use of org.springframework.security.oauth2.provider.ClientDetails in project spring-boot by spring-projects.
the class OAuth2AutoConfigurationTests method testEnvironmentalOverrides.
@Test
public void testEnvironmentalOverrides() {
this.context = new AnnotationConfigServletWebServerApplicationContext();
EnvironmentTestUtils.addEnvironment(this.context, "security.oauth2.client.clientId:myclientid", "security.oauth2.client.clientSecret:mysecret", "security.oauth2.client.autoApproveScopes:read,write", "security.oauth2.client.accessTokenValiditySeconds:40", "security.oauth2.client.refreshTokenValiditySeconds:80");
this.context.register(AuthorizationAndResourceServerConfiguration.class, MinimalSecureWebApplication.class);
this.context.refresh();
ClientDetails config = this.context.getBean(ClientDetails.class);
assertThat(config.getClientId()).isEqualTo("myclientid");
assertThat(config.getClientSecret()).isEqualTo("mysecret");
assertThat(config.isAutoApprove("read")).isTrue();
assertThat(config.isAutoApprove("write")).isTrue();
assertThat(config.isAutoApprove("foo")).isFalse();
assertThat(config.getAccessTokenValiditySeconds()).isEqualTo(40);
assertThat(config.getRefreshTokenValiditySeconds()).isEqualTo(80);
verifyAuthentication(config);
}
use of org.springframework.security.oauth2.provider.ClientDetails in project spring-boot by spring-projects.
the class OAuth2AutoConfigurationTests method testClassicSecurityAnnotationOverride.
@Test
public void testClassicSecurityAnnotationOverride() {
this.context = new AnnotationConfigServletWebServerApplicationContext();
this.context.register(SecuredEnabledConfiguration.class, MinimalSecureWebApplication.class);
this.context.refresh();
this.context.getBean(OAuth2MethodSecurityConfiguration.class);
ClientDetails config = this.context.getBean(ClientDetails.class);
DelegatingMethodSecurityMetadataSource source = this.context.getBean(DelegatingMethodSecurityMetadataSource.class);
List<MethodSecurityMetadataSource> sources = source.getMethodSecurityMetadataSources();
assertThat(sources.size()).isEqualTo(1);
assertThat(sources.get(0).getClass().getName()).isEqualTo(SecuredAnnotationSecurityMetadataSource.class.getName());
verifyAuthentication(config, HttpStatus.OK);
}
use of org.springframework.security.oauth2.provider.ClientDetails in project spring-security-oauth by spring-projects.
the class ClientDetailsServiceBeanDefinitionParserTests method testClientDetailsFromPropertyFile.
@Test
public void testClientDetailsFromPropertyFile() {
// valid client details from property file
ClientDetails clientDetails = clientDetailsService.loadClientByClientId("my-client-id-property-file");
assertNotNull(clientDetailsService);
assertEquals("my-client-id-property-file", clientDetails.getClientId());
assertEquals("my-client-secret-property-file", clientDetails.getClientSecret());
Set<String> grantTypes = clientDetails.getAuthorizedGrantTypes();
assertNotNull(grantTypes);
assertEquals(2, grantTypes.size());
assertTrue(grantTypes.contains("password"));
assertTrue(grantTypes.contains("authorization_code"));
Set<String> scopes = clientDetails.getScope();
assertNotNull(scopes);
assertEquals(2, scopes.size());
assertTrue(scopes.contains("scope1"));
assertTrue(scopes.contains("scope2"));
Collection<GrantedAuthority> authorities = clientDetails.getAuthorities();
assertNotNull(authorities);
assertEquals(2, authorities.size());
assertTrue(AuthorityUtils.authorityListToSet(authorities).contains("ROLE_USER"));
assertTrue(AuthorityUtils.authorityListToSet(authorities).contains("ROLE_ANONYMOUS"));
}
use of org.springframework.security.oauth2.provider.ClientDetails in project spring-security-oauth by spring-projects.
the class JdbcClientDetailsServiceTests method testRemoveNonExistentClient.
@Test(expected = NoSuchClientException.class)
public void testRemoveNonExistentClient() {
BaseClientDetails clientDetails = new BaseClientDetails();
clientDetails.setClientId("nosuchClientIdWithNoDetails");
service.removeClientDetails(clientDetails.getClientId());
}
use of org.springframework.security.oauth2.provider.ClientDetails in project spring-security-oauth by spring-projects.
the class JdbcClientDetailsServiceTests method testLoadingClientIdWithMultipleDetails.
@Test
public void testLoadingClientIdWithMultipleDetails() {
jdbcTemplate.update(INSERT_SQL, "clientIdWithMultipleDetails", "mySecret", "myResource1,myResource2", "myScope1,myScope2", "myAuthorizedGrantType1,myAuthorizedGrantType2", "myRedirectUri1,myRedirectUri2", "myAuthority1,myAuthority2", 100, 200, "read,write");
ClientDetails clientDetails = service.loadClientByClientId("clientIdWithMultipleDetails");
assertEquals("clientIdWithMultipleDetails", clientDetails.getClientId());
assertTrue(clientDetails.isSecretRequired());
assertEquals("mySecret", clientDetails.getClientSecret());
assertTrue(clientDetails.isScoped());
assertEquals(2, clientDetails.getResourceIds().size());
Iterator<String> resourceIds = clientDetails.getResourceIds().iterator();
assertEquals("myResource1", resourceIds.next());
assertEquals("myResource2", resourceIds.next());
assertEquals(2, clientDetails.getScope().size());
Iterator<String> scope = clientDetails.getScope().iterator();
assertEquals("myScope1", scope.next());
assertEquals("myScope2", scope.next());
assertEquals(2, clientDetails.getAuthorizedGrantTypes().size());
Iterator<String> grantTypes = clientDetails.getAuthorizedGrantTypes().iterator();
assertEquals("myAuthorizedGrantType1", grantTypes.next());
assertEquals("myAuthorizedGrantType2", grantTypes.next());
assertEquals(2, clientDetails.getRegisteredRedirectUri().size());
Iterator<String> redirectUris = clientDetails.getRegisteredRedirectUri().iterator();
assertEquals("myRedirectUri1", redirectUris.next());
assertEquals("myRedirectUri2", redirectUris.next());
assertEquals(2, clientDetails.getAuthorities().size());
Iterator<GrantedAuthority> authorities = clientDetails.getAuthorities().iterator();
assertEquals("myAuthority1", authorities.next().getAuthority());
assertEquals("myAuthority2", authorities.next().getAuthority());
assertEquals(new Integer(100), clientDetails.getAccessTokenValiditySeconds());
assertEquals(new Integer(200), clientDetails.getRefreshTokenValiditySeconds());
assertTrue(clientDetails.isAutoApprove("read"));
}
Aggregations