Example 21 with OAuth2Authorization
use of org.springframework.security.oauth2.server.authorization.OAuth2Authorization in project spring-authorization-server by spring-projects.
the class OAuth2AuthorizationCodeAuthenticationProviderTests method authenticateWhenValidCodeThenReturnAccessToken.
@Test
public void authenticateWhenValidCodeThenReturnAccessToken() {
RegisteredClient registeredClient = TestRegisteredClients.registeredClient().build();
OAuth2Authorization authorization = TestOAuth2Authorizations.authorization(registeredClient).build();
when(this.authorizationService.findByToken(eq(AUTHORIZATION_CODE), eq(AUTHORIZATION_CODE_TOKEN_TYPE))).thenReturn(authorization);
OAuth2ClientAuthenticationToken clientPrincipal = new OAuth2ClientAuthenticationToken(registeredClient, ClientAuthenticationMethod.CLIENT_SECRET_BASIC, registeredClient.getClientSecret());
OAuth2AuthorizationRequest authorizationRequest = authorization.getAttribute(OAuth2AuthorizationRequest.class.getName());
OAuth2AuthorizationCodeAuthenticationToken authentication = new OAuth2AuthorizationCodeAuthenticationToken(AUTHORIZATION_CODE, clientPrincipal, authorizationRequest.getRedirectUri(), null);
when(this.jwtEncoder.encode(any(), any())).thenReturn(createJwt());
OAuth2AccessTokenAuthenticationToken accessTokenAuthentication = (OAuth2AccessTokenAuthenticationToken) this.authenticationProvider.authenticate(authentication);
ArgumentCaptor<JwtEncodingContext> jwtEncodingContextCaptor = ArgumentCaptor.forClass(JwtEncodingContext.class);
verify(this.jwtCustomizer).customize(jwtEncodingContextCaptor.capture());
JwtEncodingContext jwtEncodingContext = jwtEncodingContextCaptor.getValue();
assertThat(jwtEncodingContext.getRegisteredClient()).isEqualTo(registeredClient);
assertThat(jwtEncodingContext.<Authentication>getPrincipal()).isEqualTo(authorization.getAttribute(Principal.class.getName()));
assertThat(jwtEncodingContext.getAuthorization()).isEqualTo(authorization);
assertThat(jwtEncodingContext.getAuthorizedScopes()).isEqualTo(authorization.getAttribute(OAuth2Authorization.AUTHORIZED_SCOPE_ATTRIBUTE_NAME));
assertThat(jwtEncodingContext.getTokenType()).isEqualTo(OAuth2TokenType.ACCESS_TOKEN);
assertThat(jwtEncodingContext.getAuthorizationGrantType()).isEqualTo(AuthorizationGrantType.AUTHORIZATION_CODE);
assertThat(jwtEncodingContext.<OAuth2AuthorizationGrantAuthenticationToken>getAuthorizationGrant()).isEqualTo(authentication);
assertThat(jwtEncodingContext.getHeaders()).isNotNull();
assertThat(jwtEncodingContext.getClaims()).isNotNull();
ArgumentCaptor<JwtClaimsSet> jwtClaimsSetCaptor = ArgumentCaptor.forClass(JwtClaimsSet.class);
verify(this.jwtEncoder).encode(any(), jwtClaimsSetCaptor.capture());
JwtClaimsSet jwtClaimsSet = jwtClaimsSetCaptor.getValue();
Set<String> scopes = jwtClaimsSet.getClaim(OAuth2ParameterNames.SCOPE);
assertThat(scopes).isEqualTo(authorization.getAttribute(OAuth2Authorization.AUTHORIZED_SCOPE_ATTRIBUTE_NAME));
assertThat(jwtClaimsSet.getSubject()).isEqualTo(authorization.getPrincipalName());
ArgumentCaptor<OAuth2Authorization> authorizationCaptor = ArgumentCaptor.forClass(OAuth2Authorization.class);
verify(this.authorizationService).save(authorizationCaptor.capture());
OAuth2Authorization updatedAuthorization = authorizationCaptor.getValue();
assertThat(accessTokenAuthentication.getRegisteredClient().getId()).isEqualTo(updatedAuthorization.getRegisteredClientId());
assertThat(accessTokenAuthentication.getPrincipal()).isEqualTo(clientPrincipal);
assertThat(accessTokenAuthentication.getAccessToken()).isEqualTo(updatedAuthorization.getAccessToken().getToken());
assertThat(accessTokenAuthentication.getAccessToken().getScopes()).isEqualTo(authorization.getAttribute(OAuth2Authorization.AUTHORIZED_SCOPE_ATTRIBUTE_NAME));
assertThat(accessTokenAuthentication.getRefreshToken()).isNotNull();
assertThat(accessTokenAuthentication.getRefreshToken()).isEqualTo(updatedAuthorization.getRefreshToken().getToken());
OAuth2Authorization.Token<OAuth2AuthorizationCode> authorizationCode = updatedAuthorization.getToken(OAuth2AuthorizationCode.class);
assertThat(authorizationCode.isInvalidated()).isTrue();
}
Also used :
OAuth2Authorization(org.springframework.security.oauth2.server.authorization.OAuth2Authorization)
RegisteredClient(org.springframework.security.oauth2.server.authorization.client.RegisteredClient)
JwtClaimsSet(org.springframework.security.oauth2.jwt.JwtClaimsSet)
Authentication(org.springframework.security.core.Authentication)
OAuth2AuthorizationCode(org.springframework.security.oauth2.core.OAuth2AuthorizationCode)
JwtEncodingContext(org.springframework.security.oauth2.server.authorization.JwtEncodingContext)
OAuth2AuthorizationRequest(org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest)
Test(org.junit.Test)
Example 22 with OAuth2Authorization
use of org.springframework.security.oauth2.server.authorization.OAuth2Authorization in project spring-authorization-server by spring-projects.
the class OAuth2ClientAuthenticationProviderTests method authenticateWhenPkceAndInvalidCodeThenThrowOAuth2AuthenticationException.
@Test
public void authenticateWhenPkceAndInvalidCodeThenThrowOAuth2AuthenticationException() {
RegisteredClient registeredClient = TestRegisteredClients.registeredPublicClient().build();
when(this.registeredClientRepository.findByClientId(eq(registeredClient.getClientId()))).thenReturn(registeredClient);
OAuth2Authorization authorization = TestOAuth2Authorizations.authorization(registeredClient, createPkceAuthorizationParametersPlain()).build();
when(this.authorizationService.findByToken(eq(AUTHORIZATION_CODE), eq(AUTHORIZATION_CODE_TOKEN_TYPE))).thenReturn(authorization);
Map<String, Object> parameters = createPkceTokenParameters(PLAIN_CODE_VERIFIER);
parameters.put(OAuth2ParameterNames.CODE, "invalid-code");
OAuth2ClientAuthenticationToken authentication = new OAuth2ClientAuthenticationToken(registeredClient.getClientId(), ClientAuthenticationMethod.NONE, null, parameters);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication)).isInstanceOf(OAuth2AuthenticationException.class).extracting(ex -> ((OAuth2AuthenticationException) ex).getError()).satisfies(error -> {
assertThat(error.getErrorCode()).isEqualTo(OAuth2ErrorCodes.INVALID_GRANT);
assertThat(error.getDescription()).contains(OAuth2ParameterNames.CODE);
});
}
Also used :
UriComponentsBuilder(org.springframework.web.util.UriComponentsBuilder)
ArgumentMatchers.eq(org.mockito.ArgumentMatchers.eq)
RegisteredClientRepository(org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository)
Assertions.assertThat(org.assertj.core.api.Assertions.assertThat)
SecretKeySpec(javax.crypto.spec.SecretKeySpec)
JWKSet(com.nimbusds.jose.jwk.JWKSet)
Mockito.verifyNoInteractions(org.mockito.Mockito.verifyNoInteractions)
MacAlgorithm(org.springframework.security.oauth2.jose.jws.MacAlgorithm)
TestOAuth2Authorizations(org.springframework.security.oauth2.server.authorization.TestOAuth2Authorizations)
Map(java.util.Map)
Jwt(org.springframework.security.oauth2.jwt.Jwt)
OctetSequenceKey(com.nimbusds.jose.jwk.OctetSequenceKey)
ProviderSettings(org.springframework.security.oauth2.server.authorization.config.ProviderSettings)
JWKSource(com.nimbusds.jose.jwk.source.JWKSource)
OAuth2AuthenticationException(org.springframework.security.oauth2.core.OAuth2AuthenticationException)
Instant(java.time.Instant)
StandardCharsets(java.nio.charset.StandardCharsets)
NoOpPasswordEncoder(org.springframework.security.crypto.password.NoOpPasswordEncoder)
SecretKey(javax.crypto.SecretKey)
BadJwtException(org.springframework.security.oauth2.jwt.BadJwtException)
Mockito.mock(org.mockito.Mockito.mock)
ArgumentMatchers.any(org.mockito.ArgumentMatchers.any)
SecurityContext(com.nimbusds.jose.proc.SecurityContext)
OAuth2ParameterNames(org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames)
PkceParameterNames(org.springframework.security.oauth2.core.endpoint.PkceParameterNames)
HashMap(java.util.HashMap)
JwtEncoder(org.springframework.security.oauth2.jwt.JwtEncoder)
Mockito.spy(org.mockito.Mockito.spy)
JwtClaimsSet(org.springframework.security.oauth2.jwt.JwtClaimsSet)
Assertions.assertThatThrownBy(org.assertj.core.api.Assertions.assertThatThrownBy)
ClientAuthenticationMethod(org.springframework.security.oauth2.core.ClientAuthenticationMethod)
JwtValidationException(org.springframework.security.oauth2.jwt.JwtValidationException)
ClientSettings(org.springframework.security.oauth2.server.authorization.config.ClientSettings)
Before(org.junit.Before)
OAuth2Authorization(org.springframework.security.oauth2.server.authorization.OAuth2Authorization)
RegisteredClient(org.springframework.security.oauth2.server.authorization.client.RegisteredClient)
TestKeys(org.springframework.security.oauth2.jose.TestKeys)
TestJwks(org.springframework.security.oauth2.jose.TestJwks)
Test(org.junit.Test)
Mockito.when(org.mockito.Mockito.when)
OAuth2ErrorCodes(org.springframework.security.oauth2.core.OAuth2ErrorCodes)
NimbusJwsEncoder(org.springframework.security.oauth2.jwt.NimbusJwsEncoder)
TestRegisteredClients(org.springframework.security.oauth2.server.authorization.client.TestRegisteredClients)
OAuth2AuthorizationService(org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService)
Mockito.verify(org.mockito.Mockito.verify)
JoseHeader(org.springframework.security.oauth2.jwt.JoseHeader)
ChronoUnit(java.time.temporal.ChronoUnit)
PasswordEncoder(org.springframework.security.crypto.password.PasswordEncoder)
SignatureAlgorithm(org.springframework.security.oauth2.jose.jws.SignatureAlgorithm)
OAuth2TokenType(org.springframework.security.oauth2.core.OAuth2TokenType)
Collections(java.util.Collections)
AuthorizationGrantType(org.springframework.security.oauth2.core.AuthorizationGrantType)
OAuth2Authorization(org.springframework.security.oauth2.server.authorization.OAuth2Authorization)
OAuth2AuthenticationException(org.springframework.security.oauth2.core.OAuth2AuthenticationException)
RegisteredClient(org.springframework.security.oauth2.server.authorization.client.RegisteredClient)
Test(org.junit.Test)
Example 23 with OAuth2Authorization
use of org.springframework.security.oauth2.server.authorization.OAuth2Authorization in project spring-authorization-server by spring-projects.
the class OAuth2ClientAuthenticationProviderTests method authenticateWhenPkceAndPlainMethodAndInvalidCodeVerifierThenThrowOAuth2AuthenticationException.
@Test
public void authenticateWhenPkceAndPlainMethodAndInvalidCodeVerifierThenThrowOAuth2AuthenticationException() {
RegisteredClient registeredClient = TestRegisteredClients.registeredPublicClient().build();
when(this.registeredClientRepository.findByClientId(eq(registeredClient.getClientId()))).thenReturn(registeredClient);
OAuth2Authorization authorization = TestOAuth2Authorizations.authorization(registeredClient, createPkceAuthorizationParametersPlain()).build();
when(this.authorizationService.findByToken(eq(AUTHORIZATION_CODE), eq(AUTHORIZATION_CODE_TOKEN_TYPE))).thenReturn(authorization);
Map<String, Object> parameters = createPkceTokenParameters("invalid-code-verifier");
OAuth2ClientAuthenticationToken authentication = new OAuth2ClientAuthenticationToken(registeredClient.getClientId(), ClientAuthenticationMethod.NONE, null, parameters);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication)).isInstanceOf(OAuth2AuthenticationException.class).extracting(ex -> ((OAuth2AuthenticationException) ex).getError()).satisfies(error -> {
assertThat(error.getErrorCode()).isEqualTo(OAuth2ErrorCodes.INVALID_GRANT);
assertThat(error.getDescription()).contains(PkceParameterNames.CODE_VERIFIER);
});
}
Also used :
UriComponentsBuilder(org.springframework.web.util.UriComponentsBuilder)
ArgumentMatchers.eq(org.mockito.ArgumentMatchers.eq)
RegisteredClientRepository(org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository)
Assertions.assertThat(org.assertj.core.api.Assertions.assertThat)
SecretKeySpec(javax.crypto.spec.SecretKeySpec)
JWKSet(com.nimbusds.jose.jwk.JWKSet)
Mockito.verifyNoInteractions(org.mockito.Mockito.verifyNoInteractions)
MacAlgorithm(org.springframework.security.oauth2.jose.jws.MacAlgorithm)
TestOAuth2Authorizations(org.springframework.security.oauth2.server.authorization.TestOAuth2Authorizations)
Map(java.util.Map)
Jwt(org.springframework.security.oauth2.jwt.Jwt)
OctetSequenceKey(com.nimbusds.jose.jwk.OctetSequenceKey)
ProviderSettings(org.springframework.security.oauth2.server.authorization.config.ProviderSettings)
JWKSource(com.nimbusds.jose.jwk.source.JWKSource)
OAuth2AuthenticationException(org.springframework.security.oauth2.core.OAuth2AuthenticationException)
Instant(java.time.Instant)
StandardCharsets(java.nio.charset.StandardCharsets)
NoOpPasswordEncoder(org.springframework.security.crypto.password.NoOpPasswordEncoder)
SecretKey(javax.crypto.SecretKey)
BadJwtException(org.springframework.security.oauth2.jwt.BadJwtException)
Mockito.mock(org.mockito.Mockito.mock)
ArgumentMatchers.any(org.mockito.ArgumentMatchers.any)
SecurityContext(com.nimbusds.jose.proc.SecurityContext)
OAuth2ParameterNames(org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames)
PkceParameterNames(org.springframework.security.oauth2.core.endpoint.PkceParameterNames)
HashMap(java.util.HashMap)
JwtEncoder(org.springframework.security.oauth2.jwt.JwtEncoder)
Mockito.spy(org.mockito.Mockito.spy)
JwtClaimsSet(org.springframework.security.oauth2.jwt.JwtClaimsSet)
Assertions.assertThatThrownBy(org.assertj.core.api.Assertions.assertThatThrownBy)
ClientAuthenticationMethod(org.springframework.security.oauth2.core.ClientAuthenticationMethod)
JwtValidationException(org.springframework.security.oauth2.jwt.JwtValidationException)
ClientSettings(org.springframework.security.oauth2.server.authorization.config.ClientSettings)
Before(org.junit.Before)
OAuth2Authorization(org.springframework.security.oauth2.server.authorization.OAuth2Authorization)
RegisteredClient(org.springframework.security.oauth2.server.authorization.client.RegisteredClient)
TestKeys(org.springframework.security.oauth2.jose.TestKeys)
TestJwks(org.springframework.security.oauth2.jose.TestJwks)
Test(org.junit.Test)
Mockito.when(org.mockito.Mockito.when)
OAuth2ErrorCodes(org.springframework.security.oauth2.core.OAuth2ErrorCodes)
NimbusJwsEncoder(org.springframework.security.oauth2.jwt.NimbusJwsEncoder)
TestRegisteredClients(org.springframework.security.oauth2.server.authorization.client.TestRegisteredClients)
OAuth2AuthorizationService(org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService)
Mockito.verify(org.mockito.Mockito.verify)
JoseHeader(org.springframework.security.oauth2.jwt.JoseHeader)
ChronoUnit(java.time.temporal.ChronoUnit)
PasswordEncoder(org.springframework.security.crypto.password.PasswordEncoder)
SignatureAlgorithm(org.springframework.security.oauth2.jose.jws.SignatureAlgorithm)
OAuth2TokenType(org.springframework.security.oauth2.core.OAuth2TokenType)
Collections(java.util.Collections)
AuthorizationGrantType(org.springframework.security.oauth2.core.AuthorizationGrantType)
OAuth2Authorization(org.springframework.security.oauth2.server.authorization.OAuth2Authorization)
OAuth2AuthenticationException(org.springframework.security.oauth2.core.OAuth2AuthenticationException)
RegisteredClient(org.springframework.security.oauth2.server.authorization.client.RegisteredClient)
Test(org.junit.Test)
Example 24 with OAuth2Authorization
use of org.springframework.security.oauth2.server.authorization.OAuth2Authorization in project spring-authorization-server by spring-projects.
the class OAuth2ClientAuthenticationProviderTests method authenticateWhenPkceAndUnsupportedCodeChallengeMethodThenThrowOAuth2AuthenticationException.
@Test
public void authenticateWhenPkceAndUnsupportedCodeChallengeMethodThenThrowOAuth2AuthenticationException() {
RegisteredClient registeredClient = TestRegisteredClients.registeredPublicClient().build();
when(this.registeredClientRepository.findByClientId(eq(registeredClient.getClientId()))).thenReturn(registeredClient);
Map<String, Object> authorizationRequestAdditionalParameters = createPkceAuthorizationParametersPlain();
// This should never happen: the Authorization endpoint should not allow it
authorizationRequestAdditionalParameters.put(PkceParameterNames.CODE_CHALLENGE_METHOD, "unsupported-challenge-method");
OAuth2Authorization authorization = TestOAuth2Authorizations.authorization(registeredClient, authorizationRequestAdditionalParameters).build();
when(this.authorizationService.findByToken(eq(AUTHORIZATION_CODE), eq(AUTHORIZATION_CODE_TOKEN_TYPE))).thenReturn(authorization);
Map<String, Object> parameters = createPkceTokenParameters(PLAIN_CODE_VERIFIER);
OAuth2ClientAuthenticationToken authentication = new OAuth2ClientAuthenticationToken(registeredClient.getClientId(), ClientAuthenticationMethod.NONE, null, parameters);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication)).isInstanceOf(OAuth2AuthenticationException.class).extracting(ex -> ((OAuth2AuthenticationException) ex).getError()).extracting("errorCode").isEqualTo(OAuth2ErrorCodes.SERVER_ERROR);
}
Also used :
OAuth2Authorization(org.springframework.security.oauth2.server.authorization.OAuth2Authorization)
OAuth2AuthenticationException(org.springframework.security.oauth2.core.OAuth2AuthenticationException)
RegisteredClient(org.springframework.security.oauth2.server.authorization.client.RegisteredClient)
Test(org.junit.Test)
Example 25 with OAuth2Authorization
use of org.springframework.security.oauth2.server.authorization.OAuth2Authorization in project spring-authorization-server by spring-projects.
the class OAuth2ClientCredentialsAuthenticationProviderTests method authenticateWhenValidAuthenticationThenReturnAccessToken.
@Test
public void authenticateWhenValidAuthenticationThenReturnAccessToken() {
RegisteredClient registeredClient = TestRegisteredClients.registeredClient2().build();
OAuth2ClientAuthenticationToken clientPrincipal = new OAuth2ClientAuthenticationToken(registeredClient, ClientAuthenticationMethod.CLIENT_SECRET_BASIC, registeredClient.getClientSecret());
OAuth2ClientCredentialsAuthenticationToken authentication = new OAuth2ClientCredentialsAuthenticationToken(clientPrincipal, null, null);
when(this.jwtEncoder.encode(any(), any())).thenReturn(createJwt(registeredClient.getScopes()));
OAuth2AccessTokenAuthenticationToken accessTokenAuthentication = (OAuth2AccessTokenAuthenticationToken) this.authenticationProvider.authenticate(authentication);
ArgumentCaptor<JwtEncodingContext> jwtEncodingContextCaptor = ArgumentCaptor.forClass(JwtEncodingContext.class);
verify(this.jwtCustomizer).customize(jwtEncodingContextCaptor.capture());
JwtEncodingContext jwtEncodingContext = jwtEncodingContextCaptor.getValue();
assertThat(jwtEncodingContext.getRegisteredClient()).isEqualTo(registeredClient);
assertThat(jwtEncodingContext.<Authentication>getPrincipal()).isEqualTo(clientPrincipal);
assertThat(jwtEncodingContext.getAuthorization()).isNull();
assertThat(jwtEncodingContext.getTokenType()).isEqualTo(OAuth2TokenType.ACCESS_TOKEN);
assertThat(jwtEncodingContext.getAuthorizationGrantType()).isEqualTo(AuthorizationGrantType.CLIENT_CREDENTIALS);
assertThat(jwtEncodingContext.<OAuth2AuthorizationGrantAuthenticationToken>getAuthorizationGrant()).isEqualTo(authentication);
assertThat(jwtEncodingContext.getHeaders()).isNotNull();
assertThat(jwtEncodingContext.getClaims()).isNotNull();
ArgumentCaptor<OAuth2Authorization> authorizationCaptor = ArgumentCaptor.forClass(OAuth2Authorization.class);
verify(this.authorizationService).save(authorizationCaptor.capture());
OAuth2Authorization authorization = authorizationCaptor.getValue();
assertThat(jwtEncodingContext.getAuthorizedScopes()).isEqualTo(authorization.getAttribute(OAuth2Authorization.AUTHORIZED_SCOPE_ATTRIBUTE_NAME));
assertThat(authorization.getRegisteredClientId()).isEqualTo(clientPrincipal.getRegisteredClient().getId());
assertThat(authorization.getPrincipalName()).isEqualTo(clientPrincipal.getName());
assertThat(authorization.getAuthorizationGrantType()).isEqualTo(AuthorizationGrantType.CLIENT_CREDENTIALS);
assertThat(authorization.getAccessToken()).isNotNull();
assertThat(authorization.<Set<String>>getAttribute(OAuth2Authorization.AUTHORIZED_SCOPE_ATTRIBUTE_NAME)).isNotNull();
assertThat(authorization.getAccessToken().getToken().getScopes()).isEqualTo(authorization.getAttribute(OAuth2Authorization.AUTHORIZED_SCOPE_ATTRIBUTE_NAME));
assertThat(accessTokenAuthentication.getPrincipal()).isEqualTo(clientPrincipal);
assertThat(accessTokenAuthentication.getAccessToken()).isEqualTo(authorization.getAccessToken().getToken());
}
Also used :
Set(java.util.Set)
Authentication(org.springframework.security.core.Authentication)
JwtEncodingContext(org.springframework.security.oauth2.server.authorization.JwtEncodingContext)
OAuth2Authorization(org.springframework.security.oauth2.server.authorization.OAuth2Authorization)
RegisteredClient(org.springframework.security.oauth2.server.authorization.client.RegisteredClient)
Test(org.junit.Test)
Aggregations
OAuth2Authorization (org.springframework.security.oauth2.server.authorization.OAuth2Authorization)122
RegisteredClient (org.springframework.security.oauth2.server.authorization.client.RegisteredClient)111
Test (org.junit.Test)109
OAuth2AuthenticationException (org.springframework.security.oauth2.core.OAuth2AuthenticationException)44
OAuth2AccessToken (org.springframework.security.oauth2.core.OAuth2AccessToken)43
Authentication (org.springframework.security.core.Authentication)37
Jwt (org.springframework.security.oauth2.jwt.Jwt)36
OAuth2AuthorizationRequest (org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest)34
OAuth2TokenType (org.springframework.security.oauth2.core.OAuth2TokenType)30
Instant (java.time.Instant)29
HashSet (java.util.HashSet)29
Principal (java.security.Principal)27
AuthorizationGrantType (org.springframework.security.oauth2.core.AuthorizationGrantType)24
OAuth2AuthorizationService (org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService)24
TestRegisteredClients (org.springframework.security.oauth2.server.authorization.client.TestRegisteredClients)24
ProviderSettings (org.springframework.security.oauth2.server.authorization.config.ProviderSettings)24
HashMap (java.util.HashMap)23
Assertions.assertThat (org.assertj.core.api.Assertions.assertThat)23
Assertions.assertThatThrownBy (org.assertj.core.api.Assertions.assertThatThrownBy)23
OAuth2ParameterNames (org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames)23
