Examples with BearerTokenAuthenticationToken org.springframework.security.oauth2.server.resource.BearerTokenAuthenticationToken used on opensource projects

Search in sources :

Example 16 with BearerTokenAuthenticationToken

use of org.springframework.security.oauth2.server.resource.BearerTokenAuthenticationToken in project spring-security by spring-projects.

the class BearerPayloadExchangeConverter method convert.

@Override
public Mono<Authentication> convert(PayloadExchange exchange) {
    ByteBuf metadata = exchange.getPayload().metadata();
    CompositeMetadata compositeMetadata = new CompositeMetadata(metadata, false);
    for (CompositeMetadata.Entry entry : compositeMetadata) {
        if (BEARER_MIME_TYPE_VALUE.equals(entry.getMimeType())) {
            ByteBuf content = entry.getContent();
            String token = content.toString(StandardCharsets.UTF_8);
            return Mono.just(new BearerTokenAuthenticationToken(token));
        }
    }
    return Mono.empty();
}
Also used : CompositeMetadata(io.rsocket.metadata.CompositeMetadata) ByteBuf(io.netty.buffer.ByteBuf) BearerTokenAuthenticationToken(org.springframework.security.oauth2.server.resource.BearerTokenAuthenticationToken)

Example 17 with BearerTokenAuthenticationToken

use of org.springframework.security.oauth2.server.resource.BearerTokenAuthenticationToken in project spring-security by spring-projects.

the class JwtIssuerReactiveAuthenticationManagerResolverTests method resolveWhenUsingTrustedIssuerThenReturnsAuthenticationManager.

@Test
public void resolveWhenUsingTrustedIssuerThenReturnsAuthenticationManager() throws Exception {
    try (MockWebServer server = new MockWebServer()) {
        String issuer = server.url("").toString();
        server.enqueue(new MockResponse().setResponseCode(200).setHeader("Content-Type", "application/json").setBody(String.format(DEFAULT_RESPONSE_TEMPLATE, issuer, issuer)));
        server.enqueue(new MockResponse().setResponseCode(200).setHeader("Content-Type", "application/json").setBody(JWK_SET));
        server.enqueue(new MockResponse().setResponseCode(200).setHeader("Content-Type", "application/json").setBody(JWK_SET));
        JWSObject jws = new JWSObject(new JWSHeader(JWSAlgorithm.RS256), new Payload(new JSONObject(Collections.singletonMap(JwtClaimNames.ISS, issuer))));
        jws.sign(new RSASSASigner(TestKeys.DEFAULT_PRIVATE_KEY));
        JwtIssuerReactiveAuthenticationManagerResolver authenticationManagerResolver = new JwtIssuerReactiveAuthenticationManagerResolver(issuer);
        ReactiveAuthenticationManager authenticationManager = authenticationManagerResolver.resolve(null).block();
        assertThat(authenticationManager).isNotNull();
        BearerTokenAuthenticationToken token = withBearerToken(jws.serialize());
        Authentication authentication = authenticationManager.authenticate(token).block();
        assertThat(authentication).isNotNull();
        assertThat(authentication.isAuthenticated()).isTrue();
    }
}
Also used : MockResponse(okhttp3.mockwebserver.MockResponse) ReactiveAuthenticationManager(org.springframework.security.authentication.ReactiveAuthenticationManager) JSONObject(net.minidev.json.JSONObject) Authentication(org.springframework.security.core.Authentication) MockWebServer(okhttp3.mockwebserver.MockWebServer) RSASSASigner(com.nimbusds.jose.crypto.RSASSASigner) Payload(com.nimbusds.jose.Payload) JWSObject(com.nimbusds.jose.JWSObject) BearerTokenAuthenticationToken(org.springframework.security.oauth2.server.resource.BearerTokenAuthenticationToken) JWSHeader(com.nimbusds.jose.JWSHeader) Test(org.junit.jupiter.api.Test)

Example 18 with BearerTokenAuthenticationToken

use of org.springframework.security.oauth2.server.resource.BearerTokenAuthenticationToken in project spring-security by spring-projects.

the class OpaqueTokenAuthenticationProviderTests method authenticateWhenMissingScopeAttributeThenNoAuthorities.

