Search in sources :

Example 21 with SimpleMethodInvocation

use of org.springframework.security.util.SimpleMethodInvocation in project spring-security by spring-projects.

the class ContextPropagatingRemoteInvocationTests method getRemoteInvocation.

private ContextPropagatingRemoteInvocation getRemoteInvocation() throws Exception {
    Class<TargetObject> clazz = TargetObject.class;
    Method method = clazz.getMethod("makeLowerCase", new Class[] { String.class });
    MethodInvocation mi = new SimpleMethodInvocation(new TargetObject(), method, "SOME_STRING");
    ContextPropagatingRemoteInvocationFactory factory = new ContextPropagatingRemoteInvocationFactory();
    return (ContextPropagatingRemoteInvocation) factory.createRemoteInvocation(mi);
}
Also used : SimpleMethodInvocation(org.springframework.security.util.SimpleMethodInvocation) SimpleMethodInvocation(org.springframework.security.util.SimpleMethodInvocation) MethodInvocation(org.aopalliance.intercept.MethodInvocation) Method(java.lang.reflect.Method) TargetObject(org.springframework.security.TargetObject)

Example 22 with SimpleMethodInvocation

use of org.springframework.security.util.SimpleMethodInvocation in project spring-security-oauth by spring-projects.

the class OAuth2MethodSecurityExpressionHandlerTests method testScopesInsufficient.

@Test(expected = AccessDeniedException.class)
public void testScopesInsufficient() throws Exception {
    AuthorizationRequest request = new AuthorizationRequest("foo", Collections.singleton("read"));
    request.setResourceIdsAndAuthoritiesFromClientDetails(new BaseClientDetails("foo", "bar", "", "client_credentials", "ROLE_CLIENT"));
    OAuth2Request clientAuthentication = request.createOAuth2Request();
    Authentication userAuthentication = new UsernamePasswordAuthenticationToken("user", "pass", AuthorityUtils.createAuthorityList("ROLE_USER"));
    OAuth2Authentication oAuth2Authentication = new OAuth2Authentication(clientAuthentication, userAuthentication);
    MethodInvocation invocation = new SimpleMethodInvocation(this, ReflectionUtils.findMethod(getClass(), "testOauthClient"));
    EvaluationContext context = handler.createEvaluationContext(oAuth2Authentication, invocation);
    Expression expression = handler.getExpressionParser().parseExpression("#oauth2.hasAnyScope('write')");
    expression.getValue(context);
}
Also used : BaseClientDetails(org.springframework.security.oauth2.provider.client.BaseClientDetails) OAuth2Request(org.springframework.security.oauth2.provider.OAuth2Request) AuthorizationRequest(org.springframework.security.oauth2.provider.AuthorizationRequest) SimpleMethodInvocation(org.springframework.security.util.SimpleMethodInvocation) Expression(org.springframework.expression.Expression) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) Authentication(org.springframework.security.core.Authentication) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken) SimpleMethodInvocation(org.springframework.security.util.SimpleMethodInvocation) MethodInvocation(org.aopalliance.intercept.MethodInvocation) EvaluationContext(org.springframework.expression.EvaluationContext) Test(org.junit.Test)

Example 23 with SimpleMethodInvocation

use of org.springframework.security.util.SimpleMethodInvocation in project spring-security-oauth by spring-projects.

the class OAuth2MethodSecurityExpressionHandlerTests method testStandardSecurityRoot.

@Test
public void testStandardSecurityRoot() throws Exception {
    Authentication clientAuthentication = new UsernamePasswordAuthenticationToken("foo", "bar", null);
    assertTrue(clientAuthentication.isAuthenticated());
    MethodInvocation invocation = new SimpleMethodInvocation(this, ReflectionUtils.findMethod(getClass(), "testStandardSecurityRoot"));
    EvaluationContext context = handler.createEvaluationContext(clientAuthentication, invocation);
    Expression expression = handler.getExpressionParser().parseExpression("isAuthenticated()");
    assertTrue((Boolean) expression.getValue(context));
}
Also used : SimpleMethodInvocation(org.springframework.security.util.SimpleMethodInvocation) Expression(org.springframework.expression.Expression) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) Authentication(org.springframework.security.core.Authentication) UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken) SimpleMethodInvocation(org.springframework.security.util.SimpleMethodInvocation) MethodInvocation(org.aopalliance.intercept.MethodInvocation) EvaluationContext(org.springframework.expression.EvaluationContext) Test(org.junit.Test)

Example 24 with SimpleMethodInvocation

use of org.springframework.security.util.SimpleMethodInvocation in project spring-security-oauth by spring-projects.

the class OAuth2MethodSecurityExpressionHandlerTests method testReEvaluationWithDifferentRoot.

@Test
public void testReEvaluationWithDifferentRoot() throws Exception {
    Expression expression = handler.getExpressionParser().parseExpression("#oauth2.isClient()");
    MethodInvocation invocation = new SimpleMethodInvocation(this, ReflectionUtils.findMethod(getClass(), "testNonOauthClient"));
    Authentication clientAuthentication = new UsernamePasswordAuthenticationToken("foo", "bar");
    EvaluationContext context = handler.createEvaluationContext(clientAuthentication, invocation);
    assertFalse((Boolean) expression.getValue(context));
    OAuth2Request storedOAuth2Request = RequestTokenFactory.createOAuth2Request("foo", true, Collections.singleton("read"));
    OAuth2Authentication oAuth2Authentication = new OAuth2Authentication(storedOAuth2Request, null);
    EvaluationContext anotherContext = handler.createEvaluationContext(oAuth2Authentication, invocation);
    assertTrue((Boolean) expression.getValue(anotherContext));
}
Also used : OAuth2Request(org.springframework.security.oauth2.provider.OAuth2Request) Expression(org.springframework.expression.Expression) SimpleMethodInvocation(org.springframework.security.util.SimpleMethodInvocation) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) Authentication(org.springframework.security.core.Authentication) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) SimpleMethodInvocation(org.springframework.security.util.SimpleMethodInvocation) MethodInvocation(org.aopalliance.intercept.MethodInvocation) UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken) EvaluationContext(org.springframework.expression.EvaluationContext) Test(org.junit.Test)

Aggregations

SimpleMethodInvocation (org.springframework.security.util.SimpleMethodInvocation)24 MethodInvocation (org.aopalliance.intercept.MethodInvocation)23 Test (org.junit.Test)23 EvaluationContext (org.springframework.expression.EvaluationContext)9 Expression (org.springframework.expression.Expression)9 PreInvocationExpressionAttribute (org.springframework.security.access.expression.method.PreInvocationExpressionAttribute)9 Authentication (org.springframework.security.core.Authentication)9 OAuth2Authentication (org.springframework.security.oauth2.provider.OAuth2Authentication)9 OAuth2Request (org.springframework.security.oauth2.provider.OAuth2Request)7 UsernamePasswordAuthenticationToken (org.springframework.security.authentication.UsernamePasswordAuthenticationToken)5 ConfigAttribute (org.springframework.security.access.ConfigAttribute)4 AuthorizationRequest (org.springframework.security.oauth2.provider.AuthorizationRequest)3 BaseClientDetails (org.springframework.security.oauth2.provider.client.BaseClientDetails)3 Method (java.lang.reflect.Method)2 ArrayList (java.util.ArrayList)2 List (java.util.List)2 Collection (java.util.Collection)1 Vector (java.util.Vector)1 TargetObject (org.springframework.security.TargetObject)1 AccessDecisionManager (org.springframework.security.access.AccessDecisionManager)1