@Test(expected = IllegalArgumentException.class) public void constructorTokenRequestResponseWhenAuthorizationExchangeIsNullThenThrowIllegalArgumentException() { new OAuth2LoginAuthenticationToken(this.clientRegistration, null, this.principal, this.authorities, this.accessToken); }
@Test public void constructorTokenRequestResponseWhenAuthoritiesIsEmptyThenCreated() { new OAuth2LoginAuthenticationToken(this.clientRegistration, this.authorizationExchange, this.principal, Collections.emptyList(), this.accessToken); }
@Test(expected = IllegalArgumentException.class) public void constructorTokenRequestResponseWhenPrincipalIsNullThenThrowIllegalArgumentException() { new OAuth2LoginAuthenticationToken(this.clientRegistration, this.authorizationExchange, null, this.authorities, this.accessToken); }
@Test(expected = IllegalArgumentException.class) public void constructorTokenRequestResponseWhenClientRegistrationIsNullThenThrowIllegalArgumentException() { new OAuth2LoginAuthenticationToken(null, this.authorizationExchange, this.principal, this.authorities, this.accessToken); }
@Test(expected = IllegalArgumentException.class) public void constructorAuthorizationRequestResponseWhenClientRegistrationIsNullThenThrowIllegalArgumentException() { new OAuth2LoginAuthenticationToken(null, this.authorizationExchange); }
@Test(expected = IllegalArgumentException.class) public void constructorAuthorizationRequestResponseWhenAuthorizationExchangeIsNullThenThrowIllegalArgumentException() { new OAuth2LoginAuthenticationToken(this.clientRegistration, null); }
@Test public void constructorTokenRequestResponseWhenAuthoritiesIsNullThenCreated() { new OAuth2LoginAuthenticationToken(this.clientRegistration, this.authorizationExchange, this.principal, null, this.accessToken); }
@Test(expected = IllegalArgumentException.class) public void constructorTokenRequestResponseWhenAccessTokenIsNullThenThrowIllegalArgumentException() { new OAuth2LoginAuthenticationToken(this.clientRegistration, this.authorizationExchange, this.principal, this.authorities, null); }
@Test public void constructorTokenRequestResponseWhenAllParametersProvidedAndValidThenCreated() { OAuth2LoginAuthenticationToken authentication = new OAuth2LoginAuthenticationToken( this.clientRegistration, this.authorizationExchange, this.principal, this.authorities, this.accessToken); assertThat(authentication.getPrincipal()).isEqualTo(this.principal); assertThat(authentication.getCredentials()).isEqualTo(""); assertThat(authentication.getAuthorities()).isEqualTo(this.authorities); assertThat(authentication.getClientRegistration()).isEqualTo(this.clientRegistration); assertThat(authentication.getAuthorizationExchange()).isEqualTo(this.authorizationExchange); assertThat(authentication.getAccessToken()).isEqualTo(this.accessToken); assertThat(authentication.isAuthenticated()).isEqualTo(true); } }
@Test public void constructorAuthorizationRequestResponseWhenAllParametersProvidedAndValidThenCreated() { OAuth2LoginAuthenticationToken authentication = new OAuth2LoginAuthenticationToken( this.clientRegistration, this.authorizationExchange); assertThat(authentication.getPrincipal()).isNull(); assertThat(authentication.getCredentials()).isEqualTo(""); assertThat(authentication.getAuthorities()).isEqualTo(Collections.emptyList()); assertThat(authentication.getClientRegistration()).isEqualTo(this.clientRegistration); assertThat(authentication.getAuthorizationExchange()).isEqualTo(this.authorizationExchange); assertThat(authentication.getAccessToken()).isNull(); assertThat(authentication.isAuthenticated()).isEqualTo(false); }
@Test public void authenticateWhenIdTokenValidationErrorThenThrowOAuth2AuthenticationException() { this.exception.expect(OAuth2AuthenticationException.class); this.exception.expectMessage(containsString("[invalid_id_token] ID Token Validation Error")); JwtDecoder jwtDecoder = mock(JwtDecoder.class); when(jwtDecoder.decode(anyString())).thenThrow(new JwtException("ID Token Validation Error")); this.authenticationProvider.setJwtDecoderFactory(registration -> jwtDecoder); this.authenticationProvider.authenticate( new OAuth2LoginAuthenticationToken(this.clientRegistration, this.authorizationExchange)); }
@Test public void authenticateWhenTokenResponseDoesNotContainIdTokenThenThrowOAuth2AuthenticationException() { this.exception.expect(OAuth2AuthenticationException.class); this.exception.expectMessage(containsString("invalid_id_token")); OAuth2AccessTokenResponse accessTokenResponse = OAuth2AccessTokenResponse.withResponse(this.accessTokenSuccessResponse()) .additionalParameters(Collections.emptyMap()) .build(); when(this.accessTokenResponseClient.getTokenResponse(any())).thenReturn(accessTokenResponse); this.authenticationProvider.authenticate( new OAuth2LoginAuthenticationToken(this.clientRegistration, this.authorizationExchange)); }
@Test public void authenticateWhenAuthorizationRequestContainsOpenidScopeThenReturnNull() { OAuth2AuthorizationRequest authorizationRequest = request().scope("openid").build(); OAuth2AuthorizationExchange authorizationExchange = new OAuth2AuthorizationExchange(authorizationRequest, this.authorizationResponse); OAuth2LoginAuthenticationToken authentication = (OAuth2LoginAuthenticationToken) this.authenticationProvider.authenticate( new OAuth2LoginAuthenticationToken(this.clientRegistration, authorizationExchange)); assertThat(authentication).isNull(); }
@Test public void authenticateWhenAuthorizationRequestDoesNotContainOpenidScopeThenReturnNull() { OAuth2AuthorizationRequest authorizationRequest = request().scope("scope1").build(); OAuth2AuthorizationExchange authorizationExchange = new OAuth2AuthorizationExchange(authorizationRequest, this.authorizationResponse); OAuth2LoginAuthenticationToken authentication = (OAuth2LoginAuthenticationToken) this.authenticationProvider.authenticate( new OAuth2LoginAuthenticationToken(this.clientRegistration, authorizationExchange)); assertThat(authentication).isNull(); }
@Test public void authenticateWhenAuthorizationResponseRedirectUriNotEqualAuthorizationRequestRedirectUriThenThrowOAuth2AuthenticationException() { this.exception.expect(OAuth2AuthenticationException.class); this.exception.expectMessage(containsString("invalid_redirect_uri_parameter")); OAuth2AuthorizationResponse authorizationResponse = success().redirectUri("http://example2.com").build(); OAuth2AuthorizationExchange authorizationExchange = new OAuth2AuthorizationExchange(this.authorizationRequest, authorizationResponse); this.authenticationProvider.authenticate( new OAuth2LoginAuthenticationToken(this.clientRegistration, authorizationExchange)); }
@Test public void authenticateWhenAuthorizationErrorResponseThenThrowOAuth2AuthenticationException() { this.exception.expect(OAuth2AuthenticationException.class); this.exception.expectMessage(containsString(OAuth2ErrorCodes.INVALID_SCOPE)); OAuth2AuthorizationResponse authorizationResponse = error().errorCode(OAuth2ErrorCodes.INVALID_SCOPE).build(); OAuth2AuthorizationExchange authorizationExchange = new OAuth2AuthorizationExchange(this.authorizationRequest, authorizationResponse); this.authenticationProvider.authenticate( new OAuth2LoginAuthenticationToken(this.clientRegistration, authorizationExchange)); }
@Test public void authenticateWhenAuthorizationErrorResponseThenThrowOAuth2AuthenticationException() { this.exception.expect(OAuth2AuthenticationException.class); this.exception.expectMessage(containsString(OAuth2ErrorCodes.INVALID_REQUEST)); OAuth2AuthorizationResponse authorizationResponse = error().errorCode(OAuth2ErrorCodes.INVALID_REQUEST).build(); OAuth2AuthorizationExchange authorizationExchange = new OAuth2AuthorizationExchange(this.authorizationRequest, authorizationResponse); this.authenticationProvider.authenticate( new OAuth2LoginAuthenticationToken(this.clientRegistration, authorizationExchange)); }
@Test public void authenticateWhenAuthorizationResponseStateNotEqualAuthorizationRequestStateThenThrowOAuth2AuthenticationException() { this.exception.expect(OAuth2AuthenticationException.class); this.exception.expectMessage(containsString("invalid_state_parameter")); OAuth2AuthorizationResponse authorizationResponse = success().state("67890").build(); OAuth2AuthorizationExchange authorizationExchange = new OAuth2AuthorizationExchange(this.authorizationRequest, authorizationResponse); this.authenticationProvider.authenticate( new OAuth2LoginAuthenticationToken(this.clientRegistration, authorizationExchange)); }
@Test public void authenticateWhenAuthorizationResponseStateNotEqualAuthorizationRequestStateThenThrowOAuth2AuthenticationException() { this.exception.expect(OAuth2AuthenticationException.class); this.exception.expectMessage(containsString("invalid_state_parameter")); OAuth2AuthorizationResponse authorizationResponse = success().state("89012").build(); OAuth2AuthorizationExchange authorizationExchange = new OAuth2AuthorizationExchange(this.authorizationRequest, authorizationResponse); this.authenticationProvider.authenticate( new OAuth2LoginAuthenticationToken(this.clientRegistration, authorizationExchange)); }
@Test public void authenticateWhenAuthorizationResponseRedirectUriNotEqualAuthorizationRequestRedirectUriThenThrowOAuth2AuthenticationException() { this.exception.expect(OAuth2AuthenticationException.class); this.exception.expectMessage(containsString("invalid_redirect_uri_parameter")); OAuth2AuthorizationResponse authorizationResponse = success().redirectUri("http://example2.com").build(); OAuth2AuthorizationExchange authorizationExchange = new OAuth2AuthorizationExchange(this.authorizationRequest, authorizationResponse); this.authenticationProvider.authenticate( new OAuth2LoginAuthenticationToken(this.clientRegistration, authorizationExchange)); }