Example 21 with BearerTokenAuthenticationToken
use of org.springframework.security.oauth2.server.resource.BearerTokenAuthenticationToken in project spring-security by spring-projects.
the class OpaqueTokenReactiveAuthenticationManagerTests method authenticateWhenIntrospectionEndpointThrowsExceptionThenInvalidToken.
@Test
public void authenticateWhenIntrospectionEndpointThrowsExceptionThenInvalidToken() {
ReactiveOpaqueTokenIntrospector introspector = mock(ReactiveOpaqueTokenIntrospector.class);
given(introspector.introspect(any())).willReturn(Mono.error(new OAuth2IntrospectionException("with \"invalid\" chars")));
OpaqueTokenReactiveAuthenticationManager provider = new OpaqueTokenReactiveAuthenticationManager(introspector);
assertThatExceptionOfType(AuthenticationServiceException.class).isThrownBy(() -> provider.authenticate(new BearerTokenAuthenticationToken("token")).block());
}
Also used :
OAuth2IntrospectionException(org.springframework.security.oauth2.server.resource.introspection.OAuth2IntrospectionException)
ReactiveOpaqueTokenIntrospector(org.springframework.security.oauth2.server.resource.introspection.ReactiveOpaqueTokenIntrospector)
BearerTokenAuthenticationToken(org.springframework.security.oauth2.server.resource.BearerTokenAuthenticationToken)
AuthenticationServiceException(org.springframework.security.authentication.AuthenticationServiceException)
Test(org.junit.jupiter.api.Test)
Example 22 with BearerTokenAuthenticationToken
use of org.springframework.security.oauth2.server.resource.BearerTokenAuthenticationToken in project spring-security by spring-projects.
the class JwtAuthenticationProviderTests method authenticateWhenDecoderFailsGenericallyThenThrowsGenericException.
// gh-7785
@Test
public void authenticateWhenDecoderFailsGenericallyThenThrowsGenericException() {
BearerTokenAuthenticationToken token = this.authentication();
given(this.jwtDecoder.decode(token.getToken())).willThrow(new JwtException("no jwk set"));
// @formatter:off
assertThatExceptionOfType(AuthenticationException.class).isThrownBy(() -> this.provider.authenticate(token)).isNotInstanceOf(OAuth2AuthenticationException.class);
// @formatter:on
}
Also used :
JwtException(org.springframework.security.oauth2.jwt.JwtException)
BadJwtException(org.springframework.security.oauth2.jwt.BadJwtException)
BearerTokenAuthenticationToken(org.springframework.security.oauth2.server.resource.BearerTokenAuthenticationToken)
Test(org.junit.jupiter.api.Test)
Example 23 with BearerTokenAuthenticationToken
use of org.springframework.security.oauth2.server.resource.BearerTokenAuthenticationToken in project spring-security by spring-projects.
the class BearerTokenAuthenticationFilter method doFilterInternal.
/**
* Extract any
* <a href="https://tools.ietf.org/html/rfc6750#section-1.2" target="_blank">Bearer
* Token</a> from the request and attempt an authentication.
* @param request
* @param response
* @param filterChain
* @throws ServletException
* @throws IOException
*/
@Override
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
String token;
try {
token = this.bearerTokenResolver.resolve(request);
} catch (OAuth2AuthenticationException invalid) {
this.logger.trace("Sending to authentication entry point since failed to resolve bearer token", invalid);
this.authenticationEntryPoint.commence(request, response, invalid);
return;
}
if (token == null) {
this.logger.trace("Did not process request since did not find bearer token");
filterChain.doFilter(request, response);
return;
}
BearerTokenAuthenticationToken authenticationRequest = new BearerTokenAuthenticationToken(token);
authenticationRequest.setDetails(this.authenticationDetailsSource.buildDetails(request));
try {
AuthenticationManager authenticationManager = this.authenticationManagerResolver.resolve(request);
Authentication authenticationResult = authenticationManager.authenticate(authenticationRequest);
SecurityContext context = SecurityContextHolder.createEmptyContext();
context.setAuthentication(authenticationResult);
SecurityContextHolder.setContext(context);
if (this.logger.isDebugEnabled()) {
this.logger.debug(LogMessage.format("Set SecurityContextHolder to %s", authenticationResult));
}
filterChain.doFilter(request, response);
} catch (AuthenticationException failed) {
SecurityContextHolder.clearContext();
this.logger.trace("Failed to process authentication request", failed);
this.authenticationFailureHandler.onAuthenticationFailure(request, response, failed);
}
}
Also used :
AuthenticationManager(org.springframework.security.authentication.AuthenticationManager)
OAuth2AuthenticationException(org.springframework.security.oauth2.core.OAuth2AuthenticationException)
AuthenticationException(org.springframework.security.core.AuthenticationException)
Authentication(org.springframework.security.core.Authentication)
SecurityContext(org.springframework.security.core.context.SecurityContext)
OAuth2AuthenticationException(org.springframework.security.oauth2.core.OAuth2AuthenticationException)
BearerTokenAuthenticationToken(org.springframework.security.oauth2.server.resource.BearerTokenAuthenticationToken)
Aggregations
BearerTokenAuthenticationToken (org.springframework.security.oauth2.server.resource.BearerTokenAuthenticationToken)23
Test (org.junit.jupiter.api.Test)18
Authentication (org.springframework.security.core.Authentication)8
OAuth2AuthenticatedPrincipal (org.springframework.security.oauth2.core.OAuth2AuthenticatedPrincipal)5
BadJwtException (org.springframework.security.oauth2.jwt.BadJwtException)5
AuthenticationServiceException (org.springframework.security.authentication.AuthenticationServiceException)3
Jwt (org.springframework.security.oauth2.jwt.Jwt)3
OpaqueTokenIntrospector (org.springframework.security.oauth2.server.resource.introspection.OpaqueTokenIntrospector)3
ReactiveOpaqueTokenIntrospector (org.springframework.security.oauth2.server.resource.introspection.ReactiveOpaqueTokenIntrospector)3
URL (java.net.URL)2
AbstractAuthenticationToken (org.springframework.security.authentication.AbstractAuthenticationToken)2
AuthenticationException (org.springframework.security.core.AuthenticationException)2
OAuth2AuthenticationException (org.springframework.security.oauth2.core.OAuth2AuthenticationException)2
JwtException (org.springframework.security.oauth2.jwt.JwtException)2
OAuth2IntrospectionAuthenticatedPrincipal (org.springframework.security.oauth2.server.resource.introspection.OAuth2IntrospectionAuthenticatedPrincipal)2
OAuth2IntrospectionException (org.springframework.security.oauth2.server.resource.introspection.OAuth2IntrospectionException)2
HttpModuleAuthentication (com.evolveum.midpoint.authentication.impl.module.authentication.HttpModuleAuthentication)1
MidPointPrincipal (com.evolveum.midpoint.security.api.MidPointPrincipal)1
JWSHeader (com.nimbusds.jose.JWSHeader)1
JWSObject (com.nimbusds.jose.JWSObject)1
