117 lines
5.6 KiB
Java
117 lines
5.6 KiB
Java
/*
|
|
* Copyright 2020-2021 the original author or authors.
|
|
*
|
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
* you may not use this file except in compliance with the License.
|
|
* You may obtain a copy of the License at
|
|
*
|
|
* https://www.apache.org/licenses/LICENSE-2.0
|
|
*
|
|
* Unless required by applicable law or agreed to in writing, software
|
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
* See the License for the specific language governing permissions and
|
|
* limitations under the License.
|
|
*/
|
|
package org.springframework.security.oauth2.server.authorization;
|
|
|
|
import org.junit.Test;
|
|
|
|
import org.springframework.security.authentication.TestingAuthenticationToken;
|
|
import org.springframework.security.core.Authentication;
|
|
import org.springframework.security.oauth2.core.AuthorizationGrantType;
|
|
import org.springframework.security.oauth2.core.OAuth2TokenType;
|
|
import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest;
|
|
import org.springframework.security.oauth2.jwt.JoseHeader;
|
|
import org.springframework.security.oauth2.jwt.JwtClaimsSet;
|
|
import org.springframework.security.oauth2.jwt.TestJoseHeaders;
|
|
import org.springframework.security.oauth2.jwt.TestJwtClaimsSets;
|
|
import org.springframework.security.oauth2.server.authorization.authentication.OAuth2AuthorizationCodeAuthenticationToken;
|
|
import org.springframework.security.oauth2.server.authorization.authentication.OAuth2AuthorizationGrantAuthenticationToken;
|
|
import org.springframework.security.oauth2.server.authorization.authentication.OAuth2ClientAuthenticationToken;
|
|
import org.springframework.security.oauth2.server.authorization.client.RegisteredClient;
|
|
import org.springframework.security.oauth2.server.authorization.client.TestRegisteredClients;
|
|
|
|
import static org.assertj.core.api.Assertions.assertThat;
|
|
import static org.assertj.core.api.Assertions.assertThatThrownBy;
|
|
|
|
/**
|
|
* Tests for {@link JwtEncodingContext}.
|
|
*
|
|
* @author Joe Grandja
|
|
*/
|
|
public class JwtEncodingContextTests {
|
|
|
|
@Test
|
|
public void withWhenHeadersNullThenThrowIllegalArgumentException() {
|
|
assertThatThrownBy(() -> JwtEncodingContext.with(null, TestJwtClaimsSets.jwtClaimsSet()))
|
|
.isInstanceOf(IllegalArgumentException.class)
|
|
.hasMessage("headersBuilder cannot be null");
|
|
}
|
|
|
|
@Test
|
|
public void withWhenClaimsNullThenThrowIllegalArgumentException() {
|
|
assertThatThrownBy(() -> JwtEncodingContext.with(TestJoseHeaders.joseHeader(), null))
|
|
.isInstanceOf(IllegalArgumentException.class)
|
|
.hasMessage("claimsBuilder cannot be null");
|
|
}
|
|
|
|
@Test
|
|
public void setWhenValueNullThenThrowIllegalArgumentException() {
|
|
JwtEncodingContext.Builder builder = JwtEncodingContext
|
|
.with(TestJoseHeaders.joseHeader(), TestJwtClaimsSets.jwtClaimsSet());
|
|
assertThatThrownBy(() -> builder.registeredClient(null))
|
|
.isInstanceOf(IllegalArgumentException.class);
|
|
assertThatThrownBy(() -> builder.principal(null))
|
|
.isInstanceOf(IllegalArgumentException.class);
|
|
assertThatThrownBy(() -> builder.authorization(null))
|
|
.isInstanceOf(IllegalArgumentException.class);
|
|
assertThatThrownBy(() -> builder.tokenType(null))
|
|
.isInstanceOf(IllegalArgumentException.class);
|
|
assertThatThrownBy(() -> builder.authorizationGrantType(null))
|
|
.isInstanceOf(IllegalArgumentException.class);
|
|
assertThatThrownBy(() -> builder.authorizationGrant(null))
|
|
.isInstanceOf(IllegalArgumentException.class);
|
|
assertThatThrownBy(() -> builder.put(null, ""))
|
|
.isInstanceOf(IllegalArgumentException.class);
|
|
}
|
|
|
|
@Test
|
|
public void buildWhenAllValuesProvidedThenAllValuesAreSet() {
|
|
JoseHeader.Builder headers = TestJoseHeaders.joseHeader();
|
|
JwtClaimsSet.Builder claims = TestJwtClaimsSets.jwtClaimsSet();
|
|
RegisteredClient registeredClient = TestRegisteredClients.registeredClient().build();
|
|
TestingAuthenticationToken principal = new TestingAuthenticationToken("principal", "password");
|
|
OAuth2Authorization authorization = TestOAuth2Authorizations.authorization().build();
|
|
OAuth2ClientAuthenticationToken clientPrincipal = new OAuth2ClientAuthenticationToken(registeredClient);
|
|
OAuth2AuthorizationRequest authorizationRequest = authorization.getAttribute(
|
|
OAuth2AuthorizationRequest.class.getName());
|
|
OAuth2AuthorizationCodeAuthenticationToken authorizationGrant =
|
|
new OAuth2AuthorizationCodeAuthenticationToken(
|
|
"code", clientPrincipal, authorizationRequest.getRedirectUri(), null);
|
|
|
|
JwtEncodingContext context = JwtEncodingContext.with(headers, claims)
|
|
.registeredClient(registeredClient)
|
|
.principal(principal)
|
|
.authorization(authorization)
|
|
.tokenType(OAuth2TokenType.ACCESS_TOKEN)
|
|
.authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE)
|
|
.authorizationGrant(authorizationGrant)
|
|
.put("custom-key-1", "custom-value-1")
|
|
.context(ctx -> ctx.put("custom-key-2", "custom-value-2"))
|
|
.build();
|
|
|
|
assertThat(context.getHeaders()).isEqualTo(headers);
|
|
assertThat(context.getClaims()).isEqualTo(claims);
|
|
assertThat(context.getRegisteredClient()).isEqualTo(registeredClient);
|
|
assertThat(context.<Authentication>getPrincipal()).isEqualTo(principal);
|
|
assertThat(context.getAuthorization()).isEqualTo(authorization);
|
|
assertThat(context.getTokenType()).isEqualTo(OAuth2TokenType.ACCESS_TOKEN);
|
|
assertThat(context.getAuthorizationGrantType()).isEqualTo(AuthorizationGrantType.AUTHORIZATION_CODE);
|
|
assertThat(context.<OAuth2AuthorizationGrantAuthenticationToken>getAuthorizationGrant()).isEqualTo(authorizationGrant);
|
|
assertThat(context.<String>get("custom-key-1")).isEqualTo("custom-value-1");
|
|
assertThat(context.<String>get("custom-key-2")).isEqualTo("custom-value-2");
|
|
}
|
|
|
|
}
|