use of org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationToken in project spring-security by spring-projects.
the class OAuth2ResourceServerBeanDefinitionParserTests method getWhenAuthenticationManagerResolverThenUses.
@Test
public void getWhenAuthenticationManagerResolverThenUses() throws Exception {
this.spring.configLocations(xml("AuthenticationManagerResolver")).autowire();
AuthenticationManagerResolver<HttpServletRequest> authenticationManagerResolver = this.spring.getContext().getBean(AuthenticationManagerResolver.class);
given(authenticationManagerResolver.resolve(any(HttpServletRequest.class))).willReturn((authentication) -> new JwtAuthenticationToken(TestJwts.jwt().build(), Collections.emptyList()));
// @formatter:off
this.mvc.perform(get("/").header("Authorization", "Bearer token")).andExpect(status().isNotFound());
// @formatter:on
verify(authenticationManagerResolver).resolve(any(HttpServletRequest.class));
}
use of org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationToken in project spring-security by spring-projects.
the class OAuth2ResourceServerBeanDefinitionParserTests method requestWhenJwtAuthenticationConverterThenUsed.
@Test
public void requestWhenJwtAuthenticationConverterThenUsed() throws Exception {
this.spring.configLocations(xml("MockJwtDecoder"), xml("MockJwtAuthenticationConverter"), xml("JwtAuthenticationConverter")).autowire();
Converter<Jwt, JwtAuthenticationToken> jwtAuthenticationConverter = (Converter<Jwt, JwtAuthenticationToken>) this.spring.getContext().getBean("jwtAuthenticationConverter");
given(jwtAuthenticationConverter.convert(any(Jwt.class))).willReturn(new JwtAuthenticationToken(TestJwts.jwt().build(), Collections.emptyList()));
JwtDecoder jwtDecoder = this.spring.getContext().getBean(JwtDecoder.class);
given(jwtDecoder.decode(anyString())).willReturn(TestJwts.jwt().build());
// @formatter:off
this.mvc.perform(get("/").header("Authorization", "Bearer token")).andExpect(status().isNotFound());
// @formatter:on
verify(jwtAuthenticationConverter).convert(any(Jwt.class));
}
use of org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationToken in project spring-security by spring-projects.
the class DefaultAuthenticationEventPublisherBearerTokenTests method publishAuthenticationFailureWhenInvalidBearerTokenExceptionThenMaps.
@Test
public void publishAuthenticationFailureWhenInvalidBearerTokenExceptionThenMaps() {
ApplicationEventPublisher appPublisher = mock(ApplicationEventPublisher.class);
Authentication authentication = new JwtAuthenticationToken(TestJwts.jwt().build());
Exception cause = new Exception();
this.publisher = new DefaultAuthenticationEventPublisher(appPublisher);
this.publisher.publishAuthenticationFailure(new InvalidBearerTokenException("invalid"), authentication);
this.publisher.publishAuthenticationFailure(new InvalidBearerTokenException("invalid", cause), authentication);
verify(appPublisher, times(2)).publishEvent(isA(AuthenticationFailureBadCredentialsEvent.class));
}
use of org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationToken in project spring-security by spring-projects.
the class JwtAuthenticationProviderTests method authenticateWhenConverterReturnsAuthenticationThenProviderPropagatesIt.
@Test
public void authenticateWhenConverterReturnsAuthenticationThenProviderPropagatesIt() {
BearerTokenAuthenticationToken token = this.authentication();
Object details = mock(Object.class);
token.setDetails(details);
Jwt jwt = TestJwts.jwt().build();
JwtAuthenticationToken authentication = new JwtAuthenticationToken(jwt);
given(this.jwtDecoder.decode(token.getToken())).willReturn(jwt);
given(this.jwtAuthenticationConverter.convert(jwt)).willReturn(authentication);
// @formatter:off
assertThat(this.provider.authenticate(token)).isEqualTo(authentication).hasFieldOrPropertyWithValue("details", details);
// @formatter:on
}
use of org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationToken in project spring-security by spring-projects.
the class JwtAuthenticationProviderTests method authenticateWhenJwtDecodesThenAuthenticationHasAttributesContainedInJwt.
@Test
public void authenticateWhenJwtDecodesThenAuthenticationHasAttributesContainedInJwt() {
BearerTokenAuthenticationToken token = this.authentication();
Jwt jwt = TestJwts.jwt().claim("name", "value").build();
given(this.jwtDecoder.decode("token")).willReturn(jwt);
given(this.jwtAuthenticationConverter.convert(jwt)).willReturn(new JwtAuthenticationToken(jwt));
JwtAuthenticationToken authentication = (JwtAuthenticationToken) this.provider.authenticate(token);
assertThat(authentication.getTokenAttributes()).containsEntry("name", "value");
}
Aggregations