@Test public void constructorTokenRequestResponseWhenAuthorizationExchangeIsNullThenThrowIllegalArgumentException() { assertThatThrownBy(() -> new OAuth2AuthorizationCodeAuthenticationToken(this.clientRegistration, null, this.accessToken)) .isInstanceOf(IllegalArgumentException.class); }
@Test public void constructorAuthorizationRequestResponseWhenClientRegistrationIsNullThenThrowIllegalArgumentException() { assertThatThrownBy(() -> new OAuth2AuthorizationCodeAuthenticationToken(null, this.authorizationExchange)) .isInstanceOf(IllegalArgumentException.class); }
@Test public void constructorAuthorizationRequestResponseWhenAuthorizationExchangeIsNullThenThrowIllegalArgumentException() { assertThatThrownBy(() -> new OAuth2AuthorizationCodeAuthenticationToken(this.clientRegistration, null)) .isInstanceOf(IllegalArgumentException.class); }
@Test public void constructorTokenRequestResponseWhenClientRegistrationIsNullThenThrowIllegalArgumentException() { assertThatThrownBy(() -> new OAuth2AuthorizationCodeAuthenticationToken(null, this.authorizationExchange, this.accessToken)) .isInstanceOf(IllegalArgumentException.class); }
@Test public void constructorTokenRequestResponseWhenAccessTokenIsNullThenThrowIllegalArgumentException() { assertThatThrownBy(() -> new OAuth2AuthorizationCodeAuthenticationToken(this.clientRegistration, this.authorizationExchange, null)) .isInstanceOf(IllegalArgumentException.class); }
private Mono<OAuth2AuthorizationCodeAuthenticationToken> authenticationRequest(ServerWebExchange exchange, OAuth2AuthorizationRequest authorizationRequest) { return Mono.just(authorizationRequest) .map(OAuth2AuthorizationRequest::getAdditionalParameters) .flatMap(additionalParams -> { String id = (String) additionalParams.get(OAuth2ParameterNames.REGISTRATION_ID); if (id == null) { return oauth2AuthorizationException(CLIENT_REGISTRATION_NOT_FOUND_ERROR_CODE); } return this.clientRegistrationRepository.findByRegistrationId(id); }) .switchIfEmpty(oauth2AuthorizationException(CLIENT_REGISTRATION_NOT_FOUND_ERROR_CODE)) .map(clientRegistration -> { OAuth2AuthorizationResponse authorizationResponse = convertResponse(exchange); OAuth2AuthorizationCodeAuthenticationToken authenticationRequest = new OAuth2AuthorizationCodeAuthenticationToken( clientRegistration, new OAuth2AuthorizationExchange(authorizationRequest, authorizationResponse)); return authenticationRequest; }); }
private void setUpAuthenticationResult(ClientRegistration registration) { OAuth2AuthorizationCodeAuthenticationToken authentication = new OAuth2AuthorizationCodeAuthenticationToken(registration, success(), noScopes(), refreshToken()); when(this.authenticationManager.authenticate(any(Authentication.class))).thenReturn(authentication); } }
private Function<OAuth2AccessTokenResponse, OAuth2AuthorizationCodeAuthenticationToken> onSuccess(OAuth2AuthorizationCodeAuthenticationToken token) { return accessTokenResponse -> { ClientRegistration registration = token.getClientRegistration(); OAuth2AuthorizationExchange exchange = token.getAuthorizationExchange(); OAuth2AccessToken accessToken = accessTokenResponse.getAccessToken(); OAuth2RefreshToken refreshToken = accessTokenResponse.getRefreshToken(); return new OAuth2AuthorizationCodeAuthenticationToken(registration, exchange, accessToken, refreshToken, accessTokenResponse.getAdditionalParameters()); }; } }
@Test public void constructorTokenRequestResponseWhenAllParametersProvidedAndValidThenCreated() { OAuth2AuthorizationCodeAuthenticationToken authentication = new OAuth2AuthorizationCodeAuthenticationToken( this.clientRegistration, this.authorizationExchange, this.accessToken); assertThat(authentication.getPrincipal()).isEqualTo(this.clientRegistration.getClientId()); assertThat(authentication.getCredentials()).isEqualTo(this.accessToken.getTokenValue()); assertThat(authentication.getAuthorities()).isEqualTo(Collections.emptyList()); assertThat(authentication.getClientRegistration()).isEqualTo(this.clientRegistration); assertThat(authentication.getAuthorizationExchange()).isEqualTo(this.authorizationExchange); assertThat(authentication.getAccessToken()).isEqualTo(this.accessToken); assertThat(authentication.isAuthenticated()).isEqualTo(true); } }
@Test public void constructorAuthorizationRequestResponseWhenAllParametersProvidedAndValidThenCreated() { OAuth2AuthorizationCodeAuthenticationToken authentication = new OAuth2AuthorizationCodeAuthenticationToken(this.clientRegistration, this.authorizationExchange); assertThat(authentication.getPrincipal()).isEqualTo(this.clientRegistration.getClientId()); assertThat(authentication.getCredentials()).isEqualTo(this.authorizationExchange.getAuthorizationResponse().getCode()); assertThat(authentication.getAuthorities()).isEqualTo(Collections.emptyList()); assertThat(authentication.getClientRegistration()).isEqualTo(this.clientRegistration); assertThat(authentication.getAuthorizationExchange()).isEqualTo(this.authorizationExchange); assertThat(authentication.getAccessToken()).isNull(); assertThat(authentication.isAuthenticated()).isEqualTo(false); }
public static OAuth2AuthorizationCodeAuthenticationToken unauthenticated() { ClientRegistration registration = TestClientRegistrations.clientRegistration().build(); OAuth2AuthorizationExchange exchange = TestOAuth2AuthorizationExchanges.success(); return new OAuth2AuthorizationCodeAuthenticationToken(registration, exchange); }
private OAuth2AuthorizationCodeAuthenticationToken authenticate() { OAuth2AuthorizationExchange exchange = new OAuth2AuthorizationExchange( this.authorizationRequest.build(), this.authorizationResponse.build()); OAuth2AuthorizationCodeAuthenticationToken token = new OAuth2AuthorizationCodeAuthenticationToken( this.registration.build(), exchange); return (OAuth2AuthorizationCodeAuthenticationToken) this.manager.authenticate(token).block(); } }
@Test public void oauth2ClientWhenCustomObjectsThenUsed() { this.spring.register(ClientRegistrationConfig.class, OAuth2ClientCustomConfig.class, AuthorizedClientController.class).autowire(); OAuth2ClientCustomConfig config = this.spring.getContext().getBean(OAuth2ClientCustomConfig.class); ServerAuthenticationConverter converter = config.authenticationConverter; ReactiveAuthenticationManager manager = config.manager; OAuth2AuthorizationExchange exchange = TestOAuth2AuthorizationExchanges.success(); OAuth2AccessToken accessToken = TestOAuth2AccessTokens.noScopes(); OAuth2AuthorizationCodeAuthenticationToken result = new OAuth2AuthorizationCodeAuthenticationToken(this.registration, exchange, accessToken); when(converter.convert(any())).thenReturn(Mono.just(new TestingAuthenticationToken("a", "b", "c"))); when(manager.authenticate(any())).thenReturn(Mono.just(result)); this.client.get() .uri("/authorize/oauth2/code/registration-id") .exchange() .expectStatus().is3xxRedirection(); verify(converter).convert(any()); verify(manager).authenticate(any()); }
@Test public void authenticateWhenAuthorizationSuccessResponseThenExchangedForAccessToken() { OAuth2AccessTokenResponse accessTokenResponse = accessTokenResponse().refreshToken("refresh").build(); when(this.accessTokenResponseClient.getTokenResponse(any())).thenReturn(accessTokenResponse); OAuth2AuthorizationExchange authorizationExchange = new OAuth2AuthorizationExchange( this.authorizationRequest, success().build()); OAuth2AuthorizationCodeAuthenticationToken authenticationResult = (OAuth2AuthorizationCodeAuthenticationToken) this.authenticationProvider.authenticate( new OAuth2AuthorizationCodeAuthenticationToken(this.clientRegistration, authorizationExchange)); assertThat(authenticationResult.isAuthenticated()).isTrue(); assertThat(authenticationResult.getPrincipal()).isEqualTo(this.clientRegistration.getClientId()); assertThat(authenticationResult.getCredentials()) .isEqualTo(accessTokenResponse.getAccessToken().getTokenValue()); assertThat(authenticationResult.getAuthorities()).isEqualTo(Collections.emptyList()); assertThat(authenticationResult.getClientRegistration()).isEqualTo(this.clientRegistration); assertThat(authenticationResult.getAuthorizationExchange()).isEqualTo(authorizationExchange); assertThat(authenticationResult.getAccessToken()).isEqualTo(accessTokenResponse.getAccessToken()); assertThat(authenticationResult.getRefreshToken()).isEqualTo(accessTokenResponse.getRefreshToken()); } }
@Test public void authenticateWhenAuthorizationResponseStateNotEqualAuthorizationRequestStateThenThrowOAuth2AuthorizationException() { OAuth2AuthorizationResponse authorizationResponse = success().state("67890").build(); OAuth2AuthorizationExchange authorizationExchange = new OAuth2AuthorizationExchange( this.authorizationRequest, authorizationResponse); assertThatThrownBy(() -> { this.authenticationProvider.authenticate( new OAuth2AuthorizationCodeAuthenticationToken( this.clientRegistration, authorizationExchange)); }).isInstanceOf(OAuth2AuthorizationException.class).hasMessageContaining("invalid_state_parameter"); }
@Test public void authenticateWhenAuthorizationErrorResponseThenThrowOAuth2AuthorizationException() { OAuth2AuthorizationResponse authorizationResponse = error().errorCode(OAuth2ErrorCodes.INVALID_REQUEST).build(); OAuth2AuthorizationExchange authorizationExchange = new OAuth2AuthorizationExchange( this.authorizationRequest, authorizationResponse); assertThatThrownBy(() -> { this.authenticationProvider.authenticate( new OAuth2AuthorizationCodeAuthenticationToken( this.clientRegistration, authorizationExchange)); }).isInstanceOf(OAuth2AuthorizationException.class).hasMessageContaining(OAuth2ErrorCodes.INVALID_REQUEST); }
@Test public void authenticateWhenAuthorizationResponseRedirectUriNotEqualAuthorizationRequestRedirectUriThenThrowOAuth2AuthorizationException() { OAuth2AuthorizationResponse authorizationResponse = success().redirectUri("http://example2.com").build(); OAuth2AuthorizationExchange authorizationExchange = new OAuth2AuthorizationExchange( this.authorizationRequest, authorizationResponse); assertThatThrownBy(() -> { this.authenticationProvider.authenticate( new OAuth2AuthorizationCodeAuthenticationToken( this.clientRegistration, authorizationExchange)); }).isInstanceOf(OAuth2AuthorizationException.class).hasMessageContaining("invalid_redirect_uri_parameter"); }
public static OAuth2AuthorizationCodeAuthenticationToken authenticated() { ClientRegistration registration = TestClientRegistrations.clientRegistration().build(); OAuth2AuthorizationExchange exchange = TestOAuth2AuthorizationExchanges.success(); OAuth2AccessToken accessToken = TestOAuth2AccessTokens.noScopes(); OAuth2RefreshToken refreshToken = TestOAuth2RefreshTokens.refreshToken(); return new OAuth2AuthorizationCodeAuthenticationToken(registration, exchange, accessToken, refreshToken); } }
private OAuth2AuthorizationCodeAuthenticationToken loginToken() { ClientRegistration clientRegistration = this.registration.build(); OAuth2AuthorizationRequest authorizationRequest = OAuth2AuthorizationRequest .authorizationCode() .state("state") .clientId(clientRegistration.getClientId()) .authorizationUri(clientRegistration.getProviderDetails().getAuthorizationUri()) .redirectUri(clientRegistration.getRedirectUriTemplate()) .scopes(clientRegistration.getScopes()) .build(); OAuth2AuthorizationResponse authorizationResponse = this.authorizationResponseBldr .redirectUri(clientRegistration.getRedirectUriTemplate()) .build(); OAuth2AuthorizationExchange authorizationExchange = new OAuth2AuthorizationExchange(authorizationRequest, authorizationResponse); return new OAuth2AuthorizationCodeAuthenticationToken(clientRegistration, authorizationExchange); } }
private OAuth2AuthorizationCodeAuthenticationToken loginToken() { ClientRegistration clientRegistration = this.registration.build(); OAuth2AuthorizationRequest authorizationRequest = OAuth2AuthorizationRequest .authorizationCode() .state("state") .clientId(clientRegistration.getClientId()) .authorizationUri(clientRegistration.getProviderDetails().getAuthorizationUri()) .redirectUri(clientRegistration.getRedirectUriTemplate()) .scopes(clientRegistration.getScopes()) .build(); OAuth2AuthorizationResponse authorizationResponse = this.authorizationResponseBldr .redirectUri(clientRegistration.getRedirectUriTemplate()) .build(); OAuth2AuthorizationExchange authorizationExchange = new OAuth2AuthorizationExchange(authorizationRequest, authorizationResponse); return new OAuth2AuthorizationCodeAuthenticationToken(clientRegistration, authorizationExchange); } }