@Test
public void authenticateWhenMissingScopeAttributeThenNoAuthorities() {
    OAuth2AuthenticatedPrincipal principal = new OAuth2IntrospectionAuthenticatedPrincipal(Collections.singletonMap("claim", "value"), null);
    OpaqueTokenIntrospector introspector = mock(OpaqueTokenIntrospector.class);
    given(introspector.introspect(any())).willReturn(principal);
    OpaqueTokenAuthenticationProvider provider = new OpaqueTokenAuthenticationProvider(introspector);
    Authentication result = provider.authenticate(new BearerTokenAuthenticationToken("token"));
    assertThat(result.getPrincipal()).isInstanceOf(OAuth2AuthenticatedPrincipal.class);
    Map<String, Object> attributes = ((OAuth2AuthenticatedPrincipal) result.getPrincipal()).getAttributes();
    // @formatter:off
    assertThat(attributes).isNotNull().doesNotContainKey(OAuth2TokenIntrospectionClaimNames.SCOPE);
    // @formatter:on
    assertThat(result.getAuthorities()).isEmpty();
}
Also used : OpaqueTokenIntrospector(org.springframework.security.oauth2.server.resource.introspection.OpaqueTokenIntrospector) OAuth2IntrospectionAuthenticatedPrincipal(org.springframework.security.oauth2.server.resource.introspection.OAuth2IntrospectionAuthenticatedPrincipal) OAuth2AuthenticatedPrincipal(org.springframework.security.oauth2.core.OAuth2AuthenticatedPrincipal) Authentication(org.springframework.security.core.Authentication) BearerTokenAuthenticationToken(org.springframework.security.oauth2.server.resource.BearerTokenAuthenticationToken) Test(org.junit.jupiter.api.Test)

Example 19 with BearerTokenAuthenticationToken

use of org.springframework.security.oauth2.server.resource.BearerTokenAuthenticationToken in project spring-security by spring-projects.

the class OpaqueTokenAuthenticationProviderTests method authenticateWhenActiveTokenThenOk.

@Test
public void authenticateWhenActiveTokenThenOk() throws Exception {
    OAuth2AuthenticatedPrincipal principal = TestOAuth2AuthenticatedPrincipals.active((attributes) -> attributes.put("extension_field", "twenty-seven"));
    OpaqueTokenIntrospector introspector = mock(OpaqueTokenIntrospector.class);
    given(introspector.introspect(any())).willReturn(principal);
    OpaqueTokenAuthenticationProvider provider = new OpaqueTokenAuthenticationProvider(introspector);
    Authentication result = provider.authenticate(new BearerTokenAuthenticationToken("token"));
    assertThat(result.getPrincipal()).isInstanceOf(OAuth2IntrospectionAuthenticatedPrincipal.class);
    Map<String, Object> attributes = ((OAuth2AuthenticatedPrincipal) result.getPrincipal()).getAttributes();
    // @formatter:off
    assertThat(attributes).isNotNull().containsEntry(OAuth2TokenIntrospectionClaimNames.ACTIVE, true).containsEntry(OAuth2TokenIntrospectionClaimNames.AUD, Arrays.asList("https://protected.example.net/resource")).containsEntry(OAuth2TokenIntrospectionClaimNames.CLIENT_ID, "l238j323ds-23ij4").containsEntry(OAuth2TokenIntrospectionClaimNames.EXP, Instant.ofEpochSecond(1419356238)).containsEntry(OAuth2TokenIntrospectionClaimNames.ISS, new URL("https://server.example.com/")).containsEntry(OAuth2TokenIntrospectionClaimNames.NBF, Instant.ofEpochSecond(29348723984L)).containsEntry(OAuth2TokenIntrospectionClaimNames.SCOPE, Arrays.asList("read", "write", "dolphin")).containsEntry(OAuth2TokenIntrospectionClaimNames.SUB, "Z5O3upPC88QrAjx00dis").containsEntry(OAuth2TokenIntrospectionClaimNames.USERNAME, "jdoe").containsEntry("extension_field", "twenty-seven");
    assertThat(result.getAuthorities()).extracting("authority").containsExactly("SCOPE_read", "SCOPE_write", "SCOPE_dolphin");
// @formatter:on
}
Also used : OpaqueTokenIntrospector(org.springframework.security.oauth2.server.resource.introspection.OpaqueTokenIntrospector) OAuth2AuthenticatedPrincipal(org.springframework.security.oauth2.core.OAuth2AuthenticatedPrincipal) Authentication(org.springframework.security.core.Authentication) BearerTokenAuthenticationToken(org.springframework.security.oauth2.server.resource.BearerTokenAuthenticationToken) URL(java.net.URL) Test(org.junit.jupiter.api.Test)

Example 20 with BearerTokenAuthenticationToken

use of org.springframework.security.oauth2.server.resource.BearerTokenAuthenticationToken in project spring-security by spring-projects.

the class OpaqueTokenReactiveAuthenticationManagerTests method authenticateWhenMissingScopeAttributeThenNoAuthorities.

@Test
public void authenticateWhenMissingScopeAttributeThenNoAuthorities() {
    OAuth2AuthenticatedPrincipal authority = new OAuth2IntrospectionAuthenticatedPrincipal(Collections.singletonMap("claim", "value"), null);
    ReactiveOpaqueTokenIntrospector introspector = mock(ReactiveOpaqueTokenIntrospector.class);
    given(introspector.introspect(any())).willReturn(Mono.just(authority));
    OpaqueTokenReactiveAuthenticationManager provider = new OpaqueTokenReactiveAuthenticationManager(introspector);
    Authentication result = provider.authenticate(new BearerTokenAuthenticationToken("token")).block();
    assertThat(result.getPrincipal()).isInstanceOf(OAuth2IntrospectionAuthenticatedPrincipal.class);
    Map<String, Object> attributes = ((OAuth2AuthenticatedPrincipal) result.getPrincipal()).getAttributes();
    assertThat(attributes).isNotNull().doesNotContainKey(OAuth2TokenIntrospectionClaimNames.SCOPE);
    assertThat(result.getAuthorities()).isEmpty();
}
Also used : OAuth2IntrospectionAuthenticatedPrincipal(org.springframework.security.oauth2.server.resource.introspection.OAuth2IntrospectionAuthenticatedPrincipal) OAuth2AuthenticatedPrincipal(org.springframework.security.oauth2.core.OAuth2AuthenticatedPrincipal) Authentication(org.springframework.security.core.Authentication) ReactiveOpaqueTokenIntrospector(org.springframework.security.oauth2.server.resource.introspection.ReactiveOpaqueTokenIntrospector) BearerTokenAuthenticationToken(org.springframework.security.oauth2.server.resource.BearerTokenAuthenticationToken) Test(org.junit.jupiter.api.Test)

Aggregations

BearerTokenAuthenticationToken (org.springframework.security.oauth2.server.resource.BearerTokenAuthenticationToken)23 Test (org.junit.jupiter.api.Test)18 Authentication (org.springframework.security.core.Authentication)8 OAuth2AuthenticatedPrincipal (org.springframework.security.oauth2.core.OAuth2AuthenticatedPrincipal)5 BadJwtException (org.springframework.security.oauth2.jwt.BadJwtException)5 AuthenticationServiceException (org.springframework.security.authentication.AuthenticationServiceException)3 Jwt (org.springframework.security.oauth2.jwt.Jwt)3 OpaqueTokenIntrospector (org.springframework.security.oauth2.server.resource.introspection.OpaqueTokenIntrospector)3 ReactiveOpaqueTokenIntrospector (org.springframework.security.oauth2.server.resource.introspection.ReactiveOpaqueTokenIntrospector)3 URL (java.net.URL)2 AbstractAuthenticationToken (org.springframework.security.authentication.AbstractAuthenticationToken)2 AuthenticationException (org.springframework.security.core.AuthenticationException)2 OAuth2AuthenticationException (org.springframework.security.oauth2.core.OAuth2AuthenticationException)2 JwtException (org.springframework.security.oauth2.jwt.JwtException)2 OAuth2IntrospectionAuthenticatedPrincipal (org.springframework.security.oauth2.server.resource.introspection.OAuth2IntrospectionAuthenticatedPrincipal)2 OAuth2IntrospectionException (org.springframework.security.oauth2.server.resource.introspection.OAuth2IntrospectionException)2 HttpModuleAuthentication (com.evolveum.midpoint.authentication.impl.module.authentication.HttpModuleAuthentication)1 MidPointPrincipal (com.evolveum.midpoint.security.api.MidPointPrincipal)1 JWSHeader (com.nimbusds.jose.JWSHeader)1 JWSObject (com.nimbusds.jose.JWSObject)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial