Examples with OAuth2Authorization org.springframework.security.oauth2.server.authorization.OAuth2Authorization used on opensource projects

Search in sources :

Example 11 with OAuth2Authorization

use of org.springframework.security.oauth2.server.authorization.OAuth2Authorization in project spring-authorization-server by spring-projects.

the class OAuth2RefreshTokenAuthenticationProviderTests method authenticateWhenRefreshTokenIssuedToAnotherClientThenThrowOAuth2AuthenticationException.

@Test
public void authenticateWhenRefreshTokenIssuedToAnotherClientThenThrowOAuth2AuthenticationException() {
    RegisteredClient registeredClient = TestRegisteredClients.registeredClient().build();
    OAuth2Authorization authorization = TestOAuth2Authorizations.authorization(registeredClient).build();
    when(this.authorizationService.findByToken(eq(authorization.getRefreshToken().getToken().getTokenValue()), eq(OAuth2TokenType.REFRESH_TOKEN))).thenReturn(authorization);
    RegisteredClient registeredClient2 = TestRegisteredClients.registeredClient2().build();
    OAuth2ClientAuthenticationToken clientPrincipal = new OAuth2ClientAuthenticationToken(registeredClient2, ClientAuthenticationMethod.CLIENT_SECRET_BASIC, registeredClient2.getClientSecret());
    OAuth2RefreshTokenAuthenticationToken authentication = new OAuth2RefreshTokenAuthenticationToken(authorization.getRefreshToken().getToken().getTokenValue(), clientPrincipal, null, null);
    assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication)).isInstanceOf(OAuth2AuthenticationException.class).extracting(ex -> ((OAuth2AuthenticationException) ex).getError()).extracting("errorCode").isEqualTo(OAuth2ErrorCodes.INVALID_CLIENT);
}
Also used : OAuth2Authorization(org.springframework.security.oauth2.server.authorization.OAuth2Authorization) OAuth2AuthenticationException(org.springframework.security.oauth2.core.OAuth2AuthenticationException) RegisteredClient(org.springframework.security.oauth2.server.authorization.client.RegisteredClient) Test(org.junit.Test)

Example 12 with OAuth2Authorization

use of org.springframework.security.oauth2.server.authorization.OAuth2Authorization in project spring-authorization-server by spring-projects.

the class OAuth2RefreshTokenAuthenticationProviderTests method authenticateWhenAccessTokenNotGeneratedThenThrowOAuth2AuthenticationException.

@Test
public void authenticateWhenAccessTokenNotGeneratedThenThrowOAuth2AuthenticationException() {
    RegisteredClient registeredClient = TestRegisteredClients.registeredClient().build();
    OAuth2Authorization authorization = TestOAuth2Authorizations.authorization(registeredClient).build();
    when(this.authorizationService.findByToken(eq(authorization.getRefreshToken().getToken().getTokenValue()), eq(OAuth2TokenType.REFRESH_TOKEN))).thenReturn(authorization);
    OAuth2ClientAuthenticationToken clientPrincipal = new OAuth2ClientAuthenticationToken(registeredClient, ClientAuthenticationMethod.CLIENT_SECRET_BASIC, registeredClient.getClientSecret());
    OAuth2RefreshTokenAuthenticationToken authentication = new OAuth2RefreshTokenAuthenticationToken(authorization.getRefreshToken().getToken().getTokenValue(), clientPrincipal, null, null);
    doAnswer(answer -> {
        OAuth2TokenContext context = answer.getArgument(0);
        if (OAuth2TokenType.ACCESS_TOKEN.equals(context.getTokenType())) {
            return null;
        } else {
            return answer.callRealMethod();
        }
    }).when(this.tokenGenerator).generate(any());
    assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication)).isInstanceOf(OAuth2AuthenticationException.class).extracting(ex -> ((OAuth2AuthenticationException) ex).getError()).satisfies(error -> {
        assertThat(error.getErrorCode()).isEqualTo(OAuth2ErrorCodes.SERVER_ERROR);
        assertThat(error.getDescription()).contains("The token generator failed to generate the access token.");
    });
}
Also used : TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken) OAuth2TokenGenerator(org.springframework.security.oauth2.server.authorization.OAuth2TokenGenerator) JwtEncodingContext(org.springframework.security.oauth2.server.authorization.JwtEncodingContext) ArgumentMatchers.eq(org.mockito.ArgumentMatchers.eq) Assertions.assertThat(org.assertj.core.api.Assertions.assertThat) TestOAuth2Authorizations(org.springframework.security.oauth2.server.authorization.TestOAuth2Authorizations) Map(java.util.Map) After(org.junit.After) Mockito.doAnswer(org.mockito.Mockito.doAnswer) OidcScopes(org.springframework.security.oauth2.core.oidc.OidcScopes) Jwt(org.springframework.security.oauth2.jwt.Jwt) ProviderSettings(org.springframework.security.oauth2.server.authorization.config.ProviderSettings) OAuth2AuthenticationException(org.springframework.security.oauth2.core.OAuth2AuthenticationException) Set(java.util.Set) JoseHeaderNames(org.springframework.security.oauth2.jwt.JoseHeaderNames) JwtGenerator(org.springframework.security.oauth2.server.authorization.JwtGenerator) Instant(java.time.Instant) ProviderContextHolder(org.springframework.security.oauth2.server.authorization.context.ProviderContextHolder) Principal(java.security.Principal) OAuth2TokenContext(org.springframework.security.oauth2.server.authorization.OAuth2TokenContext) ProviderContext(org.springframework.security.oauth2.server.authorization.context.ProviderContext) OAuth2RefreshTokenGenerator(org.springframework.security.oauth2.server.authorization.OAuth2RefreshTokenGenerator) Authentication(org.springframework.security.core.Authentication) OAuth2Token(org.springframework.security.oauth2.core.OAuth2Token) Mockito.mock(org.mockito.Mockito.mock) ArgumentMatchers.any(org.mockito.ArgumentMatchers.any) OAuth2ParameterNames(org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames) OidcParameterNames(org.springframework.security.oauth2.core.oidc.endpoint.OidcParameterNames) HashMap(java.util.HashMap) OAuth2AccessTokenGenerator(org.springframework.security.oauth2.server.authorization.OAuth2AccessTokenGenerator) TokenSettings(org.springframework.security.oauth2.server.authorization.config.TokenSettings) JwtEncoder(org.springframework.security.oauth2.jwt.JwtEncoder) Mockito.spy(org.mockito.Mockito.spy) Supplier(java.util.function.Supplier) HashSet(java.util.HashSet) ArgumentCaptor(org.mockito.ArgumentCaptor) Assertions.assertThatThrownBy(org.assertj.core.api.Assertions.assertThatThrownBy) ClientAuthenticationMethod(org.springframework.security.oauth2.core.ClientAuthenticationMethod) Before(org.junit.Before) OAuth2Authorization(org.springframework.security.oauth2.server.authorization.OAuth2Authorization) OidcIdToken(org.springframework.security.oauth2.core.oidc.OidcIdToken) RegisteredClient(org.springframework.security.oauth2.server.authorization.client.RegisteredClient) DelegatingOAuth2TokenGenerator(org.springframework.security.oauth2.server.authorization.DelegatingOAuth2TokenGenerator) Test(org.junit.Test) Mockito.times(org.mockito.Mockito.times) OAuth2TokenClaimsContext(org.springframework.security.oauth2.server.authorization.OAuth2TokenClaimsContext) Mockito.when(org.mockito.Mockito.when) OAuth2ErrorCodes(org.springframework.security.oauth2.core.OAuth2ErrorCodes) Assertions.entry(org.assertj.core.api.Assertions.entry) TestRegisteredClients(org.springframework.security.oauth2.server.authorization.client.TestRegisteredClients) OAuth2AuthorizationService(org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService) Mockito.verify(org.mockito.Mockito.verify) ChronoUnit(java.time.temporal.ChronoUnit) SignatureAlgorithm(org.springframework.security.oauth2.jose.jws.SignatureAlgorithm) OAuth2TokenType(org.springframework.security.oauth2.core.OAuth2TokenType) OAuth2TokenCustomizer(org.springframework.security.oauth2.server.authorization.OAuth2TokenCustomizer) OAuth2RefreshToken(org.springframework.security.oauth2.core.OAuth2RefreshToken) Collections(java.util.Collections) OAuth2TokenFormat(org.springframework.security.oauth2.core.OAuth2TokenFormat) AuthorizationGrantType(org.springframework.security.oauth2.core.AuthorizationGrantType) OAuth2TokenContext(org.springframework.security.oauth2.server.authorization.OAuth2TokenContext) OAuth2Authorization(org.springframework.security.oauth2.server.authorization.OAuth2Authorization) OAuth2AuthenticationException(org.springframework.security.oauth2.core.OAuth2AuthenticationException) RegisteredClient(org.springframework.security.oauth2.server.authorization.client.RegisteredClient) Test(org.junit.Test)

Example 13 with OAuth2Authorization

use of org.springframework.security.oauth2.server.authorization.OAuth2Authorization in project spring-authorization-server by spring-projects.

the class OAuth2RefreshTokenAuthenticationProviderTests method authenticateWhenAccessTokenFormatReferenceThenAccessTokenGeneratorCalled.

@Test
public void authenticateWhenAccessTokenFormatReferenceThenAccessTokenGeneratorCalled() {
    // @formatter:off
    RegisteredClient registeredClient = TestRegisteredClients.registeredClient().tokenSettings(TokenSettings.builder().accessTokenFormat(OAuth2TokenFormat.REFERENCE).build()).build();
    // @formatter:on
    OAuth2Authorization authorization = TestOAuth2Authorizations.authorization(registeredClient).build();
    when(this.authorizationService.findByToken(eq(authorization.getRefreshToken().getToken().getTokenValue()), eq(OAuth2TokenType.REFRESH_TOKEN))).thenReturn(authorization);
    OAuth2ClientAuthenticationToken clientPrincipal = new OAuth2ClientAuthenticationToken(registeredClient, ClientAuthenticationMethod.CLIENT_SECRET_BASIC, registeredClient.getClientSecret());
    OAuth2RefreshTokenAuthenticationToken authentication = new OAuth2RefreshTokenAuthenticationToken(authorization.getRefreshToken().getToken().getTokenValue(), clientPrincipal, null, null);
    this.authenticationProvider.authenticate(authentication);
    verify(this.accessTokenCustomizer).customize(any());
}
Also used : OAuth2Authorization(org.springframework.security.oauth2.server.authorization.OAuth2Authorization) RegisteredClient(org.springframework.security.oauth2.server.authorization.client.RegisteredClient) Test(org.junit.Test)

Example 14 with OAuth2Authorization

use of org.springframework.security.oauth2.server.authorization.OAuth2Authorization in project spring-authorization-server by spring-projects.

the class OAuth2TokenIntrospectionAuthenticationProviderTests method authenticateWhenTokenBeforeUseThenNotActive.

@Test
public void authenticateWhenTokenBeforeUseThenNotActive() {
    RegisteredClient registeredClient = TestRegisteredClients.registeredClient().build();
    Instant issuedAt = Instant.now();
    Instant notBefore = issuedAt.plus(Duration.ofMinutes(5));
    Instant expiresAt = issuedAt.plus(Duration.ofHours(1));
    OAuth2AccessToken accessToken = new OAuth2AccessToken(OAuth2AccessToken.TokenType.BEARER, "access-token", issuedAt, expiresAt);
    Map<String, Object> accessTokenClaims = Collections.singletonMap(OAuth2TokenClaimNames.NBF, notBefore);
    OAuth2Authorization authorization = TestOAuth2Authorizations.authorization(registeredClient, accessToken, accessTokenClaims).build();
    when(this.authorizationService.findByToken(eq(accessToken.getTokenValue()), isNull())).thenReturn(authorization);
    OAuth2ClientAuthenticationToken clientPrincipal = new OAuth2ClientAuthenticationToken(registeredClient, ClientAuthenticationMethod.CLIENT_SECRET_BASIC, registeredClient.getClientSecret());
    OAuth2TokenIntrospectionAuthenticationToken authentication = new OAuth2TokenIntrospectionAuthenticationToken(accessToken.getTokenValue(), clientPrincipal, null, null);
    OAuth2TokenIntrospectionAuthenticationToken authenticationResult = (OAuth2TokenIntrospectionAuthenticationToken) this.authenticationProvider.authenticate(authentication);
    verify(this.authorizationService).findByToken(eq(authentication.getToken()), isNull());
    assertThat(authenticationResult.isAuthenticated()).isTrue();
    assertThat(authenticationResult.getTokenClaims().getClaims()).hasSize(1);
    assertThat(authenticationResult.getTokenClaims().isActive()).isFalse();
}
Also used : OAuth2AccessToken(org.springframework.security.oauth2.core.OAuth2AccessToken) Instant(java.time.Instant) OAuth2Authorization(org.springframework.security.oauth2.server.authorization.OAuth2Authorization) RegisteredClient(org.springframework.security.oauth2.server.authorization.client.RegisteredClient) Test(org.junit.Test)

Example 15 with OAuth2Authorization

use of org.springframework.security.oauth2.server.authorization.OAuth2Authorization in project spring-authorization-server by spring-projects.

the class OAuth2AuthorizationCodeAuthenticationProviderTests method authenticateWhenAccessTokenNotGeneratedThenThrowOAuth2AuthenticationException.

@Test
public void authenticateWhenAccessTokenNotGeneratedThenThrowOAuth2AuthenticationException() {
    RegisteredClient registeredClient = TestRegisteredClients.registeredClient().build();
    OAuth2Authorization authorization = TestOAuth2Authorizations.authorization(registeredClient).build();
    when(this.authorizationService.findByToken(eq(AUTHORIZATION_CODE), eq(AUTHORIZATION_CODE_TOKEN_TYPE))).thenReturn(authorization);
    OAuth2ClientAuthenticationToken clientPrincipal = new OAuth2ClientAuthenticationToken(registeredClient, ClientAuthenticationMethod.CLIENT_SECRET_BASIC, registeredClient.getClientSecret());
    OAuth2AuthorizationRequest authorizationRequest = authorization.getAttribute(OAuth2AuthorizationRequest.class.getName());
    OAuth2AuthorizationCodeAuthenticationToken authentication = new OAuth2AuthorizationCodeAuthenticationToken(AUTHORIZATION_CODE, clientPrincipal, authorizationRequest.getRedirectUri(), null);
    doAnswer(answer -> {
        OAuth2TokenContext context = answer.getArgument(0);
        if (OAuth2TokenType.ACCESS_TOKEN.equals(context.getTokenType())) {
            return null;
        } else {
            return answer.callRealMethod();
        }
    }).when(this.tokenGenerator).generate(any());
    assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication)).isInstanceOf(OAuth2AuthenticationException.class).extracting(ex -> ((OAuth2AuthenticationException) ex).getError()).satisfies(error -> {
        assertThat(error.getErrorCode()).isEqualTo(OAuth2ErrorCodes.SERVER_ERROR);
        assertThat(error.getDescription()).contains("The token generator failed to generate the access token.");
    });
}
Also used : TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken) OAuth2TokenGenerator(org.springframework.security.oauth2.server.authorization.OAuth2TokenGenerator) JwtEncodingContext(org.springframework.security.oauth2.server.authorization.JwtEncodingContext) ArgumentMatchers.eq(org.mockito.ArgumentMatchers.eq) Assertions.assertThat(org.assertj.core.api.Assertions.assertThat) TestOAuth2Authorizations(org.springframework.security.oauth2.server.authorization.TestOAuth2Authorizations) Duration(java.time.Duration) Map(java.util.Map) After(org.junit.After) Mockito.doAnswer(org.mockito.Mockito.doAnswer) OidcScopes(org.springframework.security.oauth2.core.oidc.OidcScopes) Jwt(org.springframework.security.oauth2.jwt.Jwt) ProviderSettings(org.springframework.security.oauth2.server.authorization.config.ProviderSettings) OAuth2AuthenticationException(org.springframework.security.oauth2.core.OAuth2AuthenticationException) Set(java.util.Set) JoseHeaderNames(org.springframework.security.oauth2.jwt.JoseHeaderNames) JwtGenerator(org.springframework.security.oauth2.server.authorization.JwtGenerator) Instant(java.time.Instant) ProviderContextHolder(org.springframework.security.oauth2.server.authorization.context.ProviderContextHolder) Principal(java.security.Principal) OAuth2TokenContext(org.springframework.security.oauth2.server.authorization.OAuth2TokenContext) ProviderContext(org.springframework.security.oauth2.server.authorization.context.ProviderContext) OAuth2RefreshTokenGenerator(org.springframework.security.oauth2.server.authorization.OAuth2RefreshTokenGenerator) Authentication(org.springframework.security.core.Authentication) OAuth2Token(org.springframework.security.oauth2.core.OAuth2Token) Mockito.mock(org.mockito.Mockito.mock) ArgumentMatchers.any(org.mockito.ArgumentMatchers.any) OAuth2ParameterNames(org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames) OidcParameterNames(org.springframework.security.oauth2.core.oidc.endpoint.OidcParameterNames) HashMap(java.util.HashMap) OAuth2AccessTokenGenerator(org.springframework.security.oauth2.server.authorization.OAuth2AccessTokenGenerator) TokenSettings(org.springframework.security.oauth2.server.authorization.config.TokenSettings) JwtEncoder(org.springframework.security.oauth2.jwt.JwtEncoder) Mockito.spy(org.mockito.Mockito.spy) Supplier(java.util.function.Supplier) HashSet(java.util.HashSet) JwtClaimsSet(org.springframework.security.oauth2.jwt.JwtClaimsSet) ArgumentCaptor(org.mockito.ArgumentCaptor) Assertions.assertThatThrownBy(org.assertj.core.api.Assertions.assertThatThrownBy) ClientAuthenticationMethod(org.springframework.security.oauth2.core.ClientAuthenticationMethod) Before(org.junit.Before) OAuth2Authorization(org.springframework.security.oauth2.server.authorization.OAuth2Authorization) OidcIdToken(org.springframework.security.oauth2.core.oidc.OidcIdToken) RegisteredClient(org.springframework.security.oauth2.server.authorization.client.RegisteredClient) OAuth2AuthorizationRequest(org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest) DelegatingOAuth2TokenGenerator(org.springframework.security.oauth2.server.authorization.DelegatingOAuth2TokenGenerator) Test(org.junit.Test) Mockito.times(org.mockito.Mockito.times) OAuth2TokenClaimsContext(org.springframework.security.oauth2.server.authorization.OAuth2TokenClaimsContext) Mockito.when(org.mockito.Mockito.when) OAuth2ErrorCodes(org.springframework.security.oauth2.core.OAuth2ErrorCodes) Assertions.entry(org.assertj.core.api.Assertions.entry) TestRegisteredClients(org.springframework.security.oauth2.server.authorization.client.TestRegisteredClients) OAuth2AuthorizationService(org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService) Mockito.verify(org.mockito.Mockito.verify) ChronoUnit(java.time.temporal.ChronoUnit) OAuth2AuthorizationCode(org.springframework.security.oauth2.core.OAuth2AuthorizationCode) SignatureAlgorithm(org.springframework.security.oauth2.jose.jws.SignatureAlgorithm) OAuth2TokenType(org.springframework.security.oauth2.core.OAuth2TokenType) OAuth2TokenCustomizer(org.springframework.security.oauth2.server.authorization.OAuth2TokenCustomizer) OAuth2TokenFormat(org.springframework.security.oauth2.core.OAuth2TokenFormat) AuthorizationGrantType(org.springframework.security.oauth2.core.AuthorizationGrantType) OAuth2TokenContext(org.springframework.security.oauth2.server.authorization.OAuth2TokenContext) OAuth2Authorization(org.springframework.security.oauth2.server.authorization.OAuth2Authorization) OAuth2AuthenticationException(org.springframework.security.oauth2.core.OAuth2AuthenticationException) OAuth2AuthorizationRequest(org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest) RegisteredClient(org.springframework.security.oauth2.server.authorization.client.RegisteredClient) Test(org.junit.Test)

Aggregations

OAuth2Authorization (org.springframework.security.oauth2.server.authorization.OAuth2Authorization)119 Test (org.junit.Test)109 RegisteredClient (org.springframework.security.oauth2.server.authorization.client.RegisteredClient)109 OAuth2AuthenticationException (org.springframework.security.oauth2.core.OAuth2AuthenticationException)44 OAuth2AccessToken (org.springframework.security.oauth2.core.OAuth2AccessToken)43 Authentication (org.springframework.security.core.Authentication)36 Jwt (org.springframework.security.oauth2.jwt.Jwt)36 OAuth2AuthorizationRequest (org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest)34 OAuth2TokenType (org.springframework.security.oauth2.core.OAuth2TokenType)30 Instant (java.time.Instant)29 HashSet (java.util.HashSet)29 Principal (java.security.Principal)27 AuthorizationGrantType (org.springframework.security.oauth2.core.AuthorizationGrantType)24 OAuth2AuthorizationService (org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService)24 TestRegisteredClients (org.springframework.security.oauth2.server.authorization.client.TestRegisteredClients)24 ProviderSettings (org.springframework.security.oauth2.server.authorization.config.ProviderSettings)24 HashMap (java.util.HashMap)23 Assertions.assertThat (org.assertj.core.api.Assertions.assertThat)23 Assertions.assertThatThrownBy (org.assertj.core.api.Assertions.assertThatThrownBy)23 OAuth2ParameterNames (org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames)23
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial