use of org.springframework.security.oauth2.provider.OAuth2Request in project spring-security-oauth by spring-projects.
the class OAuth2SecurityExpressionMethodsTests method testOauthClient.
@Test
public void testOauthClient() throws Exception {
AuthorizationRequest request = new AuthorizationRequest("foo", Collections.singleton("read"));
request.setResourceIdsAndAuthoritiesFromClientDetails(new BaseClientDetails("foo", "", "", "client_credentials", "ROLE_CLIENT"));
Authentication userAuthentication = null;
OAuth2Request clientAuthentication = RequestTokenFactory.createOAuth2Request(request.getRequestParameters(), request.getClientId(), request.getAuthorities(), request.isApproved(), request.getScope(), request.getResourceIds(), request.getRedirectUri(), request.getResponseTypes(), request.getExtensions());
OAuth2Authentication oAuth2Authentication = new OAuth2Authentication(clientAuthentication, userAuthentication);
assertTrue(new OAuth2SecurityExpressionMethods(oAuth2Authentication).clientHasAnyRole("ROLE_CLIENT"));
}
use of org.springframework.security.oauth2.provider.OAuth2Request in project spring-security-oauth by spring-projects.
the class OAuth2SecurityExpressionMethodsTests method testSufficientScopeWithNoPreviousScopeDecision.
@Test
public void testSufficientScopeWithNoPreviousScopeDecision() throws Exception {
OAuth2Request clientAuthentication = RequestTokenFactory.createOAuth2Request("foo", true, Collections.singleton("read"));
Authentication userAuthentication = null;
OAuth2Authentication oAuth2Authentication = new OAuth2Authentication(clientAuthentication, userAuthentication);
assertTrue(new OAuth2SecurityExpressionMethods(oAuth2Authentication).isClient());
assertFalse(new OAuth2SecurityExpressionMethods(oAuth2Authentication).throwOnError(false));
}
use of org.springframework.security.oauth2.provider.OAuth2Request in project spring-security-oauth by spring-projects.
the class OAuth2SecurityExpressionMethodsTests method testClientOnly.
@Test
public void testClientOnly() throws Exception {
OAuth2Request request = RequestTokenFactory.createOAuth2Request("foo", true, Collections.singleton("read"));
Authentication userAuthentication = new UsernamePasswordAuthenticationToken("foo", "bar", Collections.singleton(new SimpleGrantedAuthority("ROLE_USER")));
OAuth2Authentication oAuth2Authentication = new OAuth2Authentication(request, userAuthentication);
assertFalse(new OAuth2SecurityExpressionMethods(oAuth2Authentication).isClient());
assertTrue(new OAuth2SecurityExpressionMethods(new OAuth2Authentication(request, null)).isClient());
}
use of org.springframework.security.oauth2.provider.OAuth2Request in project spring-security-oauth by spring-projects.
the class OAuth2WebSecurityExpressionHandlerTests method testScopesWithOr.
@Test
public void testScopesWithOr() throws Exception {
AuthorizationRequest request = new AuthorizationRequest("foo", Collections.singleton("read"));
request.setResourceIdsAndAuthoritiesFromClientDetails(new BaseClientDetails("foo", "bar", "", "client_credentials", "ROLE_USER"));
request.setApproved(true);
OAuth2Request clientAuthentication = request.createOAuth2Request();
Authentication userAuthentication = new UsernamePasswordAuthenticationToken("user", "pass", AuthorityUtils.createAuthorityList("ROLE_USER"));
OAuth2Authentication oAuth2Authentication = new OAuth2Authentication(clientAuthentication, userAuthentication);
FilterInvocation invocation = new FilterInvocation("/foo", "GET");
EvaluationContext context = handler.createEvaluationContext(oAuth2Authentication, invocation);
Expression expression = handler.getExpressionParser().parseExpression("#oauth2.hasAnyScope('write') or #oauth2.isUser()");
assertTrue((Boolean) expression.getValue(context));
}
use of org.springframework.security.oauth2.provider.OAuth2Request in project spring-security-oauth by spring-projects.
the class InMemoryImplicitGrantServiceTests method testTransformedRequest.
@Test
public void testTransformedRequest() {
service.store(oauth2Request, tokenRequest);
TokenRequest tokenRequest = new TokenRequest(Collections.<String, String>emptyMap(), "client", Collections.singleton("read"), "implicit");
assertEquals(oauth2Request, service.remove(tokenRequest));
assertEquals(null, service.remove(tokenRequest));
}
Aggregations