Example 1 with BearerTokenAuthenticationFilter
use of org.springframework.security.oauth2.server.resource.web.BearerTokenAuthenticationFilter in project spring-security by spring-projects.
the class OAuth2ResourceServerConfigurer method configure.
@Override
public void configure(H http) {
BearerTokenResolver bearerTokenResolver = getBearerTokenResolver();
this.requestMatcher.setBearerTokenResolver(bearerTokenResolver);
AuthenticationManagerResolver resolver = this.authenticationManagerResolver;
if (resolver == null) {
AuthenticationManager authenticationManager = getAuthenticationManager(http);
resolver = (request) -> authenticationManager;
}
BearerTokenAuthenticationFilter filter = new BearerTokenAuthenticationFilter(resolver);
filter.setBearerTokenResolver(bearerTokenResolver);
filter.setAuthenticationEntryPoint(this.authenticationEntryPoint);
filter = postProcess(filter);
http.addFilter(filter);
}
Also used :
AuthenticationManager(org.springframework.security.authentication.AuthenticationManager)
AuthenticationManagerResolver(org.springframework.security.authentication.AuthenticationManagerResolver)
BearerTokenAuthenticationFilter(org.springframework.security.oauth2.server.resource.web.BearerTokenAuthenticationFilter)
DefaultBearerTokenResolver(org.springframework.security.oauth2.server.resource.web.DefaultBearerTokenResolver)
BearerTokenResolver(org.springframework.security.oauth2.server.resource.web.BearerTokenResolver)
Example 2 with BearerTokenAuthenticationFilter
use of org.springframework.security.oauth2.server.resource.web.BearerTokenAuthenticationFilter in project spring-security by spring-projects.
the class BearerTokenAuthenticationFilterTests method doFilterWhenAuthenticationFailsWithDefaultHandlerThenPropagatesError.
@Test
public void doFilterWhenAuthenticationFailsWithDefaultHandlerThenPropagatesError() throws ServletException, IOException {
BearerTokenError error = new BearerTokenError(BearerTokenErrorCodes.INVALID_TOKEN, HttpStatus.UNAUTHORIZED, "description", "uri");
OAuth2AuthenticationException exception = new OAuth2AuthenticationException(error);
given(this.bearerTokenResolver.resolve(this.request)).willReturn("token");
given(this.authenticationManager.authenticate(any(BearerTokenAuthenticationToken.class))).willThrow(exception);
BearerTokenAuthenticationFilter filter = addMocks(new BearerTokenAuthenticationFilter(this.authenticationManager));
filter.doFilter(this.request, this.response, this.filterChain);
verify(this.authenticationEntryPoint).commence(this.request, this.response, exception);
}
Also used :
BearerTokenError(org.springframework.security.oauth2.server.resource.BearerTokenError)
OAuth2AuthenticationException(org.springframework.security.oauth2.core.OAuth2AuthenticationException)
BearerTokenAuthenticationToken(org.springframework.security.oauth2.server.resource.BearerTokenAuthenticationToken)
Test(org.junit.jupiter.api.Test)
Example 3 with BearerTokenAuthenticationFilter
use of org.springframework.security.oauth2.server.resource.web.BearerTokenAuthenticationFilter in project spring-security by spring-projects.
the class BearerTokenAuthenticationFilterTests method doFilterWhenAuthenticationFailsWithCustomHandlerThenPropagatesError.
@Test
public void doFilterWhenAuthenticationFailsWithCustomHandlerThenPropagatesError() throws ServletException, IOException {
BearerTokenError error = new BearerTokenError(BearerTokenErrorCodes.INVALID_TOKEN, HttpStatus.UNAUTHORIZED, "description", "uri");
OAuth2AuthenticationException exception = new OAuth2AuthenticationException(error);
given(this.bearerTokenResolver.resolve(this.request)).willReturn("token");
given(this.authenticationManager.authenticate(any(BearerTokenAuthenticationToken.class))).willThrow(exception);
BearerTokenAuthenticationFilter filter = addMocks(new BearerTokenAuthenticationFilter(this.authenticationManager));
filter.setAuthenticationFailureHandler(this.authenticationFailureHandler);
filter.doFilter(this.request, this.response, this.filterChain);
verify(this.authenticationFailureHandler).onAuthenticationFailure(this.request, this.response, exception);
}
Also used :
BearerTokenError(org.springframework.security.oauth2.server.resource.BearerTokenError)
OAuth2AuthenticationException(org.springframework.security.oauth2.core.OAuth2AuthenticationException)
BearerTokenAuthenticationToken(org.springframework.security.oauth2.server.resource.BearerTokenAuthenticationToken)
Test(org.junit.jupiter.api.Test)
Aggregations
Test (org.junit.jupiter.api.Test)2
OAuth2AuthenticationException (org.springframework.security.oauth2.core.OAuth2AuthenticationException)2
BearerTokenAuthenticationToken (org.springframework.security.oauth2.server.resource.BearerTokenAuthenticationToken)2
BearerTokenError (org.springframework.security.oauth2.server.resource.BearerTokenError)2
AuthenticationManager (org.springframework.security.authentication.AuthenticationManager)1
AuthenticationManagerResolver (org.springframework.security.authentication.AuthenticationManagerResolver)1
BearerTokenAuthenticationFilter (org.springframework.security.oauth2.server.resource.web.BearerTokenAuthenticationFilter)1
BearerTokenResolver (org.springframework.security.oauth2.server.resource.web.BearerTokenResolver)1
DefaultBearerTokenResolver (org.springframework.security.oauth2.server.resource.web.DefaultBearerTokenResolver)1
