Examples with ReactiveJwtDecoder org.springframework.security.oauth2.jwt.ReactiveJwtDecoder used on opensource projects

Example 6 with ReactiveJwtDecoder

use of org.springframework.security.oauth2.jwt.ReactiveJwtDecoder in project spring-boot by spring-projects.

the class ReactiveOAuth2ResourceServerAutoConfigurationTests method autoConfigurationShouldConfigureResourceServerUsingOidcRfc8414IssuerUri.

@Test
@SuppressWarnings("unchecked")
void autoConfigurationShouldConfigureResourceServerUsingOidcRfc8414IssuerUri() throws Exception {
    this.server = new MockWebServer();
    this.server.start();
    String issuer = this.server.url("").toString();
    String cleanIssuerPath = cleanIssuerPath(issuer);
    setupMockResponsesWithErrors(cleanIssuerPath, 1);
    this.contextRunner.withPropertyValues("spring.security.oauth2.resourceserver.jwt.issuer-uri=http://" + this.server.getHostName() + ":" + this.server.getPort()).run((context) -> {
        assertThat(context).hasSingleBean(SupplierReactiveJwtDecoder.class);
        assertFilterConfiguredWithJwtAuthenticationManager(context);
        assertThat(context.containsBean("jwtDecoderByIssuerUri")).isTrue();
        SupplierReactiveJwtDecoder supplierReactiveJwtDecoder = context.getBean(SupplierReactiveJwtDecoder.class);
        Mono<ReactiveJwtDecoder> reactiveJwtDecoderSupplier = (Mono<ReactiveJwtDecoder>) ReflectionTestUtils.getField(supplierReactiveJwtDecoder, "jwtDecoderMono");
        ReactiveJwtDecoder reactiveJwtDecoder = reactiveJwtDecoderSupplier.block();
    });
    // The last request is to the JWK Set endpoint to look up the algorithm
    assertThat(this.server.getRequestCount()).isEqualTo(2);
}

Example 7 with ReactiveJwtDecoder

use of org.springframework.security.oauth2.jwt.ReactiveJwtDecoder in project spring-security by spring-projects.

the class OAuth2ResourceServerSpecTests method getJwtDecoderWhenBeanWiredAndDslWiredThenDslTakesPrecedence.

@Test
public void getJwtDecoderWhenBeanWiredAndDslWiredThenDslTakesPrecedence() {
    GenericWebApplicationContext context = autowireWebServerGenericWebApplicationContext();
    ServerHttpSecurity http = new ServerHttpSecurity();
    http.setApplicationContext(context);
    ReactiveJwtDecoder beanWiredJwtDecoder = mock(ReactiveJwtDecoder.class);
    ReactiveJwtDecoder dslWiredJwtDecoder = mock(ReactiveJwtDecoder.class);
    context.registerBean(ReactiveJwtDecoder.class, () -> beanWiredJwtDecoder);
    ServerHttpSecurity.OAuth2ResourceServerSpec.JwtSpec jwt = http.oauth2ResourceServer().jwt();
    jwt.jwtDecoder(dslWiredJwtDecoder);
    assertThat(jwt.getJwtDecoder()).isEqualTo(dslWiredJwtDecoder);
}

Example 8 with ReactiveJwtDecoder

use of org.springframework.security.oauth2.jwt.ReactiveJwtDecoder in project spring-security by spring-projects.

the class ReactiveOidcIdTokenDecoderFactory method createDecoder.

@Override
public ReactiveJwtDecoder createDecoder(ClientRegistration clientRegistration) {
    Assert.notNull(clientRegistration, "clientRegistration cannot be null");
    return this.jwtDecoders.computeIfAbsent(clientRegistration.getRegistrationId(), (key) -> {
        NimbusReactiveJwtDecoder jwtDecoder = buildDecoder(clientRegistration);
        jwtDecoder.setJwtValidator(this.jwtValidatorFactory.apply(clientRegistration));
        Converter<Map<String, Object>, Map<String, Object>> claimTypeConverter = this.claimTypeConverterFactory.apply(clientRegistration);
        if (claimTypeConverter != null) {
            jwtDecoder.setClaimSetConverter(claimTypeConverter);
        }
        return jwtDecoder;
    });
}

Example 9 with ReactiveJwtDecoder

use of org.springframework.security.oauth2.jwt.ReactiveJwtDecoder in project spring-security by spring-projects.

the class OidcAuthorizationCodeReactiveAuthenticationManager method createOidcToken.

private Mono<OidcIdToken> createOidcToken(ClientRegistration clientRegistration, OAuth2AccessTokenResponse accessTokenResponse) {
    ReactiveJwtDecoder jwtDecoder = this.jwtDecoderFactory.createDecoder(clientRegistration);
    String rawIdToken = (String) accessTokenResponse.getAdditionalParameters().get(OidcParameterNames.ID_TOKEN);
    // @formatter:off
    return jwtDecoder.decode(rawIdToken).map((jwt) -> new OidcIdToken(jwt.getTokenValue(), jwt.getIssuedAt(), jwt.getExpiresAt(), jwt.getClaims()));
// @formatter:on
}

Example 10 with ReactiveJwtDecoder

use of org.springframework.security.oauth2.jwt.ReactiveJwtDecoder in project spring-boot by spring-projects.

the class ReactiveOAuth2ResourceServerAutoConfigurationTests method autoConfigurationShouldConfigureResourceServerUsingOAuthIssuerUri.

@Test
@SuppressWarnings("unchecked")
void autoConfigurationShouldConfigureResourceServerUsingOAuthIssuerUri() throws Exception {
    this.server = new MockWebServer();
    this.server.start();
    String issuer = this.server.url("").toString();
    String cleanIssuerPath = cleanIssuerPath(issuer);
    setupMockResponsesWithErrors(cleanIssuerPath, 2);
    this.contextRunner.withPropertyValues("spring.security.oauth2.resourceserver.jwt.issuer-uri=http://" + this.server.getHostName() + ":" + this.server.getPort()).run((context) -> {
        assertThat(context).hasSingleBean(SupplierReactiveJwtDecoder.class);
        assertFilterConfiguredWithJwtAuthenticationManager(context);
        assertThat(context.containsBean("jwtDecoderByIssuerUri")).isTrue();
        SupplierReactiveJwtDecoder supplierReactiveJwtDecoder = context.getBean(SupplierReactiveJwtDecoder.class);
        Mono<ReactiveJwtDecoder> reactiveJwtDecoderSupplier = (Mono<ReactiveJwtDecoder>) ReflectionTestUtils.getField(supplierReactiveJwtDecoder, "jwtDecoderMono");
        ReactiveJwtDecoder reactiveJwtDecoder = reactiveJwtDecoderSupplier.block();
    });
    // The last request is to the JWK Set endpoint to look up the algorithm
    assertThat(this.server.getRequestCount()).isEqualTo(3);
}