Example 1 with BearerTokenAuthentication
use of org.springframework.security.oauth2.server.resource.authentication.BearerTokenAuthentication in project spring-security by spring-projects.
the class JwtBearerTokenAuthenticationConverterTests method convertWhenJwtWithScopeAttributeThenBearerTokenAuthentication.
@Test
public void convertWhenJwtWithScopeAttributeThenBearerTokenAuthentication() {
// @formatter:off
Jwt jwt = Jwt.withTokenValue("token-value").claim("scope", "message:read message:write").header("header", "value").build();
// @formatter:on
AbstractAuthenticationToken token = this.converter.convert(jwt);
assertThat(token).isInstanceOf(BearerTokenAuthentication.class);
BearerTokenAuthentication bearerToken = (BearerTokenAuthentication) token;
assertThat(bearerToken.getAuthorities()).containsExactly(new SimpleGrantedAuthority("SCOPE_message:read"), new SimpleGrantedAuthority("SCOPE_message:write"));
}
Also used :
AbstractAuthenticationToken(org.springframework.security.authentication.AbstractAuthenticationToken)
SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority)
Jwt(org.springframework.security.oauth2.jwt.Jwt)
Test(org.junit.jupiter.api.Test)
Example 2 with BearerTokenAuthentication
use of org.springframework.security.oauth2.server.resource.authentication.BearerTokenAuthentication in project spring-security by spring-projects.
the class JwtBearerTokenAuthenticationConverterTests method convertWhenJwtWithScpAttributeThenBearerTokenAuthentication.
@Test
public void convertWhenJwtWithScpAttributeThenBearerTokenAuthentication() {
// @formatter:off
Jwt jwt = Jwt.withTokenValue("token-value").claim("scp", Arrays.asList("message:read", "message:write")).header("header", "value").build();
// @formatter:on
AbstractAuthenticationToken token = this.converter.convert(jwt);
assertThat(token).isInstanceOf(BearerTokenAuthentication.class);
BearerTokenAuthentication bearerToken = (BearerTokenAuthentication) token;
assertThat(bearerToken.getAuthorities()).containsExactly(new SimpleGrantedAuthority("SCOPE_message:read"), new SimpleGrantedAuthority("SCOPE_message:write"));
}
Also used :
AbstractAuthenticationToken(org.springframework.security.authentication.AbstractAuthenticationToken)
SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority)
Jwt(org.springframework.security.oauth2.jwt.Jwt)
Test(org.junit.jupiter.api.Test)
Example 3 with BearerTokenAuthentication
use of org.springframework.security.oauth2.server.resource.authentication.BearerTokenAuthentication in project spring-security by spring-projects.
the class BearerTokenAuthenticationTests method constructorWhenPassingAllAttributesThenTokenIsAuthenticated.
@Test
public void constructorWhenPassingAllAttributesThenTokenIsAuthenticated() {
OAuth2AuthenticatedPrincipal principal = new DefaultOAuth2AuthenticatedPrincipal("harris", Collections.singletonMap("claim", "value"), null);
BearerTokenAuthentication authenticated = new BearerTokenAuthentication(principal, this.token, null);
assertThat(authenticated.isAuthenticated()).isTrue();
}
Also used :
OAuth2AuthenticatedPrincipal(org.springframework.security.oauth2.core.OAuth2AuthenticatedPrincipal)
DefaultOAuth2AuthenticatedPrincipal(org.springframework.security.oauth2.core.DefaultOAuth2AuthenticatedPrincipal)
DefaultOAuth2AuthenticatedPrincipal(org.springframework.security.oauth2.core.DefaultOAuth2AuthenticatedPrincipal)
Test(org.junit.jupiter.api.Test)
Example 4 with BearerTokenAuthentication
use of org.springframework.security.oauth2.server.resource.authentication.BearerTokenAuthentication in project spring-security by spring-projects.
the class SecurityMockServerConfigurerOpaqueTokenTests method mockOpaqueTokenWhenPrincipalSpecifiedThenLastCalledTakesPrecedence.
@Test
public void mockOpaqueTokenWhenPrincipalSpecifiedThenLastCalledTakesPrecedence() {
OAuth2AuthenticatedPrincipal principal = TestOAuth2AuthenticatedPrincipals.active((a) -> a.put("scope", "user"));
this.client.mutateWith(SecurityMockServerConfigurers.mockOpaqueToken().attributes((a) -> a.put(OAuth2TokenIntrospectionClaimNames.SUB, "foo")).principal(principal)).get().exchange().expectStatus().isOk();
SecurityContext context = this.securityContextController.removeSecurityContext();
assertThat(context.getAuthentication()).isInstanceOf(BearerTokenAuthentication.class);
BearerTokenAuthentication token = (BearerTokenAuthentication) context.getAuthentication();
assertThat((String) ((OAuth2AuthenticatedPrincipal) token.getPrincipal()).getAttribute(OAuth2TokenIntrospectionClaimNames.SUB)).isEqualTo(principal.getAttribute(OAuth2TokenIntrospectionClaimNames.SUB));
this.client.mutateWith(SecurityMockServerConfigurers.mockOpaqueToken().principal(principal).attributes((a) -> a.put(OAuth2TokenIntrospectionClaimNames.SUB, "bar"))).get().exchange().expectStatus().isOk();
context = this.securityContextController.removeSecurityContext();
assertThat(context.getAuthentication()).isInstanceOf(BearerTokenAuthentication.class);
token = (BearerTokenAuthentication) context.getAuthentication();
assertThat((String) ((OAuth2AuthenticatedPrincipal) token.getPrincipal()).getAttribute(OAuth2TokenIntrospectionClaimNames.SUB)).isEqualTo("bar");
}
Also used :
MockitoExtension(org.mockito.junit.jupiter.MockitoExtension)
BearerTokenAuthentication(org.springframework.security.oauth2.server.resource.authentication.BearerTokenAuthentication)
HttpHeaders(org.springframework.http.HttpHeaders)
CurrentSecurityContextArgumentResolver(org.springframework.security.web.reactive.result.method.annotation.CurrentSecurityContextArgumentResolver)
MediaType(org.springframework.http.MediaType)
OAuth2AuthenticatedPrincipal(org.springframework.security.oauth2.core.OAuth2AuthenticatedPrincipal)
Assertions.assertThat(org.assertj.core.api.Assertions.assertThat)
SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority)
TestOAuth2AuthenticatedPrincipals(org.springframework.security.oauth2.core.TestOAuth2AuthenticatedPrincipals)
GrantedAuthority(org.springframework.security.core.GrantedAuthority)
OAuth2TokenIntrospectionClaimNames(org.springframework.security.oauth2.core.OAuth2TokenIntrospectionClaimNames)
Test(org.junit.jupiter.api.Test)
WebTestClient(org.springframework.test.web.reactive.server.WebTestClient)
List(java.util.List)
ExtendWith(org.junit.jupiter.api.extension.ExtendWith)
SecurityContext(org.springframework.security.core.context.SecurityContext)
SecurityContextServerWebExchangeWebFilter(org.springframework.security.web.server.context.SecurityContextServerWebExchangeWebFilter)
ReactiveAdapterRegistry(org.springframework.core.ReactiveAdapterRegistry)
OAuth2AuthenticatedPrincipal(org.springframework.security.oauth2.core.OAuth2AuthenticatedPrincipal)
SecurityContext(org.springframework.security.core.context.SecurityContext)
BearerTokenAuthentication(org.springframework.security.oauth2.server.resource.authentication.BearerTokenAuthentication)
Test(org.junit.jupiter.api.Test)
Example 5 with BearerTokenAuthentication
use of org.springframework.security.oauth2.server.resource.authentication.BearerTokenAuthentication in project spring-security by spring-projects.
the class SecurityMockServerConfigurerOpaqueTokenTests method mockOpaqueTokenWhenUsingDefaultsThenBearerTokenAuthentication.
@Test
public void mockOpaqueTokenWhenUsingDefaultsThenBearerTokenAuthentication() {
this.client.mutateWith(SecurityMockServerConfigurers.mockOpaqueToken()).get().exchange().expectStatus().isOk();
SecurityContext context = this.securityContextController.removeSecurityContext();
assertThat(context.getAuthentication()).isInstanceOf(BearerTokenAuthentication.class);
BearerTokenAuthentication token = (BearerTokenAuthentication) context.getAuthentication();
assertThat(token.getAuthorities()).isNotEmpty();
assertThat(token.getToken()).isNotNull();
assertThat(token.getTokenAttributes().get(OAuth2TokenIntrospectionClaimNames.SUB)).isEqualTo("user");
}
Also used :
SecurityContext(org.springframework.security.core.context.SecurityContext)
BearerTokenAuthentication(org.springframework.security.oauth2.server.resource.authentication.BearerTokenAuthentication)
Test(org.junit.jupiter.api.Test)
Aggregations
Test (org.junit.jupiter.api.Test)14
OAuth2AuthenticatedPrincipal (org.springframework.security.oauth2.core.OAuth2AuthenticatedPrincipal)10
DefaultOAuth2AuthenticatedPrincipal (org.springframework.security.oauth2.core.DefaultOAuth2AuthenticatedPrincipal)7
BearerTokenAuthentication (org.springframework.security.oauth2.server.resource.authentication.BearerTokenAuthentication)6
AbstractAuthenticationToken (org.springframework.security.authentication.AbstractAuthenticationToken)4
GrantedAuthority (org.springframework.security.core.GrantedAuthority)4
SimpleGrantedAuthority (org.springframework.security.core.authority.SimpleGrantedAuthority)4
SecurityContext (org.springframework.security.core.context.SecurityContext)4
OAuth2AccessToken (org.springframework.security.oauth2.core.OAuth2AccessToken)3
Jwt (org.springframework.security.oauth2.jwt.Jwt)3
List (java.util.List)2
JSONObject (net.minidev.json.JSONObject)2
Assertions.assertThat (org.assertj.core.api.Assertions.assertThat)2
ExtendWith (org.junit.jupiter.api.extension.ExtendWith)2
MockitoExtension (org.mockito.junit.jupiter.MockitoExtension)2
ReactiveAdapterRegistry (org.springframework.core.ReactiveAdapterRegistry)2
HttpHeaders (org.springframework.http.HttpHeaders)2
MediaType (org.springframework.http.MediaType)2
OAuth2TokenIntrospectionClaimNames (org.springframework.security.oauth2.core.OAuth2TokenIntrospectionClaimNames)2
TestOAuth2AuthenticatedPrincipals (org.springframework.security.oauth2.core.TestOAuth2AuthenticatedPrincipals)2
