Examples with BearerTokenError org.springframework.security.oauth2.server.resource.BearerTokenError used on opensource projects

Search in sources :

Example 16 with BearerTokenError

use of org.springframework.security.oauth2.server.resource.BearerTokenError in project spring-security by spring-projects.

the class ServerBearerTokenAuthenticationConverterTests method resolveWhenQueryParameterHasMultipleAccessTokensThenOAuth2AuthenticationException.

@Test
void resolveWhenQueryParameterHasMultipleAccessTokensThenOAuth2AuthenticationException() {
    MockServerHttpRequest.BaseBuilder<?> request = MockServerHttpRequest.get("/").queryParam("access_token", TEST_TOKEN, TEST_TOKEN);
    assertThatExceptionOfType(OAuth2AuthenticationException.class).isThrownBy(() -> convertToToken(request)).satisfies((ex) -> {
        BearerTokenError error = (BearerTokenError) ex.getError();
        assertThat(error.getErrorCode()).isEqualTo(BearerTokenErrorCodes.INVALID_REQUEST);
        assertThat(error.getUri()).isEqualTo("https://tools.ietf.org/html/rfc6750#section-3.1");
        assertThat(error.getHttpStatus()).isEqualTo(HttpStatus.BAD_REQUEST);
    });
}
Also used : MockServerHttpRequest(org.springframework.mock.http.server.reactive.MockServerHttpRequest) BearerTokenError(org.springframework.security.oauth2.server.resource.BearerTokenError) Test(org.junit.jupiter.api.Test)

Example 17 with BearerTokenError

use of org.springframework.security.oauth2.server.resource.BearerTokenError in project spring-security by spring-projects.

the class ServerBearerTokenAuthenticationConverterTests method resolveWhenQueryParameterIsEmptyAndSupportedThenOAuth2AuthenticationException.

// gh-7011
@Test
public void resolveWhenQueryParameterIsEmptyAndSupportedThenOAuth2AuthenticationException() {
    this.converter.setAllowUriQueryParameter(true);
    // @formatter:off
    MockServerHttpRequest.BaseBuilder<?> request = MockServerHttpRequest.get("/").queryParam("access_token", "");
    assertThatExceptionOfType(OAuth2AuthenticationException.class).isThrownBy(() -> convertToToken(request)).satisfies((ex) -> {
        BearerTokenError error = (BearerTokenError) ex.getError();
        assertThat(error.getErrorCode()).isEqualTo(BearerTokenErrorCodes.INVALID_TOKEN);
        assertThat(error.getUri()).isEqualTo("https://tools.ietf.org/html/rfc6750#section-3.1");
        assertThat(error.getHttpStatus()).isEqualTo(HttpStatus.UNAUTHORIZED);
    });
// @formatter:on
}
Also used : MockServerHttpRequest(org.springframework.mock.http.server.reactive.MockServerHttpRequest) BearerTokenError(org.springframework.security.oauth2.server.resource.BearerTokenError) Test(org.junit.jupiter.api.Test)

Example 18 with BearerTokenError

use of org.springframework.security.oauth2.server.resource.BearerTokenError in project spring-security by spring-projects.

the class OAuth2ErrorResponseErrorHandler method readErrorFromWwwAuthenticate.

private OAuth2Error readErrorFromWwwAuthenticate(HttpHeaders headers) {
    String wwwAuthenticateHeader = headers.getFirst(HttpHeaders.WWW_AUTHENTICATE);
    if (!StringUtils.hasText(wwwAuthenticateHeader)) {
        return null;
    }
    BearerTokenError bearerTokenError = getBearerToken(wwwAuthenticateHeader);
    if (bearerTokenError == null) {
        return new OAuth2Error(OAuth2ErrorCodes.SERVER_ERROR, null, null);
    }
    String errorCode = (bearerTokenError.getCode() != null) ? bearerTokenError.getCode() : OAuth2ErrorCodes.SERVER_ERROR;
    String errorDescription = bearerTokenError.getDescription();
    String errorUri = (bearerTokenError.getURI() != null) ? bearerTokenError.getURI().toString() : null;
    return new OAuth2Error(errorCode, errorDescription, errorUri);
}
Also used : OAuth2Error(org.springframework.security.oauth2.core.OAuth2Error) BearerTokenError(com.nimbusds.oauth2.sdk.token.BearerTokenError)

Example 19 with BearerTokenError

use of org.springframework.security.oauth2.server.resource.BearerTokenError in project spring-security by spring-projects.

the class BearerTokenAuthenticationFilterTests method doFilterWhenAuthenticationFailsWithDefaultHandlerThenPropagatesError.

@Test
public void doFilterWhenAuthenticationFailsWithDefaultHandlerThenPropagatesError() throws ServletException, IOException {
    BearerTokenError error = new BearerTokenError(BearerTokenErrorCodes.INVALID_TOKEN, HttpStatus.UNAUTHORIZED, "description", "uri");
    OAuth2AuthenticationException exception = new OAuth2AuthenticationException(error);
    given(this.bearerTokenResolver.resolve(this.request)).willReturn("token");
    given(this.authenticationManager.authenticate(any(BearerTokenAuthenticationToken.class))).willThrow(exception);
    BearerTokenAuthenticationFilter filter = addMocks(new BearerTokenAuthenticationFilter(this.authenticationManager));
    filter.doFilter(this.request, this.response, this.filterChain);
    verify(this.authenticationEntryPoint).commence(this.request, this.response, exception);
}
Also used : BearerTokenError(org.springframework.security.oauth2.server.resource.BearerTokenError) OAuth2AuthenticationException(org.springframework.security.oauth2.core.OAuth2AuthenticationException) BearerTokenAuthenticationToken(org.springframework.security.oauth2.server.resource.BearerTokenAuthenticationToken) Test(org.junit.jupiter.api.Test)

Example 20 with BearerTokenError

use of org.springframework.security.oauth2.server.resource.BearerTokenError in project spring-security by spring-projects.

the class BearerTokenAuthenticationFilterTests method doFilterWhenMalformedBearerTokenThenPropagatesError.

@Test
public void doFilterWhenMalformedBearerTokenThenPropagatesError() throws ServletException, IOException {
    BearerTokenError error = new BearerTokenError(BearerTokenErrorCodes.INVALID_REQUEST, HttpStatus.BAD_REQUEST, "description", "uri");
    OAuth2AuthenticationException exception = new OAuth2AuthenticationException(error);
    given(this.bearerTokenResolver.resolve(this.request)).willThrow(exception);
    dontAuthenticate();
    verify(this.authenticationEntryPoint).commence(this.request, this.response, exception);
}
Also used : BearerTokenError(org.springframework.security.oauth2.server.resource.BearerTokenError) OAuth2AuthenticationException(org.springframework.security.oauth2.core.OAuth2AuthenticationException) Test(org.junit.jupiter.api.Test)

Aggregations

BearerTokenError (org.springframework.security.oauth2.server.resource.BearerTokenError)24 OAuth2AuthenticationException (org.springframework.security.oauth2.core.OAuth2AuthenticationException)20 Test (org.junit.jupiter.api.Test)14 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)7 MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)7 OAuth2Error (org.springframework.security.oauth2.core.OAuth2Error)6 LinkedHashMap (java.util.LinkedHashMap)3 MockServerHttpRequest (org.springframework.mock.http.server.reactive.MockServerHttpRequest)3 Matcher (java.util.regex.Matcher)2 HttpStatus (org.springframework.http.HttpStatus)2 BearerTokenAuthenticationToken (org.springframework.security.oauth2.server.resource.BearerTokenAuthenticationToken)2 BearerTokenError (com.nimbusds.oauth2.sdk.token.BearerTokenError)1 ExceptionHandler (org.springframework.web.bind.annotation.ExceptionHandler)1 ResponseBody (org.springframework.web.bind.annotation.ResponseBody)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial