@Test public void constructorWhenAllParametersProvidedAndValidThenCreated() { OAuth2AuthenticationToken authentication = new OAuth2AuthenticationToken( this.principal, this.authorities, this.authorizedClientRegistrationId); assertThat(authentication.getPrincipal()).isEqualTo(this.principal); assertThat(authentication.getCredentials()).isEqualTo(""); assertThat(authentication.getAuthorities()).isEqualTo(this.authorities); assertThat(authentication.getAuthorizedClientRegistrationId()).isEqualTo(this.authorizedClientRegistrationId); assertThat(authentication.isAuthenticated()).isEqualTo(true); } }
/** * Constructs an {@code OAuth2AuthenticationToken} using the provided parameters. * * @param principal the user {@code Principal} registered with the OAuth 2.0 Provider * @param authorities the authorities granted to the user * @param authorizedClientRegistrationId the registration identifier of the {@link OAuth2AuthorizedClient Authorized Client} */ public OAuth2AuthenticationToken(OAuth2User principal, Collection<? extends GrantedAuthority> authorities, String authorizedClientRegistrationId) { super(authorities); Assert.notNull(principal, "principal cannot be null"); Assert.hasText(authorizedClientRegistrationId, "authorizedClientRegistrationId cannot be empty"); this.principal = principal; this.authorizedClientRegistrationId = authorizedClientRegistrationId; this.setAuthenticated(true); }
@Test public void defaultRequestOAuth2AuthorizedClientWhenDefaultTrueAndAuthenticationAndClientRegistrationIdNullThenOAuth2AuthorizedClient() { this.function = new ServletOAuth2AuthorizedClientExchangeFilterFunction(this.clientRegistrationRepository, this.authorizedClientRepository); this.function.setDefaultOAuth2AuthorizedClient(true); OAuth2User user = mock(OAuth2User.class); List<GrantedAuthority> authorities = AuthorityUtils.createAuthorityList("ROLE_USER"); OAuth2AuthenticationToken token = new OAuth2AuthenticationToken(user, authorities, "id"); OAuth2AuthorizedClient authorizedClient = new OAuth2AuthorizedClient(this.registration, "principalName", this.accessToken); when(this.authorizedClientRepository.loadAuthorizedClient(any(), any(), any())).thenReturn(authorizedClient); authentication(token).accept(this.result); Map<String, Object> attrs = getDefaultRequestAttributes(); assertThat(getOAuth2AuthorizedClient(attrs)).isEqualTo(authorizedClient); verify(this.authorizedClientRepository).loadAuthorizedClient(eq(token.getAuthorizedClientRegistrationId()), any(), any()); }
private String resolveClientRegistrationId(MethodParameter parameter) { RegisteredOAuth2AuthorizedClient authorizedClientAnnotation = AnnotatedElementUtils.findMergedAnnotation( parameter.getParameter(), RegisteredOAuth2AuthorizedClient.class); Authentication principal = SecurityContextHolder.getContext().getAuthentication(); String clientRegistrationId = null; if (!StringUtils.isEmpty(authorizedClientAnnotation.registrationId())) { clientRegistrationId = authorizedClientAnnotation.registrationId(); } else if (!StringUtils.isEmpty(authorizedClientAnnotation.value())) { clientRegistrationId = authorizedClientAnnotation.value(); } else if (principal != null && OAuth2AuthenticationToken.class.isAssignableFrom(principal.getClass())) { clientRegistrationId = ((OAuth2AuthenticationToken) principal).getAuthorizedClientRegistrationId(); } return clientRegistrationId; }
@GetMapping("/") public String index(Model model, OAuth2AuthenticationToken authentication) { final OAuth2AuthorizedClient authorizedClient = this.authorizedClientService.loadAuthorizedClient( authentication.getAuthorizedClientRegistrationId(), authentication.getName()); model.addAttribute("userName", authentication.getName()); model.addAttribute("clientName", authorizedClient.getClientRegistration().getClientName()); return "index"; } }
@Test public void constructorWhenAuthoritiesIsNullThenCreated() { new OAuth2AuthenticationToken(this.principal, null, this.authorizedClientRegistrationId); }
(OAuth2LoginAuthenticationToken) this.getAuthenticationManager().authenticate(authenticationRequest); OAuth2AuthenticationToken oauth2Authentication = new OAuth2AuthenticationToken( authenticationResult.getPrincipal(), authenticationResult.getAuthorities(), oauth2Authentication.getName(), authenticationResult.getAccessToken(), authenticationResult.getRefreshToken());
@GetMapping("/account") public String redirectToAccountPage(@AuthenticationPrincipal OAuth2AuthenticationToken authToken) { if (authToken == null) { return "redirect:/"; } OidcUser user = (OidcUser) authToken.getPrincipal(); // Provides a back-link to the application return "redirect:" + user.getIssuer() + "/account?referrer=" + user.getIdToken().getAuthorizedParty(); } }
private void populateDefaultOAuth2AuthorizedClient(Map<String, Object> attrs) { if (this.authorizedClientRepository == null || attrs.containsKey(OAUTH2_AUTHORIZED_CLIENT_ATTR_NAME)) { return; } Authentication authentication = getAuthentication(attrs); String clientRegistrationId = getClientRegistrationId(attrs); if (clientRegistrationId == null) { clientRegistrationId = this.defaultClientRegistrationId; } if (clientRegistrationId == null && this.defaultOAuth2AuthorizedClient && authentication instanceof OAuth2AuthenticationToken) { clientRegistrationId = ((OAuth2AuthenticationToken) authentication).getAuthorizedClientRegistrationId(); } if (clientRegistrationId != null) { HttpServletRequest request = getRequest(attrs); OAuth2AuthorizedClient authorizedClient = this.authorizedClientRepository .loadAuthorizedClient(clientRegistrationId, authentication, request); if (authorizedClient == null) { authorizedClient = getAuthorizedClient(clientRegistrationId, attrs); } oauth2AuthorizedClient(authorizedClient).accept(attrs); } }
@GetMapping("/loginSuccess") public String getLoginInfo(Model model, OAuth2AuthenticationToken authentication) { OAuth2AuthorizedClient client = authorizedClientService.loadAuthorizedClient(authentication.getAuthorizedClientRegistrationId(), authentication.getName()); String userInfoEndpointUri = client.getClientRegistration() .getProviderDetails() .getUserInfoEndpoint() .getUri(); if (!StringUtils.isEmpty(userInfoEndpointUri)) { RestTemplate restTemplate = new RestTemplate(); HttpHeaders headers = new HttpHeaders(); headers.add(HttpHeaders.AUTHORIZATION, "Bearer " + client.getAccessToken() .getTokenValue()); HttpEntity<String> entity = new HttpEntity<String>("", headers); ResponseEntity<Map> response = restTemplate.exchange(userInfoEndpointUri, HttpMethod.GET, entity, Map.class); Map userAttributes = response.getBody(); model.addAttribute("name", userAttributes.get("name")); } return "loginSuccess"; }
@Test public void constructorWhenAuthoritiesIsEmptyThenCreated() { new OAuth2AuthenticationToken(this.principal, Collections.emptyList(), this.authorizedClientRegistrationId); }
(OAuth2LoginAuthenticationToken) this.getAuthenticationManager().authenticate(authenticationRequest); OAuth2AuthenticationToken oauth2Authentication = new OAuth2AuthenticationToken( authenticationResult.getPrincipal(), authenticationResult.getAuthorities(), oauth2Authentication.getName(), authenticationResult.getAccessToken(), authenticationResult.getRefreshToken());
@Test public void resolveArgumentWhenRegistrationIdEmptyAndOAuth2AuthenticationThenResolves() { when(this.clientRegistrationRepository.findByRegistrationId(any())).thenReturn(Mono.just( TestClientRegistrations.clientRegistration().build())); this.authentication = mock(OAuth2AuthenticationToken.class); when(((OAuth2AuthenticationToken) this.authentication).getAuthorizedClientRegistrationId()).thenReturn("client1"); MethodParameter methodParameter = this.getMethodParameter("registrationIdEmpty", OAuth2AuthorizedClient.class); resolveArgument(methodParameter); }
@Test(expected = IllegalArgumentException.class) public void constructorWhenPrincipalIsNullThenThrowIllegalArgumentException() { new OAuth2AuthenticationToken(null, this.authorities, this.authorizedClientRegistrationId); }
/** * Constructs an {@code OAuth2AuthenticationToken} using the provided parameters. * * @param principal the user {@code Principal} registered with the OAuth 2.0 Provider * @param authorities the authorities granted to the user * @param authorizedClientRegistrationId the registration identifier of the {@link OAuth2AuthorizedClient Authorized Client} */ public OAuth2AuthenticationToken(OAuth2User principal, Collection<? extends GrantedAuthority> authorities, String authorizedClientRegistrationId) { super(authorities); Assert.notNull(principal, "principal cannot be null"); Assert.hasText(authorizedClientRegistrationId, "authorizedClientRegistrationId cannot be empty"); this.principal = principal; this.authorizedClientRegistrationId = authorizedClientRegistrationId; this.setAuthenticated(true); }
@Test public void resolveArgumentWhenRegistrationIdEmptyAndOAuth2AuthenticationThenResolves() throws Exception { OAuth2AuthenticationToken authentication = mock(OAuth2AuthenticationToken.class); when(authentication.getAuthorizedClientRegistrationId()).thenReturn("client1"); SecurityContext securityContext = SecurityContextHolder.createEmptyContext(); securityContext.setAuthentication(authentication); SecurityContextHolder.setContext(securityContext); MethodParameter methodParameter = this.getMethodParameter("registrationIdEmpty", OAuth2AuthorizedClient.class); assertThat(this.argumentResolver.resolveArgument( methodParameter, null, new ServletWebRequest(this.request), null)).isSameAs(this.authorizedClient1); }
@Test(expected = IllegalArgumentException.class) public void constructorWhenAuthorizedClientRegistrationIdIsNullThenThrowIllegalArgumentException() { new OAuth2AuthenticationToken(this.principal, this.authorities, null); }
private Mono<OAuth2AuthorizedClient> authorizedClient(ServerWebExchange exchange, OAuth2AuthenticationToken oauth2Authentication) { return this.authorizedClientRepository.loadAuthorizedClient( oauth2Authentication.getAuthorizedClientRegistrationId(), oauth2Authentication, exchange); }
@Test public void defaultRequestOAuth2AuthorizedClientWhenAuthenticationAndClientRegistrationIdThenIdIsExplicit() { this.function = new ServletOAuth2AuthorizedClientExchangeFilterFunction(this.clientRegistrationRepository, this.authorizedClientRepository); OAuth2User user = mock(OAuth2User.class); List<GrantedAuthority> authorities = AuthorityUtils.createAuthorityList("ROLE_USER"); OAuth2AuthenticationToken token = new OAuth2AuthenticationToken(user, authorities, "id"); OAuth2AuthorizedClient authorizedClient = new OAuth2AuthorizedClient(this.registration, "principalName", this.accessToken); when(this.authorizedClientRepository.loadAuthorizedClient(any(), any(), any())).thenReturn(authorizedClient); authentication(token).accept(this.result); clientRegistrationId("explicit").accept(this.result); Map<String, Object> attrs = getDefaultRequestAttributes(); assertThat(getOAuth2AuthorizedClient(attrs)).isEqualTo(authorizedClient); verify(this.authorizedClientRepository).loadAuthorizedClient(eq("explicit"), any(), any()); }
private Mono<OAuth2AuthorizedClient> authorizedClient(ServerWebExchange exchange, OAuth2AuthenticationToken oauth2Authentication) { return this.authorizedClientRepository.loadAuthorizedClient( oauth2Authentication.getAuthorizedClientRegistrationId(), oauth2Authentication, exchange); }