@Test public void constructorWhenAccessTokenResponseClientIsNullThenThrowIllegalArgumentException() { this.exception.expect(IllegalArgumentException.class); new OAuth2LoginAuthenticationProvider(null, this.userService); }
@Test public void authenticateWhenAuthoritiesMapperSetThenReturnMappedAuthorities() { OAuth2AccessTokenResponse accessTokenResponse = this.accessTokenSuccessResponse(); when(this.accessTokenResponseClient.getTokenResponse(any())).thenReturn(accessTokenResponse); OAuth2User principal = mock(OAuth2User.class); List<GrantedAuthority> authorities = AuthorityUtils.createAuthorityList("ROLE_USER"); when(principal.getAuthorities()).thenAnswer( (Answer<List<GrantedAuthority>>) invocation -> authorities); when(this.userService.loadUser(any())).thenReturn(principal); List<GrantedAuthority> mappedAuthorities = AuthorityUtils.createAuthorityList("ROLE_OAUTH2_USER"); GrantedAuthoritiesMapper authoritiesMapper = mock(GrantedAuthoritiesMapper.class); when(authoritiesMapper.mapAuthorities(anyCollection())).thenAnswer( (Answer<List<GrantedAuthority>>) invocation -> mappedAuthorities); this.authenticationProvider.setAuthoritiesMapper(authoritiesMapper); OAuth2LoginAuthenticationToken authentication = (OAuth2LoginAuthenticationToken) this.authenticationProvider.authenticate( new OAuth2LoginAuthenticationToken(this.clientRegistration, this.authorizationExchange)); assertThat(authentication.getAuthorities()).isEqualTo(mappedAuthorities); }
@Test public void supportsWhenTypeOAuth2LoginAuthenticationTokenThenReturnTrue() { assertThat(this.authenticationProvider.supports(OAuth2LoginAuthenticationToken.class)).isTrue(); }
new OAuth2LoginAuthenticationProvider(accessTokenResponseClient, oauth2UserService); GrantedAuthoritiesMapper userAuthoritiesMapper = this.getGrantedAuthoritiesMapper(); if (userAuthoritiesMapper != null) { oauth2LoginAuthenticationProvider.setAuthoritiesMapper(userAuthoritiesMapper);
@Test public void setAuthoritiesMapperWhenAuthoritiesMapperIsNullThenThrowIllegalArgumentException() { this.exception.expect(IllegalArgumentException.class); this.authenticationProvider.setAuthoritiesMapper(null); }
@Test public void authenticateWhenTokenSuccessResponseThenAdditionalParametersAddedToUserRequest() { OAuth2AccessTokenResponse accessTokenResponse = this.accessTokenSuccessResponse(); when(this.accessTokenResponseClient.getTokenResponse(any())).thenReturn(accessTokenResponse); OAuth2User principal = mock(OAuth2User.class); List<GrantedAuthority> authorities = AuthorityUtils.createAuthorityList("ROLE_USER"); when(principal.getAuthorities()).thenAnswer( (Answer<List<GrantedAuthority>>) invocation -> authorities); ArgumentCaptor<OAuth2UserRequest> userRequestArgCaptor = ArgumentCaptor.forClass(OAuth2UserRequest.class); when(this.userService.loadUser(userRequestArgCaptor.capture())).thenReturn(principal); this.authenticationProvider.authenticate( new OAuth2LoginAuthenticationToken(this.clientRegistration, this.authorizationExchange)); assertThat(userRequestArgCaptor.getValue().getAdditionalParameters()).containsAllEntriesOf( accessTokenResponse.getAdditionalParameters()); }
new OAuth2LoginAuthenticationProvider(accessTokenResponseClient, oauth2UserService); GrantedAuthoritiesMapper userAuthoritiesMapper = this.getGrantedAuthoritiesMapper(); if (userAuthoritiesMapper != null) { oauth2LoginAuthenticationProvider.setAuthoritiesMapper(userAuthoritiesMapper);
@Test public void authenticateWhenLoginSuccessThenReturnAuthentication() { OAuth2AccessTokenResponse accessTokenResponse = this.accessTokenSuccessResponse(); when(this.accessTokenResponseClient.getTokenResponse(any())).thenReturn(accessTokenResponse); OAuth2User principal = mock(OAuth2User.class); List<GrantedAuthority> authorities = AuthorityUtils.createAuthorityList("ROLE_USER"); when(principal.getAuthorities()).thenAnswer( (Answer<List<GrantedAuthority>>) invocation -> authorities); when(this.userService.loadUser(any())).thenReturn(principal); OAuth2LoginAuthenticationToken authentication = (OAuth2LoginAuthenticationToken) this.authenticationProvider.authenticate( new OAuth2LoginAuthenticationToken(this.clientRegistration, this.authorizationExchange)); assertThat(authentication.isAuthenticated()).isTrue(); assertThat(authentication.getPrincipal()).isEqualTo(principal); assertThat(authentication.getCredentials()).isEqualTo(""); assertThat(authentication.getAuthorities()).isEqualTo(authorities); assertThat(authentication.getClientRegistration()).isEqualTo(this.clientRegistration); assertThat(authentication.getAuthorizationExchange()).isEqualTo(this.authorizationExchange); assertThat(authentication.getAccessToken()).isEqualTo(accessTokenResponse.getAccessToken()); assertThat(authentication.getRefreshToken()).isEqualTo(accessTokenResponse.getRefreshToken()); }
new OAuth2LoginAuthenticationProvider(accessTokenResponseClient, oauth2UserService); GrantedAuthoritiesMapper userAuthoritiesMapper = this.getGrantedAuthoritiesMapper(); if (userAuthoritiesMapper != null) { oauth2LoginAuthenticationProvider.setAuthoritiesMapper(userAuthoritiesMapper);
@Test public void constructorWhenUserServiceIsNullThenThrowIllegalArgumentException() { this.exception.expect(IllegalArgumentException.class); new OAuth2LoginAuthenticationProvider(this.accessTokenResponseClient, null); }
@Test public void authenticateWhenAuthorizationRequestContainsOpenidScopeThenReturnNull() { OAuth2AuthorizationRequest authorizationRequest = request().scope("openid").build(); OAuth2AuthorizationExchange authorizationExchange = new OAuth2AuthorizationExchange(authorizationRequest, this.authorizationResponse); OAuth2LoginAuthenticationToken authentication = (OAuth2LoginAuthenticationToken) this.authenticationProvider.authenticate( new OAuth2LoginAuthenticationToken(this.clientRegistration, authorizationExchange)); assertThat(authentication).isNull(); }
@Before @SuppressWarnings("unchecked") public void setUp() throws Exception { this.clientRegistration = clientRegistration().build(); this.authorizationRequest = request().scope("scope1", "scope2").build(); this.authorizationResponse = success().build(); this.authorizationExchange = new OAuth2AuthorizationExchange(this.authorizationRequest, this.authorizationResponse); this.accessTokenResponseClient = mock(OAuth2AccessTokenResponseClient.class); this.userService = mock(OAuth2UserService.class); this.authenticationProvider = new OAuth2LoginAuthenticationProvider(this.accessTokenResponseClient, this.userService); }
@Test public void authenticateWhenAuthorizationResponseRedirectUriNotEqualAuthorizationRequestRedirectUriThenThrowOAuth2AuthenticationException() { this.exception.expect(OAuth2AuthenticationException.class); this.exception.expectMessage(containsString("invalid_redirect_uri_parameter")); OAuth2AuthorizationResponse authorizationResponse = success().redirectUri("http://example2.com").build(); OAuth2AuthorizationExchange authorizationExchange = new OAuth2AuthorizationExchange(this.authorizationRequest, authorizationResponse); this.authenticationProvider.authenticate( new OAuth2LoginAuthenticationToken(this.clientRegistration, authorizationExchange)); }
@Test public void authenticateWhenAuthorizationErrorResponseThenThrowOAuth2AuthenticationException() { this.exception.expect(OAuth2AuthenticationException.class); this.exception.expectMessage(containsString(OAuth2ErrorCodes.INVALID_REQUEST)); OAuth2AuthorizationResponse authorizationResponse = error().errorCode(OAuth2ErrorCodes.INVALID_REQUEST).build(); OAuth2AuthorizationExchange authorizationExchange = new OAuth2AuthorizationExchange(this.authorizationRequest, authorizationResponse); this.authenticationProvider.authenticate( new OAuth2LoginAuthenticationToken(this.clientRegistration, authorizationExchange)); }
@Test public void authenticateWhenAuthorizationResponseStateNotEqualAuthorizationRequestStateThenThrowOAuth2AuthenticationException() { this.exception.expect(OAuth2AuthenticationException.class); this.exception.expectMessage(containsString("invalid_state_parameter")); OAuth2AuthorizationResponse authorizationResponse = success().state("67890").build(); OAuth2AuthorizationExchange authorizationExchange = new OAuth2AuthorizationExchange(this.authorizationRequest, authorizationResponse); this.authenticationProvider.authenticate( new OAuth2LoginAuthenticationToken(this.clientRegistration, authorizationExchange)); }