Examples with JwtDecoder org.springframework.security.oauth2.jwt.JwtDecoder used on opensource projects

Search in sources :

Example 36 with JwtDecoder

use of org.springframework.security.oauth2.jwt.JwtDecoder in project spring-security by spring-projects.

the class OAuth2ResourceServerBeanDefinitionParserTests method requestWhenBasicAndResourceServerEntryPointsThenBearerTokenPresides.

@Test
public void requestWhenBasicAndResourceServerEntryPointsThenBearerTokenPresides() throws Exception {
    // different from DSL
    this.spring.configLocations(xml("MockJwtDecoder"), xml("BasicAndResourceServer")).autowire();
    JwtDecoder decoder = this.spring.getContext().getBean(JwtDecoder.class);
    given(decoder.decode(anyString())).willThrow(BadJwtException.class);
    // @formatter:off
    this.mvc.perform(get("/authenticated").with(httpBasic("some", "user"))).andExpect(status().isUnauthorized()).andExpect(header().string(HttpHeaders.WWW_AUTHENTICATE, startsWith("Basic")));
    this.mvc.perform(get("/authenticated")).andExpect(status().isUnauthorized()).andExpect(header().string(HttpHeaders.WWW_AUTHENTICATE, startsWith("Bearer")));
    this.mvc.perform(get("/authenticated").header("Authorization", "Bearer invalid_token")).andExpect(status().isUnauthorized()).andExpect(header().string(HttpHeaders.WWW_AUTHENTICATE, startsWith("Bearer")));
// @formatter:on
}
Also used : NimbusJwtDecoder(org.springframework.security.oauth2.jwt.NimbusJwtDecoder) JwtDecoder(org.springframework.security.oauth2.jwt.JwtDecoder) Test(org.junit.jupiter.api.Test)

Example 37 with JwtDecoder

use of org.springframework.security.oauth2.jwt.JwtDecoder in project spring-security by spring-projects.

the class OAuth2ResourceServerBeanDefinitionParserTests method getWhenCustomBearerTokenResolverThenUses.

@Test
public void getWhenCustomBearerTokenResolverThenUses() throws Exception {
    this.spring.configLocations(xml("MockBearerTokenResolver"), xml("MockJwtDecoder"), xml("BearerTokenResolver")).autowire();
    JwtDecoder decoder = this.spring.getContext().getBean(JwtDecoder.class);
    given(decoder.decode("token")).willReturn(TestJwts.jwt().build());
    BearerTokenResolver bearerTokenResolver = this.spring.getContext().getBean(BearerTokenResolver.class);
    given(bearerTokenResolver.resolve(any(HttpServletRequest.class))).willReturn("token");
    this.mvc.perform(get("/")).andExpect(status().isNotFound());
    verify(decoder).decode("token");
    verify(bearerTokenResolver).resolve(any(HttpServletRequest.class));
}
Also used : HttpServletRequest(jakarta.servlet.http.HttpServletRequest) NimbusJwtDecoder(org.springframework.security.oauth2.jwt.NimbusJwtDecoder) JwtDecoder(org.springframework.security.oauth2.jwt.JwtDecoder) BearerTokenResolver(org.springframework.security.oauth2.server.resource.web.BearerTokenResolver) Test(org.junit.jupiter.api.Test)

Example 38 with JwtDecoder

use of org.springframework.security.oauth2.jwt.JwtDecoder in project spring-security by spring-projects.

the class OAuth2ResourceServerBeanDefinitionParserTests method requestWhenCustomJwtDecoderThenUsed.

@Test
public void requestWhenCustomJwtDecoderThenUsed() throws Exception {
    this.spring.configLocations(xml("MockJwtDecoder"), xml("Jwt")).autowire();
    JwtDecoder decoder = this.spring.getContext().getBean(JwtDecoder.class);
    given(decoder.decode(anyString())).willReturn(TestJwts.jwt().build());
    this.mvc.perform(get("/authenticated").header("Authorization", "Bearer token")).andExpect(status().isNotFound());
    verify(decoder).decode("token");
}
Also used : NimbusJwtDecoder(org.springframework.security.oauth2.jwt.NimbusJwtDecoder) JwtDecoder(org.springframework.security.oauth2.jwt.JwtDecoder) Test(org.junit.jupiter.api.Test)

Example 39 with JwtDecoder

use of org.springframework.security.oauth2.jwt.JwtDecoder in project spring-security by spring-projects.

the class OidcAuthorizationCodeAuthenticationProvider method createOidcToken.

private OidcIdToken createOidcToken(ClientRegistration clientRegistration, OAuth2AccessTokenResponse accessTokenResponse) {
    JwtDecoder jwtDecoder = this.jwtDecoderFactory.createDecoder(clientRegistration);
    Jwt jwt = getJwt(accessTokenResponse, jwtDecoder);
    OidcIdToken idToken = new OidcIdToken(jwt.getTokenValue(), jwt.getIssuedAt(), jwt.getExpiresAt(), jwt.getClaims());
    return idToken;
}
Also used : OidcIdToken(org.springframework.security.oauth2.core.oidc.OidcIdToken) Jwt(org.springframework.security.oauth2.jwt.Jwt) JwtDecoder(org.springframework.security.oauth2.jwt.JwtDecoder)

Example 40 with JwtDecoder

use of org.springframework.security.oauth2.jwt.JwtDecoder in project spring-security by spring-projects.

the class OidcIdTokenDecoderFactory method createDecoder.

@Override
public JwtDecoder createDecoder(ClientRegistration clientRegistration) {
    Assert.notNull(clientRegistration, "clientRegistration cannot be null");
    return this.jwtDecoders.computeIfAbsent(clientRegistration.getRegistrationId(), (key) -> {
        NimbusJwtDecoder jwtDecoder = buildDecoder(clientRegistration);
        jwtDecoder.setJwtValidator(this.jwtValidatorFactory.apply(clientRegistration));
        Converter<Map<String, Object>, Map<String, Object>> claimTypeConverter = this.claimTypeConverterFactory.apply(clientRegistration);
        if (claimTypeConverter != null) {
            jwtDecoder.setClaimSetConverter(claimTypeConverter);
        }
        return jwtDecoder;
    });
}
Also used : NimbusJwtDecoder(org.springframework.security.oauth2.jwt.NimbusJwtDecoder) HashMap(java.util.HashMap) Map(java.util.Map) ConcurrentHashMap(java.util.concurrent.ConcurrentHashMap)

Aggregations

Test (org.junit.jupiter.api.Test)37 NimbusJwtDecoder (org.springframework.security.oauth2.jwt.NimbusJwtDecoder)34 JwtDecoder (org.springframework.security.oauth2.jwt.JwtDecoder)33 Jwt (org.springframework.security.oauth2.jwt.Jwt)9 GenericWebApplicationContext (org.springframework.web.context.support.GenericWebApplicationContext)6 Map (java.util.Map)4 ApplicationContext (org.springframework.context.ApplicationContext)4 ClientRegistration (org.springframework.security.oauth2.client.registration.ClientRegistration)4 RSAKey (com.nimbusds.jose.jwk.RSAKey)3 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)3 Base64 (java.util.Base64)3 Assertions.assertThat (org.assertj.core.api.Assertions.assertThat)3 Assertions.assertThatExceptionOfType (org.assertj.core.api.Assertions.assertThatExceptionOfType)3 ArgumentMatchers.any (org.mockito.ArgumentMatchers.any)3 BDDMockito.given (org.mockito.BDDMockito.given)3 Mockito.mock (org.mockito.Mockito.mock)3 GenericApplicationContext (org.springframework.context.support.GenericApplicationContext)3 Converter (org.springframework.core.convert.converter.Converter)3 HttpStatus (org.springframework.http.HttpStatus)3 JWKSource (com.nimbusds.jose.jwk.source.JWKSource)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial