use of org.springframework.security.oauth2.provider.AuthorizationRequest in project spring-security-oauth by spring-projects.
the class AuthorizationEndpointTests method testAuthorizationCodeError.
@Test
public void testAuthorizationCodeError() throws Exception {
endpoint.setUserApprovalHandler(new DefaultUserApprovalHandler() {
public AuthorizationRequest checkForPreApproval(AuthorizationRequest authorizationRequest, Authentication userAuthentication) {
return authorizationRequest;
}
public AuthorizationRequest updateAfterApproval(AuthorizationRequest authorizationRequest, Authentication userAuthentication) {
return authorizationRequest;
}
public boolean isApproved(AuthorizationRequest authorizationRequest, Authentication userAuthentication) {
return true;
}
});
endpoint.setAuthorizationCodeServices(new StubAuthorizationCodeServices() {
@Override
public String createAuthorizationCode(OAuth2Authentication authentication) {
throw new InvalidScopeException("FOO");
}
});
ModelAndView result = endpoint.authorize(model, getAuthorizationRequest("foo", "http://anywhere.com", "mystate", "myscope", Collections.singleton("code")).getRequestParameters(), sessionStatus, principal);
String url = ((RedirectView) result.getView()).getUrl();
assertTrue("Wrong view: " + result, url.startsWith("http://anywhere.com"));
assertTrue("No error: " + result, url.contains("?error="));
assertTrue("Wrong state: " + result, url.contains("&state=mystate"));
}
use of org.springframework.security.oauth2.provider.AuthorizationRequest in project spring-security-oauth by spring-projects.
the class AuthorizationEndpointTests method testImplicitError.
@Test
public void testImplicitError() throws Exception {
endpoint.setUserApprovalHandler(new DefaultUserApprovalHandler() {
public AuthorizationRequest checkForPreApproval(AuthorizationRequest authorizationRequest, Authentication userAuthentication) {
return authorizationRequest;
}
public AuthorizationRequest updateAfterApproval(AuthorizationRequest authorizationRequest, Authentication userAuthentication) {
return authorizationRequest;
}
public boolean isApproved(AuthorizationRequest authorizationRequest, Authentication userAuthentication) {
return true;
}
});
endpoint.setTokenGranter(new TokenGranter() {
public OAuth2AccessToken grant(String grantType, TokenRequest tokenRequest) {
return null;
}
});
AuthorizationRequest authorizationRequest = getAuthorizationRequest("foo", "http://anywhere.com", "mystate", "myscope", Collections.singleton("token"));
ModelAndView result = endpoint.authorize(model, authorizationRequest.getRequestParameters(), sessionStatus, principal);
String url = ((RedirectView) result.getView()).getUrl();
assertTrue("Wrong view: " + result, url.startsWith("http://anywhere.com"));
assertTrue("No error: " + result, url.contains("#error="));
assertTrue("Wrong state: " + result, url.contains("&state=mystate"));
}
use of org.springframework.security.oauth2.provider.AuthorizationRequest in project spring-security-oauth by spring-projects.
the class AuthorizationEndpointTests method testRedirectUriOptionalForAuthorization.
@Test
public void testRedirectUriOptionalForAuthorization() throws Exception {
ModelAndView result = endpoint.authorize(model, getAuthorizationRequest("foo", null, null, "read", Collections.singleton("code")).getRequestParameters(), sessionStatus, principal);
// RedirectUri parameter should be null (SECOAUTH-333), however the resolvedRedirectUri not
AuthorizationRequest authorizationRequest = (AuthorizationRequest) result.getModelMap().get("authorizationRequest");
assertNull(authorizationRequest.getRequestParameters().get(OAuth2Utils.REDIRECT_URI));
assertEquals("http://anywhere.com", authorizationRequest.getRedirectUri());
}
use of org.springframework.security.oauth2.provider.AuthorizationRequest in project spring-security-oauth by spring-projects.
the class AuthorizationEndpointTests method testImplicitAppendsScopeWhenDefaulting.
@Test
public void testImplicitAppendsScopeWhenDefaulting() throws Exception {
endpoint.setTokenGranter(new TokenGranter() {
public OAuth2AccessToken grant(String grantType, TokenRequest tokenRequest) {
DefaultOAuth2AccessToken token = new DefaultOAuth2AccessToken("FOO");
token.setScope(new LinkedHashSet<String>(Arrays.asList("read", "write")));
return token;
}
});
endpoint.setUserApprovalHandler(new DefaultUserApprovalHandler() {
public boolean isApproved(AuthorizationRequest authorizationRequest, Authentication userAuthentication) {
return true;
}
public AuthorizationRequest checkForPreApproval(AuthorizationRequest authorizationRequest, Authentication userAuthentication) {
return authorizationRequest;
}
public AuthorizationRequest updateAfterApproval(AuthorizationRequest authorizationRequest, Authentication userAuthentication) {
return authorizationRequest;
}
});
client.setScope(Collections.singleton("read"));
AuthorizationRequest authorizationRequest = getAuthorizationRequest("foo", "http://anywhere.com", "mystate", null, Collections.singleton("token"));
ModelAndView result = endpoint.authorize(model, authorizationRequest.getRequestParameters(), sessionStatus, principal);
String url = ((RedirectView) result.getView()).getUrl();
assertTrue("Wrong scope: " + result, url.contains("&scope=read%20write"));
}
use of org.springframework.security.oauth2.provider.AuthorizationRequest in project spring-security-oauth by spring-projects.
the class OAuth2MethodSecurityExpressionHandlerTests method testScopesWithOr.
@Test
public void testScopesWithOr() throws Exception {
AuthorizationRequest request = new AuthorizationRequest("foo", Collections.singleton("read"));
request.setResourceIdsAndAuthoritiesFromClientDetails(new BaseClientDetails("foo", "bar", "", "client_credentials", "ROLE_CLIENT"));
request.setApproved(true);
OAuth2Request clientAuthentication = request.createOAuth2Request();
Authentication userAuthentication = new UsernamePasswordAuthenticationToken("user", "pass", AuthorityUtils.createAuthorityList("ROLE_USER"));
OAuth2Authentication oAuth2Authentication = new OAuth2Authentication(clientAuthentication, userAuthentication);
MethodInvocation invocation = new SimpleMethodInvocation(this, ReflectionUtils.findMethod(getClass(), "testOauthClient"));
EvaluationContext context = handler.createEvaluationContext(oAuth2Authentication, invocation);
Expression expression = handler.getExpressionParser().parseExpression("#oauth2.hasAnyScope('write') or #oauth2.isUser()");
assertTrue((Boolean) expression.getValue(context));
}
Aggregations