Examples with BearerTokenAuthentication org.springframework.security.oauth2.server.resource.authentication.BearerTokenAuthentication used on opensource projects

Search in sources :

Example 6 with BearerTokenAuthentication

use of org.springframework.security.oauth2.server.resource.authentication.BearerTokenAuthentication in project spring-security by spring-projects.

the class SecurityReactorContextConfigurationResourceServerTests method requestWhenNotUsingFilterThenBearerTokenNotPropagated.

// gh-7418
@Test
public void requestWhenNotUsingFilterThenBearerTokenNotPropagated() throws Exception {
    BearerTokenAuthentication authentication = TestBearerTokenAuthentications.bearer();
    this.spring.register(BearerFilterlessConfig.class, WebServerConfig.class, Controller.class).autowire();
    MockHttpServletRequestBuilder authenticatedRequest = get("/token").with(authentication(authentication));
    // @formatter:off
    this.mockMvc.perform(authenticatedRequest).andExpect(status().isOk()).andExpect(content().string(""));
// @formatter:on
}
Also used : MockHttpServletRequestBuilder(org.springframework.test.web.servlet.request.MockHttpServletRequestBuilder) RestController(org.springframework.web.bind.annotation.RestController) BearerTokenAuthentication(org.springframework.security.oauth2.server.resource.authentication.BearerTokenAuthentication) Test(org.junit.jupiter.api.Test)

Example 7 with BearerTokenAuthentication

use of org.springframework.security.oauth2.server.resource.authentication.BearerTokenAuthentication in project spring-security by spring-projects.

the class SecurityReactorContextConfigurationResourceServerTests method requestWhenUsingFilterThenBearerTokenPropagated.

// gh-7418
@Test
public void requestWhenUsingFilterThenBearerTokenPropagated() throws Exception {
    BearerTokenAuthentication authentication = TestBearerTokenAuthentications.bearer();
    this.spring.register(BearerFilterConfig.class, WebServerConfig.class, Controller.class).autowire();
    MockHttpServletRequestBuilder authenticatedRequest = get("/token").with(authentication(authentication));
    // @formatter:off
    this.mockMvc.perform(authenticatedRequest).andExpect(status().isOk()).andExpect(content().string("Bearer token"));
// @formatter:on
}
Also used : MockHttpServletRequestBuilder(org.springframework.test.web.servlet.request.MockHttpServletRequestBuilder) RestController(org.springframework.web.bind.annotation.RestController) BearerTokenAuthentication(org.springframework.security.oauth2.server.resource.authentication.BearerTokenAuthentication) Test(org.junit.jupiter.api.Test)

Example 8 with BearerTokenAuthentication

use of org.springframework.security.oauth2.server.resource.authentication.BearerTokenAuthentication in project spring-security by spring-projects.

the class SecurityMockServerConfigurerOpaqueTokenTests method mockOpaqueTokenWhenAttributesThenBearerTokenAuthentication.

@Test
public void mockOpaqueTokenWhenAttributesThenBearerTokenAuthentication() {
    String sub = new String("my-subject");
    this.client.mutateWith(SecurityMockServerConfigurers.mockOpaqueToken().attributes((attributes) -> attributes.put(OAuth2TokenIntrospectionClaimNames.SUB, sub))).get().exchange().expectStatus().isOk();
    SecurityContext context = this.securityContextController.removeSecurityContext();
    assertThat(context.getAuthentication()).isInstanceOf(BearerTokenAuthentication.class);
    BearerTokenAuthentication token = (BearerTokenAuthentication) context.getAuthentication();
    assertThat(token.getTokenAttributes().get(OAuth2TokenIntrospectionClaimNames.SUB)).isSameAs(sub);
}
Also used : MockitoExtension(org.mockito.junit.jupiter.MockitoExtension) BearerTokenAuthentication(org.springframework.security.oauth2.server.resource.authentication.BearerTokenAuthentication) HttpHeaders(org.springframework.http.HttpHeaders) CurrentSecurityContextArgumentResolver(org.springframework.security.web.reactive.result.method.annotation.CurrentSecurityContextArgumentResolver) MediaType(org.springframework.http.MediaType) OAuth2AuthenticatedPrincipal(org.springframework.security.oauth2.core.OAuth2AuthenticatedPrincipal) Assertions.assertThat(org.assertj.core.api.Assertions.assertThat) SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority) TestOAuth2AuthenticatedPrincipals(org.springframework.security.oauth2.core.TestOAuth2AuthenticatedPrincipals) GrantedAuthority(org.springframework.security.core.GrantedAuthority) OAuth2TokenIntrospectionClaimNames(org.springframework.security.oauth2.core.OAuth2TokenIntrospectionClaimNames) Test(org.junit.jupiter.api.Test) WebTestClient(org.springframework.test.web.reactive.server.WebTestClient) List(java.util.List) ExtendWith(org.junit.jupiter.api.extension.ExtendWith) SecurityContext(org.springframework.security.core.context.SecurityContext) SecurityContextServerWebExchangeWebFilter(org.springframework.security.web.server.context.SecurityContextServerWebExchangeWebFilter) ReactiveAdapterRegistry(org.springframework.core.ReactiveAdapterRegistry) SecurityContext(org.springframework.security.core.context.SecurityContext) BearerTokenAuthentication(org.springframework.security.oauth2.server.resource.authentication.BearerTokenAuthentication) Test(org.junit.jupiter.api.Test)

Example 9 with BearerTokenAuthentication

use of org.springframework.security.oauth2.server.resource.authentication.BearerTokenAuthentication in project spring-security by spring-projects.

the class SecurityMockServerConfigurerOpaqueTokenTests method mockOpaqueTokenWhenPrincipalThenBearerTokenAuthentication.

@Test
public void mockOpaqueTokenWhenPrincipalThenBearerTokenAuthentication() {
    OAuth2AuthenticatedPrincipal principal = TestOAuth2AuthenticatedPrincipals.active();
    this.client.mutateWith(SecurityMockServerConfigurers.mockOpaqueToken().principal(principal)).get().exchange().expectStatus().isOk();
    SecurityContext context = this.securityContextController.removeSecurityContext();
    assertThat(context.getAuthentication()).isInstanceOf(BearerTokenAuthentication.class);
    BearerTokenAuthentication token = (BearerTokenAuthentication) context.getAuthentication();
    assertThat(token.getPrincipal()).isSameAs(principal);
}
Also used : OAuth2AuthenticatedPrincipal(org.springframework.security.oauth2.core.OAuth2AuthenticatedPrincipal) SecurityContext(org.springframework.security.core.context.SecurityContext) BearerTokenAuthentication(org.springframework.security.oauth2.server.resource.authentication.BearerTokenAuthentication) Test(org.junit.jupiter.api.Test)

Example 10 with BearerTokenAuthentication

use of org.springframework.security.oauth2.server.resource.authentication.BearerTokenAuthentication in project spring-security by spring-projects.

the class JwtBearerTokenAuthenticationConverter method convert.

@Override
public AbstractAuthenticationToken convert(Jwt jwt) {
    OAuth2AccessToken accessToken = new OAuth2AccessToken(OAuth2AccessToken.TokenType.BEARER, jwt.getTokenValue(), jwt.getIssuedAt(), jwt.getExpiresAt());
    Map<String, Object> attributes = jwt.getClaims();
    AbstractAuthenticationToken token = this.jwtAuthenticationConverter.convert(jwt);
    Collection<GrantedAuthority> authorities = token.getAuthorities();
    OAuth2AuthenticatedPrincipal principal = new DefaultOAuth2AuthenticatedPrincipal(attributes, authorities);
    return new BearerTokenAuthentication(principal, accessToken, authorities);
}
Also used : AbstractAuthenticationToken(org.springframework.security.authentication.AbstractAuthenticationToken) OAuth2AuthenticatedPrincipal(org.springframework.security.oauth2.core.OAuth2AuthenticatedPrincipal) DefaultOAuth2AuthenticatedPrincipal(org.springframework.security.oauth2.core.DefaultOAuth2AuthenticatedPrincipal) OAuth2AccessToken(org.springframework.security.oauth2.core.OAuth2AccessToken) GrantedAuthority(org.springframework.security.core.GrantedAuthority) DefaultOAuth2AuthenticatedPrincipal(org.springframework.security.oauth2.core.DefaultOAuth2AuthenticatedPrincipal)

Aggregations

Test (org.junit.jupiter.api.Test)14 OAuth2AuthenticatedPrincipal (org.springframework.security.oauth2.core.OAuth2AuthenticatedPrincipal)10 DefaultOAuth2AuthenticatedPrincipal (org.springframework.security.oauth2.core.DefaultOAuth2AuthenticatedPrincipal)7 BearerTokenAuthentication (org.springframework.security.oauth2.server.resource.authentication.BearerTokenAuthentication)6 AbstractAuthenticationToken (org.springframework.security.authentication.AbstractAuthenticationToken)4 GrantedAuthority (org.springframework.security.core.GrantedAuthority)4 SimpleGrantedAuthority (org.springframework.security.core.authority.SimpleGrantedAuthority)4 SecurityContext (org.springframework.security.core.context.SecurityContext)4 OAuth2AccessToken (org.springframework.security.oauth2.core.OAuth2AccessToken)3 Jwt (org.springframework.security.oauth2.jwt.Jwt)3 List (java.util.List)2 JSONObject (net.minidev.json.JSONObject)2 Assertions.assertThat (org.assertj.core.api.Assertions.assertThat)2 ExtendWith (org.junit.jupiter.api.extension.ExtendWith)2 MockitoExtension (org.mockito.junit.jupiter.MockitoExtension)2 ReactiveAdapterRegistry (org.springframework.core.ReactiveAdapterRegistry)2 HttpHeaders (org.springframework.http.HttpHeaders)2 MediaType (org.springframework.http.MediaType)2 OAuth2TokenIntrospectionClaimNames (org.springframework.security.oauth2.core.OAuth2TokenIntrospectionClaimNames)2 TestOAuth2AuthenticatedPrincipals (org.springframework.security.oauth2.core.TestOAuth2AuthenticatedPrincipals)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial