use of org.springframework.security.oauth2.provider.client.BaseClientDetails in project spring-security-oauth by spring-projects.
the class ApprovalStoreUserApprovalHandlerTests method testApprovalsAddedForAutoapprovedScopes.
@Test
public void testApprovalsAddedForAutoapprovedScopes() {
handler.setClientDetailsService(clientDetailsService);
BaseClientDetails client = new BaseClientDetails("client", null, "read", "authorization_code", null);
client.setAutoApproveScopes(new HashSet<String>(Arrays.asList("read")));
clientDetailsService.setClientDetailsStore(Collections.singletonMap("client", client));
AuthorizationRequest authorizationRequest = new AuthorizationRequest("client", Arrays.asList("read"));
AuthorizationRequest result = handler.checkForPreApproval(authorizationRequest, userAuthentication);
Collection<Approval> approvals = store.getApprovals(userAuthentication.getName(), "client");
assertEquals(1, approvals.size());
Approval approval = approvals.iterator().next();
assertEquals("read", approval.getScope());
}
use of org.springframework.security.oauth2.provider.client.BaseClientDetails in project spring-security-oauth by spring-projects.
the class ApprovalStoreUserApprovalHandlerTests method testAutoapprovedWildcardScopes.
@Test
public void testAutoapprovedWildcardScopes() {
handler.setClientDetailsService(clientDetailsService);
BaseClientDetails client = new BaseClientDetails("client", null, "read", "authorization_code", null);
client.setAutoApproveScopes(new HashSet<String>(Arrays.asList(".*")));
clientDetailsService.setClientDetailsStore(Collections.singletonMap("client", client));
AuthorizationRequest authorizationRequest = new AuthorizationRequest("client", Arrays.asList("read"));
AuthorizationRequest result = handler.checkForPreApproval(authorizationRequest, userAuthentication);
assertTrue(result.isApproved());
}
use of org.springframework.security.oauth2.provider.client.BaseClientDetails in project spring-security-oauth by spring-projects.
the class DefaultRedirectResolverTests method setup.
@Before
public void setup() {
client = new BaseClientDetails();
client.setAuthorizedGrantTypes(Collections.singleton("authorization_code"));
resolver = new DefaultRedirectResolver();
}
use of org.springframework.security.oauth2.provider.client.BaseClientDetails in project spring-security-oauth by spring-projects.
the class OAuth2MethodSecurityExpressionHandlerTests method testScopesWithOr.
@Test
public void testScopesWithOr() throws Exception {
AuthorizationRequest request = new AuthorizationRequest("foo", Collections.singleton("read"));
request.setResourceIdsAndAuthoritiesFromClientDetails(new BaseClientDetails("foo", "bar", "", "client_credentials", "ROLE_CLIENT"));
request.setApproved(true);
OAuth2Request clientAuthentication = request.createOAuth2Request();
Authentication userAuthentication = new UsernamePasswordAuthenticationToken("user", "pass", AuthorityUtils.createAuthorityList("ROLE_USER"));
OAuth2Authentication oAuth2Authentication = new OAuth2Authentication(clientAuthentication, userAuthentication);
MethodInvocation invocation = new SimpleMethodInvocation(this, ReflectionUtils.findMethod(getClass(), "testOauthClient"));
EvaluationContext context = handler.createEvaluationContext(oAuth2Authentication, invocation);
Expression expression = handler.getExpressionParser().parseExpression("#oauth2.hasAnyScope('write') or #oauth2.isUser()");
assertTrue((Boolean) expression.getValue(context));
}
use of org.springframework.security.oauth2.provider.client.BaseClientDetails in project spring-security-oauth by spring-projects.
the class OAuth2MethodSecurityExpressionHandlerTests method testOauthClient.
@Test
public void testOauthClient() throws Exception {
AuthorizationRequest request = new AuthorizationRequest("foo", Collections.singleton("read"));
request.setResourceIdsAndAuthoritiesFromClientDetails(new BaseClientDetails("foo", "", "", "client_credentials", "ROLE_CLIENT"));
Authentication userAuthentication = null;
OAuth2Request clientAuthentication = RequestTokenFactory.createOAuth2Request(request.getRequestParameters(), request.getClientId(), request.getAuthorities(), request.isApproved(), request.getScope(), request.getResourceIds(), request.getRedirectUri(), request.getResponseTypes(), request.getExtensions());
OAuth2Authentication oAuth2Authentication = new OAuth2Authentication(clientAuthentication, userAuthentication);
MethodInvocation invocation = new SimpleMethodInvocation(this, ReflectionUtils.findMethod(getClass(), "testOauthClient"));
EvaluationContext context = handler.createEvaluationContext(oAuth2Authentication, invocation);
Expression expression = handler.getExpressionParser().parseExpression("#oauth2.clientHasAnyRole('ROLE_CLIENT')");
assertTrue((Boolean) expression.getValue(context));
}
Aggregations