Example 6 with JwtAuthenticationToken
use of org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationToken in project spring-security by spring-projects.
the class JwtAuthenticationTokenTests method getNameWhenJwtHasSubjectThenReturnsSubject.
@Test
public void getNameWhenJwtHasSubjectThenReturnsSubject() {
Jwt jwt = builder().subject("Carl").build();
JwtAuthenticationToken token = new JwtAuthenticationToken(jwt);
assertThat(token.getName()).isEqualTo("Carl");
}Example 7 with JwtAuthenticationToken
use of org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationToken in project spring-security by spring-projects.
the class JwtAuthenticationTokenTests method getNameWhenJwtHasNoSubjectThenReturnsNull.
@Test
public void getNameWhenJwtHasNoSubjectThenReturnsNull() {
Jwt jwt = builder().claim("claim", "value").build();
JwtAuthenticationToken token = new JwtAuthenticationToken(jwt);
assertThat(token.getName()).isNull();
}Example 8 with JwtAuthenticationToken
use of org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationToken in project spring-security by spring-projects.
the class SecurityMockMvcRequestPostProcessorsJwtTests method jwtWhenUsingDefaultsThenProducesDefaultJwtAuthentication.
@Test
public void jwtWhenUsingDefaultsThenProducesDefaultJwtAuthentication() {
jwt().postProcessRequest(this.request);
verify(this.repository).saveContext(this.contextCaptor.capture(), eq(this.request), any(HttpServletResponse.class));
SecurityContext context = this.contextCaptor.getValue();
assertThat(context.getAuthentication()).isInstanceOf(JwtAuthenticationToken.class);
JwtAuthenticationToken token = (JwtAuthenticationToken) context.getAuthentication();
assertThat(token.getAuthorities()).isNotEmpty();
assertThat(token.getToken()).isNotNull();
assertThat(token.getToken().getSubject()).isEqualTo("user");
assertThat(token.getToken().getHeaders().get("alg")).isEqualTo("none");
}
Also used :
JwtAuthenticationToken(org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationToken)
SecurityContext(org.springframework.security.core.context.SecurityContext)
HttpServletResponse(jakarta.servlet.http.HttpServletResponse)
Test(org.junit.jupiter.api.Test)
Example 9 with JwtAuthenticationToken
use of org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationToken in project spring-security by spring-projects.
the class SecurityMockMvcRequestPostProcessorsJwtTests method jwtWhenProvidingPreparedJwtThenUsesItForAuthentication.
@Test
public void jwtWhenProvidingPreparedJwtThenUsesItForAuthentication() {
Jwt originalToken = TestJwts.jwt().header("header1", "value1").subject("some_user").build();
jwt().jwt(originalToken).postProcessRequest(this.request);
verify(this.repository).saveContext(this.contextCaptor.capture(), eq(this.request), any(HttpServletResponse.class));
SecurityContext context = this.contextCaptor.getValue();
JwtAuthenticationToken retrievedToken = (JwtAuthenticationToken) context.getAuthentication();
assertThat(retrievedToken.getToken().getSubject()).isEqualTo("some_user");
assertThat(retrievedToken.getToken().getTokenValue()).isEqualTo("token");
assertThat(retrievedToken.getToken().getHeaders().get("header1")).isEqualTo("value1");
}
Also used :
JwtAuthenticationToken(org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationToken)
Jwt(org.springframework.security.oauth2.jwt.Jwt)
SecurityContext(org.springframework.security.core.context.SecurityContext)
HttpServletResponse(jakarta.servlet.http.HttpServletResponse)
Test(org.junit.jupiter.api.Test)
Example 10 with JwtAuthenticationToken
use of org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationToken in project spring-security by spring-projects.
the class SecurityMockServerConfigurersJwtTests method mockJwtWhenProvidingBuilderConsumerThenProducesJwtAuthentication.
@Test
public void mockJwtWhenProvidingBuilderConsumerThenProducesJwtAuthentication() {
String name = new String("user");
this.client.mutateWith(SecurityMockServerConfigurers.mockJwt().jwt((jwt) -> jwt.subject(name))).get().exchange().expectStatus().isOk();
SecurityContext context = this.securityContextController.removeSecurityContext();
assertThat(context.getAuthentication()).isInstanceOf(JwtAuthenticationToken.class);
JwtAuthenticationToken token = (JwtAuthenticationToken) context.getAuthentication();
assertThat(token.getToken().getSubject()).isSameAs(name);
}
Also used :
JwtAuthenticationToken(org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationToken)
Arrays(java.util.Arrays)
HttpHeaders(org.springframework.http.HttpHeaders)
CurrentSecurityContextArgumentResolver(org.springframework.security.web.reactive.result.method.annotation.CurrentSecurityContextArgumentResolver)
MediaType(org.springframework.http.MediaType)
Assertions.assertThat(org.assertj.core.api.Assertions.assertThat)
SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority)
TestJwts(org.springframework.security.oauth2.jwt.TestJwts)
GrantedAuthority(org.springframework.security.core.GrantedAuthority)
Test(org.junit.jupiter.api.Test)
WebTestClient(org.springframework.test.web.reactive.server.WebTestClient)
List(java.util.List)
SecurityContext(org.springframework.security.core.context.SecurityContext)
Jwt(org.springframework.security.oauth2.jwt.Jwt)
SecurityContextServerWebExchangeWebFilter(org.springframework.security.web.server.context.SecurityContextServerWebExchangeWebFilter)
ReactiveAdapterRegistry(org.springframework.core.ReactiveAdapterRegistry)
JwtAuthenticationToken(org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationToken)
SecurityContext(org.springframework.security.core.context.SecurityContext)
Test(org.junit.jupiter.api.Test)
Aggregations
Test (org.junit.jupiter.api.Test)20
Jwt (org.springframework.security.oauth2.jwt.Jwt)16
JwtAuthenticationToken (org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationToken)11
GrantedAuthority (org.springframework.security.core.GrantedAuthority)6
SecurityContext (org.springframework.security.core.context.SecurityContext)6
HttpServletResponse (jakarta.servlet.http.HttpServletResponse)3
BearerTokenAuthenticationToken (org.springframework.security.oauth2.server.resource.BearerTokenAuthenticationToken)3
Arrays (java.util.Arrays)2
List (java.util.List)2
Assertions.assertThat (org.assertj.core.api.Assertions.assertThat)2
Authentication (org.springframework.security.core.Authentication)2
SimpleGrantedAuthority (org.springframework.security.core.authority.SimpleGrantedAuthority)2
JwtDecoder (org.springframework.security.oauth2.jwt.JwtDecoder)2
NimbusJwtDecoder (org.springframework.security.oauth2.jwt.NimbusJwtDecoder)2
TestJwts (org.springframework.security.oauth2.jwt.TestJwts)2
HttpModuleAuthentication (com.evolveum.midpoint.authentication.impl.module.authentication.HttpModuleAuthentication)1
MidPointPrincipal (com.evolveum.midpoint.security.api.MidPointPrincipal)1
HttpServletRequest (jakarta.servlet.http.HttpServletRequest)1
AfterEach (org.junit.jupiter.api.AfterEach)1
BeforeEach (org.junit.jupiter.api.BeforeEach)1
