Search in sources :

Example 11 with JwtGrantedAuthoritiesConverter

use of org.springframework.security.oauth2.server.resource.authentication.JwtGrantedAuthoritiesConverter in project spring-security by spring-projects.

the class JwtGrantedAuthoritiesConverterTests method convertWhenTokenHasBothScopeAndScpThenScopeAttributeIsTranslatedToAuthorities.

@Test
public void convertWhenTokenHasBothScopeAndScpThenScopeAttributeIsTranslatedToAuthorities() {
    // @formatter:off
    Jwt jwt = TestJwts.jwt().claim("scp", Arrays.asList("message:read", "message:write")).claim("scope", "missive:read missive:write").build();
    // @formatter:on
    JwtGrantedAuthoritiesConverter jwtGrantedAuthoritiesConverter = new JwtGrantedAuthoritiesConverter();
    Collection<GrantedAuthority> authorities = jwtGrantedAuthoritiesConverter.convert(jwt);
    assertThat(authorities).containsExactly(new SimpleGrantedAuthority("SCOPE_missive:read"), new SimpleGrantedAuthority("SCOPE_missive:write"));
}
Also used : SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority) Jwt(org.springframework.security.oauth2.jwt.Jwt) SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority) GrantedAuthority(org.springframework.security.core.GrantedAuthority) Test(org.junit.jupiter.api.Test)

Example 12 with JwtGrantedAuthoritiesConverter

use of org.springframework.security.oauth2.server.resource.authentication.JwtGrantedAuthoritiesConverter in project spring-security by spring-projects.

the class JwtGrantedAuthoritiesConverterTests method convertWhenTokenHasScpAttributeThenTranslatedToAuthorities.

@Test
public void convertWhenTokenHasScpAttributeThenTranslatedToAuthorities() {
    // @formatter:off
    Jwt jwt = TestJwts.jwt().claim("scp", Arrays.asList("message:read", "message:write")).build();
    // @formatter:on
    JwtGrantedAuthoritiesConverter jwtGrantedAuthoritiesConverter = new JwtGrantedAuthoritiesConverter();
    Collection<GrantedAuthority> authorities = jwtGrantedAuthoritiesConverter.convert(jwt);
    assertThat(authorities).containsExactly(new SimpleGrantedAuthority("SCOPE_message:read"), new SimpleGrantedAuthority("SCOPE_message:write"));
}
Also used : SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority) Jwt(org.springframework.security.oauth2.jwt.Jwt) SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority) GrantedAuthority(org.springframework.security.core.GrantedAuthority) Test(org.junit.jupiter.api.Test)

Example 13 with JwtGrantedAuthoritiesConverter

use of org.springframework.security.oauth2.server.resource.authentication.JwtGrantedAuthoritiesConverter in project spring-security by spring-projects.

the class JwtGrantedAuthoritiesConverterTests method convertWhenTokenHasNoScopeAndNoScpAttributeThenTranslatesToNoAuthorities.

@Test
public void convertWhenTokenHasNoScopeAndNoScpAttributeThenTranslatesToNoAuthorities() {
    // @formatter:off
    Jwt jwt = TestJwts.jwt().claim("roles", Arrays.asList("message:read", "message:write")).build();
    // @formatter:on
    JwtGrantedAuthoritiesConverter jwtGrantedAuthoritiesConverter = new JwtGrantedAuthoritiesConverter();
    Collection<GrantedAuthority> authorities = jwtGrantedAuthoritiesConverter.convert(jwt);
    assertThat(authorities).isEmpty();
}
Also used : Jwt(org.springframework.security.oauth2.jwt.Jwt) SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority) GrantedAuthority(org.springframework.security.core.GrantedAuthority) Test(org.junit.jupiter.api.Test)

Example 14 with JwtGrantedAuthoritiesConverter

use of org.springframework.security.oauth2.server.resource.authentication.JwtGrantedAuthoritiesConverter in project spring-security by spring-projects.

the class JwtGrantedAuthoritiesConverterTests method convertWhenTokenHasEmptyScopeAttributeThenTranslatedToNoAuthorities.

@Test
public void convertWhenTokenHasEmptyScopeAttributeThenTranslatedToNoAuthorities() {
    // @formatter:off
    Jwt jwt = TestJwts.jwt().claim("scope", "").build();
    // @formatter:on
    JwtGrantedAuthoritiesConverter jwtGrantedAuthoritiesConverter = new JwtGrantedAuthoritiesConverter();
    Collection<GrantedAuthority> authorities = jwtGrantedAuthoritiesConverter.convert(jwt);
    assertThat(authorities).isEmpty();
}
Also used : Jwt(org.springframework.security.oauth2.jwt.Jwt) SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority) GrantedAuthority(org.springframework.security.core.GrantedAuthority) Test(org.junit.jupiter.api.Test)

Example 15 with JwtGrantedAuthoritiesConverter

use of org.springframework.security.oauth2.server.resource.authentication.JwtGrantedAuthoritiesConverter in project spring-security by spring-projects.

the class JwtGrantedAuthoritiesConverterTests method convertWithBlankAsCustomAuthorityPrefixWhenTokenHasScpAttributeThenTranslatedToAuthorities.

@Test
public void convertWithBlankAsCustomAuthorityPrefixWhenTokenHasScpAttributeThenTranslatedToAuthorities() {
    // @formatter:off
    Jwt jwt = TestJwts.jwt().claim("scp", "message:read message:write").build();
    // @formatter:on
    JwtGrantedAuthoritiesConverter jwtGrantedAuthoritiesConverter = new JwtGrantedAuthoritiesConverter();
    jwtGrantedAuthoritiesConverter.setAuthorityPrefix("");
    Collection<GrantedAuthority> authorities = jwtGrantedAuthoritiesConverter.convert(jwt);
    assertThat(authorities).containsExactly(new SimpleGrantedAuthority("message:read"), new SimpleGrantedAuthority("message:write"));
}
Also used : SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority) Jwt(org.springframework.security.oauth2.jwt.Jwt) SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority) GrantedAuthority(org.springframework.security.core.GrantedAuthority) Test(org.junit.jupiter.api.Test)

Aggregations

Test (org.junit.jupiter.api.Test)16 GrantedAuthority (org.springframework.security.core.GrantedAuthority)16 SimpleGrantedAuthority (org.springframework.security.core.authority.SimpleGrantedAuthority)16 Jwt (org.springframework.security.oauth2.jwt.Jwt)16