Search in sources :

Example 6 with JwtAuthenticationConverter

use of org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationConverter in project spring-security by spring-projects.

the class OAuth2ResourceServerConfigurerTests method getJwtAuthenticationConverterWhenDuplicateConverterBeansThenThrowsException.

@Test
public void getJwtAuthenticationConverterWhenDuplicateConverterBeansThenThrowsException() {
    JwtAuthenticationConverter converterBean = new JwtAuthenticationConverter();
    GenericWebApplicationContext context = new GenericWebApplicationContext();
    context.registerBean("converterOne", JwtAuthenticationConverter.class, () -> converterBean);
    context.registerBean("converterTwo", JwtAuthenticationConverter.class, () -> converterBean);
    this.spring.context(context).autowire();
    OAuth2ResourceServerConfigurer.JwtConfigurer jwtConfigurer = new OAuth2ResourceServerConfigurer(context).jwt();
    assertThatExceptionOfType(NoUniqueBeanDefinitionException.class).isThrownBy(jwtConfigurer::getJwtAuthenticationConverter);
}
Also used : JwtAuthenticationConverter(org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationConverter) GenericWebApplicationContext(org.springframework.web.context.support.GenericWebApplicationContext) NoUniqueBeanDefinitionException(org.springframework.beans.factory.NoUniqueBeanDefinitionException) Test(org.junit.jupiter.api.Test)

Example 7 with JwtAuthenticationConverter

use of org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationConverter in project midpoint by Evolveum.

the class OidcResourceServerModuleFactory method createModuleFilter.

@Override
public AuthModule createModuleFilter(AbstractAuthenticationModuleType moduleType, String sequenceSuffix, ServletRequest request, Map<Class<?>, Object> sharedObjects, AuthenticationModulesType authenticationsPolicy, CredentialsPolicyType credentialPolicy, AuthenticationChannel authenticationChannel) throws Exception {
    if (!(moduleType instanceof OidcAuthenticationModuleType)) {
        LOGGER.error("This factory support only OidcAuthenticationModuleType, but modelType is " + moduleType);
        return null;
    }
    if (((OidcAuthenticationModuleType) moduleType).getResourceServer() == null) {
        LOGGER.error("Resource configuration of OidcAuthenticationModuleType is null");
        return null;
    }
    isSupportedChannel(authenticationChannel);
    OidcResourceServerModuleWebSecurityConfiguration.setProtector(getProtector());
    OidcResourceServerModuleWebSecurityConfiguration configuration = OidcResourceServerModuleWebSecurityConfiguration.build((OidcAuthenticationModuleType) moduleType, sequenceSuffix);
    configuration.setSequenceSuffix(sequenceSuffix);
    OidcResourceServerAuthenticationModuleType resourceServer = ((OidcAuthenticationModuleType) moduleType).getResourceServer();
    JwtAuthenticationConverter jwtAuthenticationConverter = new JwtAuthenticationConverter();
    if (resourceServer.getNameOfUsernameClaim() != null) {
        jwtAuthenticationConverter.setPrincipalClaimName(resourceServer.getNameOfUsernameClaim());
    }
    configuration.addAuthenticationProvider(getObjectObjectPostProcessor().postProcess(new OidcResourceServerProvider(configuration.getDecoder(), jwtAuthenticationConverter)));
    OidcResourceServerModuleWebSecurityConfigurer<OidcResourceServerModuleWebSecurityConfiguration> module = getObjectObjectPostProcessor().postProcess(new OidcResourceServerModuleWebSecurityConfigurer<>(configuration));
    module.setObjectPostProcessor(getObjectObjectPostProcessor());
    HttpSecurity http = module.getNewHttpSecurity();
    setSharedObjects(http, sharedObjects);
    ModuleAuthenticationImpl moduleAuthentication = createEmptyModuleAuthentication(configuration, resourceServer);
    moduleAuthentication.setFocusType(moduleType.getFocusType());
    SecurityFilterChain filter = http.build();
    return AuthModuleImpl.build(filter, configuration, moduleAuthentication);
}
Also used : SecurityFilterChain(org.springframework.security.web.SecurityFilterChain) OidcResourceServerProvider(com.evolveum.midpoint.authentication.impl.provider.OidcResourceServerProvider) ModuleAuthenticationImpl(com.evolveum.midpoint.authentication.impl.module.authentication.ModuleAuthenticationImpl) HttpSecurity(org.springframework.security.config.annotation.web.builders.HttpSecurity) JwtAuthenticationConverter(org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationConverter) OidcResourceServerModuleWebSecurityConfiguration(com.evolveum.midpoint.authentication.impl.module.configuration.OidcResourceServerModuleWebSecurityConfiguration)

Aggregations

Test (org.junit.jupiter.api.Test)6 JwtAuthenticationConverter (org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationConverter)5 GenericWebApplicationContext (org.springframework.web.context.support.GenericWebApplicationContext)4 Jwt (org.springframework.security.oauth2.jwt.Jwt)2 JwtDecoder (org.springframework.security.oauth2.jwt.JwtDecoder)2 NimbusJwtDecoder (org.springframework.security.oauth2.jwt.NimbusJwtDecoder)2 JwtAuthenticationToken (org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationToken)2 ModuleAuthenticationImpl (com.evolveum.midpoint.authentication.impl.module.authentication.ModuleAuthenticationImpl)1 OidcResourceServerModuleWebSecurityConfiguration (com.evolveum.midpoint.authentication.impl.module.configuration.OidcResourceServerModuleWebSecurityConfiguration)1 OidcResourceServerProvider (com.evolveum.midpoint.authentication.impl.provider.OidcResourceServerProvider)1 NoUniqueBeanDefinitionException (org.springframework.beans.factory.NoUniqueBeanDefinitionException)1 Converter (org.springframework.core.convert.converter.Converter)1 HttpSecurity (org.springframework.security.config.annotation.web.builders.HttpSecurity)1 SecurityFilterChain (org.springframework.security.web.SecurityFilterChain)1