 Mockito.mock (org.mockito.Mockito.mock)3 GenericApplicationContext (org.springframework.context.support.GenericApplicationContext)3 Converter (org.springframework.core.convert.converter.Converter)3 HttpStatus (org.springframework.http.HttpStatus)3 JWKSource (com.nimbusds.jose.jwk.source.JWKSource)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial