Examples with OAuth2TokenGenerator org.springframework.security.oauth2.server.authorization.OAuth2TokenGenerator used on opensource projects

Search in sources :

Example 1 with OAuth2TokenGenerator

use of org.springframework.security.oauth2.server.authorization.OAuth2TokenGenerator in project spring-authorization-server by spring-projects.

the class OAuth2AuthorizationCodeRequestAuthenticationProviderTests method authenticateWhenAuthorizationCodeNotGeneratedThenThrowOAuth2AuthorizationCodeRequestAuthenticationException.

@Test
public void authenticateWhenAuthorizationCodeNotGeneratedThenThrowOAuth2AuthorizationCodeRequestAuthenticationException() {
    RegisteredClient registeredClient = TestRegisteredClients.registeredClient().build();
    when(this.registeredClientRepository.findByClientId(eq(registeredClient.getClientId()))).thenReturn(registeredClient);
    @SuppressWarnings("unchecked") OAuth2TokenGenerator<OAuth2AuthorizationCode> authorizationCodeGenerator = mock(OAuth2TokenGenerator.class);
    this.authenticationProvider.setAuthorizationCodeGenerator(authorizationCodeGenerator);
    OAuth2AuthorizationCodeRequestAuthenticationToken authentication = authorizationCodeRequestAuthentication(registeredClient, this.principal).build();
    assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication)).isInstanceOf(OAuth2AuthorizationCodeRequestAuthenticationException.class).extracting(ex -> ((OAuth2AuthorizationCodeRequestAuthenticationException) ex).getError()).satisfies(error -> {
        assertThat(error.getErrorCode()).isEqualTo(OAuth2ErrorCodes.SERVER_ERROR);
        assertThat(error.getDescription()).contains("The token generator failed to generate the authorization code.");
    });
}
Also used : ArgumentMatchers.any(org.mockito.ArgumentMatchers.any) OAuth2ParameterNames(org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames) TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken) PkceParameterNames(org.springframework.security.oauth2.core.endpoint.PkceParameterNames) OAuth2TokenGenerator(org.springframework.security.oauth2.server.authorization.OAuth2TokenGenerator) OAuth2AuthorizationResponseType(org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationResponseType) ArgumentMatchers.eq(org.mockito.ArgumentMatchers.eq) RegisteredClientRepository(org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository) Assertions.assertThat(org.assertj.core.api.Assertions.assertThat) HashMap(java.util.HashMap) Mockito.spy(org.mockito.Mockito.spy) Function(java.util.function.Function) Supplier(java.util.function.Supplier) OAuth2AuthorizationConsentService(org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationConsentService) HashSet(java.util.HashSet) TestOAuth2Authorizations(org.springframework.security.oauth2.server.authorization.TestOAuth2Authorizations) ArgumentCaptor(org.mockito.ArgumentCaptor) Assertions.assertThatThrownBy(org.assertj.core.api.Assertions.assertThatThrownBy) Map(java.util.Map) OidcScopes(org.springframework.security.oauth2.core.oidc.OidcScopes) OAuth2AuthenticationValidator(org.springframework.security.oauth2.core.authentication.OAuth2AuthenticationValidator) ClientSettings(org.springframework.security.oauth2.server.authorization.config.ClientSettings) Before(org.junit.Before) OAuth2Authorization(org.springframework.security.oauth2.server.authorization.OAuth2Authorization) ProviderSettings(org.springframework.security.oauth2.server.authorization.config.ProviderSettings) RegisteredClient(org.springframework.security.oauth2.server.authorization.client.RegisteredClient) OAuth2AuthorizationConsent(org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationConsent) OAuth2AuthorizationRequest(org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest) Set(java.util.Set) Test(org.junit.Test) Mockito.times(org.mockito.Mockito.times) Mockito.when(org.mockito.Mockito.when) OAuth2ErrorCodes(org.springframework.security.oauth2.core.OAuth2ErrorCodes) TestRegisteredClients(org.springframework.security.oauth2.server.authorization.client.TestRegisteredClients) OAuth2AuthorizationService(org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService) Mockito.verify(org.mockito.Mockito.verify) Consumer(java.util.function.Consumer) ProviderContextHolder(org.springframework.security.oauth2.server.authorization.context.ProviderContextHolder) Mockito.never(org.mockito.Mockito.never) Principal(java.security.Principal) OAuth2AuthorizationCode(org.springframework.security.oauth2.core.OAuth2AuthorizationCode) OAuth2TokenType(org.springframework.security.oauth2.core.OAuth2TokenType) OAuth2Error(org.springframework.security.oauth2.core.OAuth2Error) ProviderContext(org.springframework.security.oauth2.server.authorization.context.ProviderContext) Authentication(org.springframework.security.core.Authentication) Collections(java.util.Collections) AuthorizationGrantType(org.springframework.security.oauth2.core.AuthorizationGrantType) Mockito.mock(org.mockito.Mockito.mock) OAuth2AuthorizationCode(org.springframework.security.oauth2.core.OAuth2AuthorizationCode) RegisteredClient(org.springframework.security.oauth2.server.authorization.client.RegisteredClient) Test(org.junit.Test)

Example 2 with OAuth2TokenGenerator

use of org.springframework.security.oauth2.server.authorization.OAuth2TokenGenerator in project spring-authorization-server by spring-projects.

the class OAuth2RefreshTokenAuthenticationProviderTests method setUp.

@Before
public void setUp() {
    this.authorizationService = mock(OAuth2AuthorizationService.class);
    this.jwtEncoder = mock(JwtEncoder.class);
    when(this.jwtEncoder.encode(any(), any())).thenReturn(createJwt(Collections.singleton("scope1")));
    this.jwtCustomizer = mock(OAuth2TokenCustomizer.class);
    JwtGenerator jwtGenerator = new JwtGenerator(this.jwtEncoder);
    jwtGenerator.setJwtCustomizer(this.jwtCustomizer);
    this.accessTokenCustomizer = mock(OAuth2TokenCustomizer.class);
    OAuth2AccessTokenGenerator accessTokenGenerator = new OAuth2AccessTokenGenerator();
    accessTokenGenerator.setAccessTokenCustomizer(this.accessTokenCustomizer);
    OAuth2RefreshTokenGenerator refreshTokenGenerator = new OAuth2RefreshTokenGenerator();
    OAuth2TokenGenerator<OAuth2Token> delegatingTokenGenerator = new DelegatingOAuth2TokenGenerator(jwtGenerator, accessTokenGenerator, refreshTokenGenerator);
    this.tokenGenerator = spy(new OAuth2TokenGenerator<OAuth2Token>() {

        @Override
        public OAuth2Token generate(OAuth2TokenContext context) {
            return delegatingTokenGenerator.generate(context);
        }
    });
    this.authenticationProvider = new OAuth2RefreshTokenAuthenticationProvider(this.authorizationService, this.tokenGenerator);
    ProviderSettings providerSettings = ProviderSettings.builder().issuer("https://provider.com").build();
    ProviderContextHolder.setProviderContext(new ProviderContext(providerSettings, null));
}
Also used : ProviderContext(org.springframework.security.oauth2.server.authorization.context.ProviderContext) OAuth2Token(org.springframework.security.oauth2.core.OAuth2Token) ProviderSettings(org.springframework.security.oauth2.server.authorization.config.ProviderSettings) JwtEncoder(org.springframework.security.oauth2.jwt.JwtEncoder) OAuth2TokenCustomizer(org.springframework.security.oauth2.server.authorization.OAuth2TokenCustomizer) DelegatingOAuth2TokenGenerator(org.springframework.security.oauth2.server.authorization.DelegatingOAuth2TokenGenerator) JwtGenerator(org.springframework.security.oauth2.server.authorization.JwtGenerator) OAuth2RefreshTokenGenerator(org.springframework.security.oauth2.server.authorization.OAuth2RefreshTokenGenerator) OAuth2TokenGenerator(org.springframework.security.oauth2.server.authorization.OAuth2TokenGenerator) DelegatingOAuth2TokenGenerator(org.springframework.security.oauth2.server.authorization.DelegatingOAuth2TokenGenerator) OAuth2TokenContext(org.springframework.security.oauth2.server.authorization.OAuth2TokenContext) OAuth2AuthorizationService(org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService) OAuth2AccessTokenGenerator(org.springframework.security.oauth2.server.authorization.OAuth2AccessTokenGenerator) Before(org.junit.Before)

Example 3 with OAuth2TokenGenerator

use of org.springframework.security.oauth2.server.authorization.OAuth2TokenGenerator in project spring-authorization-server by spring-projects.

the class OAuth2ClientCredentialsAuthenticationProviderTests method setUp.

@Before
public void setUp() {
    this.authorizationService = mock(OAuth2AuthorizationService.class);
    this.jwtEncoder = mock(JwtEncoder.class);
    this.jwtCustomizer = mock(OAuth2TokenCustomizer.class);
    JwtGenerator jwtGenerator = new JwtGenerator(this.jwtEncoder);
    jwtGenerator.setJwtCustomizer(this.jwtCustomizer);
    this.accessTokenCustomizer = mock(OAuth2TokenCustomizer.class);
    OAuth2AccessTokenGenerator accessTokenGenerator = new OAuth2AccessTokenGenerator();
    accessTokenGenerator.setAccessTokenCustomizer(this.accessTokenCustomizer);
    OAuth2TokenGenerator<OAuth2Token> delegatingTokenGenerator = new DelegatingOAuth2TokenGenerator(jwtGenerator, accessTokenGenerator);
    this.tokenGenerator = spy(new OAuth2TokenGenerator<OAuth2Token>() {

        @Override
        public OAuth2Token generate(OAuth2TokenContext context) {
            return delegatingTokenGenerator.generate(context);
        }
    });
    this.authenticationProvider = new OAuth2ClientCredentialsAuthenticationProvider(this.authorizationService, this.tokenGenerator);
    ProviderSettings providerSettings = ProviderSettings.builder().issuer("https://provider.com").build();
    ProviderContextHolder.setProviderContext(new ProviderContext(providerSettings, null));
}
Also used : ProviderContext(org.springframework.security.oauth2.server.authorization.context.ProviderContext) OAuth2Token(org.springframework.security.oauth2.core.OAuth2Token) ProviderSettings(org.springframework.security.oauth2.server.authorization.config.ProviderSettings) JwtEncoder(org.springframework.security.oauth2.jwt.JwtEncoder) OAuth2TokenCustomizer(org.springframework.security.oauth2.server.authorization.OAuth2TokenCustomizer) DelegatingOAuth2TokenGenerator(org.springframework.security.oauth2.server.authorization.DelegatingOAuth2TokenGenerator) JwtGenerator(org.springframework.security.oauth2.server.authorization.JwtGenerator) OAuth2TokenGenerator(org.springframework.security.oauth2.server.authorization.OAuth2TokenGenerator) DelegatingOAuth2TokenGenerator(org.springframework.security.oauth2.server.authorization.DelegatingOAuth2TokenGenerator) OAuth2TokenContext(org.springframework.security.oauth2.server.authorization.OAuth2TokenContext) OAuth2AuthorizationService(org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService) OAuth2AccessTokenGenerator(org.springframework.security.oauth2.server.authorization.OAuth2AccessTokenGenerator) Before(org.junit.Before)

Example 4 with OAuth2TokenGenerator

use of org.springframework.security.oauth2.server.authorization.OAuth2TokenGenerator in project spring-authorization-server by spring-projects.

the class OAuth2ConfigurerUtils method getTokenGenerator.

@SuppressWarnings("unchecked")
static <B extends HttpSecurityBuilder<B>> OAuth2TokenGenerator<? extends OAuth2Token> getTokenGenerator(B builder) {
    OAuth2TokenGenerator<? extends OAuth2Token> tokenGenerator = builder.getSharedObject(OAuth2TokenGenerator.class);
    if (tokenGenerator == null) {
        tokenGenerator = getOptionalBean(builder, OAuth2TokenGenerator.class);
        if (tokenGenerator == null) {
            JwtGenerator jwtGenerator = getJwtGenerator(builder);
            OAuth2AccessTokenGenerator accessTokenGenerator = new OAuth2AccessTokenGenerator();
            OAuth2TokenCustomizer<OAuth2TokenClaimsContext> accessTokenCustomizer = getAccessTokenCustomizer(builder);
            if (accessTokenCustomizer != null) {
                accessTokenGenerator.setAccessTokenCustomizer(accessTokenCustomizer);
            }
            OAuth2RefreshTokenGenerator refreshTokenGenerator = new OAuth2RefreshTokenGenerator();
            if (jwtGenerator != null) {
                tokenGenerator = new DelegatingOAuth2TokenGenerator(jwtGenerator, accessTokenGenerator, refreshTokenGenerator);
            } else {
                tokenGenerator = new DelegatingOAuth2TokenGenerator(accessTokenGenerator, refreshTokenGenerator);
            }
        }
        builder.setSharedObject(OAuth2TokenGenerator.class, tokenGenerator);
    }
    return tokenGenerator;
}
Also used : JwtGenerator(org.springframework.security.oauth2.server.authorization.JwtGenerator) OAuth2RefreshTokenGenerator(org.springframework.security.oauth2.server.authorization.OAuth2RefreshTokenGenerator) OAuth2TokenGenerator(org.springframework.security.oauth2.server.authorization.OAuth2TokenGenerator) DelegatingOAuth2TokenGenerator(org.springframework.security.oauth2.server.authorization.DelegatingOAuth2TokenGenerator) OAuth2TokenClaimsContext(org.springframework.security.oauth2.server.authorization.OAuth2TokenClaimsContext) OAuth2AccessTokenGenerator(org.springframework.security.oauth2.server.authorization.OAuth2AccessTokenGenerator) DelegatingOAuth2TokenGenerator(org.springframework.security.oauth2.server.authorization.DelegatingOAuth2TokenGenerator)

Example 5 with OAuth2TokenGenerator

use of org.springframework.security.oauth2.server.authorization.OAuth2TokenGenerator in project spring-authorization-server by spring-projects.

the class OAuth2TokenEndpointConfigurer method createDefaultAuthenticationProviders.

private <B extends HttpSecurityBuilder<B>> List<AuthenticationProvider> createDefaultAuthenticationProviders(B builder) {
    List<AuthenticationProvider> authenticationProviders = new ArrayList<>();
    OAuth2AuthorizationService authorizationService = OAuth2ConfigurerUtils.getAuthorizationService(builder);
    OAuth2TokenGenerator<? extends OAuth2Token> tokenGenerator = OAuth2ConfigurerUtils.getTokenGenerator(builder);
    OAuth2AuthorizationCodeAuthenticationProvider authorizationCodeAuthenticationProvider = new OAuth2AuthorizationCodeAuthenticationProvider(authorizationService, tokenGenerator);
    authenticationProviders.add(authorizationCodeAuthenticationProvider);
    OAuth2RefreshTokenAuthenticationProvider refreshTokenAuthenticationProvider = new OAuth2RefreshTokenAuthenticationProvider(authorizationService, tokenGenerator);
    authenticationProviders.add(refreshTokenAuthenticationProvider);
    OAuth2ClientCredentialsAuthenticationProvider clientCredentialsAuthenticationProvider = new OAuth2ClientCredentialsAuthenticationProvider(authorizationService, tokenGenerator);
    authenticationProviders.add(clientCredentialsAuthenticationProvider);
    return authenticationProviders;
}
Also used : OAuth2AuthorizationCodeAuthenticationProvider(org.springframework.security.oauth2.server.authorization.authentication.OAuth2AuthorizationCodeAuthenticationProvider) OAuth2ClientCredentialsAuthenticationProvider(org.springframework.security.oauth2.server.authorization.authentication.OAuth2ClientCredentialsAuthenticationProvider) OAuth2AuthorizationService(org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService) AuthenticationProvider(org.springframework.security.authentication.AuthenticationProvider) OAuth2RefreshTokenAuthenticationProvider(org.springframework.security.oauth2.server.authorization.authentication.OAuth2RefreshTokenAuthenticationProvider) OAuth2AuthorizationCodeAuthenticationProvider(org.springframework.security.oauth2.server.authorization.authentication.OAuth2AuthorizationCodeAuthenticationProvider) OAuth2ClientCredentialsAuthenticationProvider(org.springframework.security.oauth2.server.authorization.authentication.OAuth2ClientCredentialsAuthenticationProvider) ArrayList(java.util.ArrayList) OAuth2RefreshTokenAuthenticationProvider(org.springframework.security.oauth2.server.authorization.authentication.OAuth2RefreshTokenAuthenticationProvider)

Aggregations

OAuth2AuthorizationService (org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService)6 OAuth2TokenGenerator (org.springframework.security.oauth2.server.authorization.OAuth2TokenGenerator)6 Before (org.junit.Before)5 OAuth2Token (org.springframework.security.oauth2.core.OAuth2Token)5 JwtGenerator (org.springframework.security.oauth2.server.authorization.JwtGenerator)5 ProviderContext (org.springframework.security.oauth2.server.authorization.context.ProviderContext)5 JwtEncoder (org.springframework.security.oauth2.jwt.JwtEncoder)4 DelegatingOAuth2TokenGenerator (org.springframework.security.oauth2.server.authorization.DelegatingOAuth2TokenGenerator)4 OAuth2AccessTokenGenerator (org.springframework.security.oauth2.server.authorization.OAuth2AccessTokenGenerator)4 OAuth2TokenContext (org.springframework.security.oauth2.server.authorization.OAuth2TokenContext)4 ProviderSettings (org.springframework.security.oauth2.server.authorization.config.ProviderSettings)4 Test (org.junit.Test)3 OAuth2RefreshTokenGenerator (org.springframework.security.oauth2.server.authorization.OAuth2RefreshTokenGenerator)3 OAuth2TokenCustomizer (org.springframework.security.oauth2.server.authorization.OAuth2TokenCustomizer)3 RegisteredClientRepository (org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository)2 Principal (java.security.Principal)1 ArrayList (java.util.ArrayList)1 Collections (java.util.Collections)1 HashMap (java.util.HashMap)1 HashSet (java.util.HashSet)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial