private Mono<OidcUserInfo> getUserInfo(OidcUserRequest userRequest) { if (!OidcUserRequestUtils.shouldRetrieveUserInfo(userRequest)) { return Mono.empty(); } return this.oauth2UserService.loadUser(userRequest) .map(OAuth2User::getAttributes) .map(OidcUserInfo::new) .doOnNext(userInfo -> { String subject = userInfo.getSubject(); if (subject == null || !subject.equals(userRequest.getIdToken().getSubject())) { OAuth2Error oauth2Error = new OAuth2Error(INVALID_USER_INFO_RESPONSE_ERROR_CODE); throw new OAuth2AuthenticationException(oauth2Error, oauth2Error.toString()); } }); }
@Test public void shouldRetrieveUserInfoWhenEndpointDefinedAndScopesOverlapThenTrue() { assertThat(OidcUserRequestUtils.shouldRetrieveUserInfo(userRequest())).isTrue(); }
@Test public void shouldRetrieveUserInfoWhenDifferentScopesThenFalse() { this.registration.scope("notintoken"); assertThat(OidcUserRequestUtils.shouldRetrieveUserInfo(userRequest())).isFalse(); }
@Test public void shouldRetrieveUserInfoWhenNotAuthorizationCodeThenFalse() { this.registration.authorizationGrantType(AuthorizationGrantType.IMPLICIT); assertThat(OidcUserRequestUtils.shouldRetrieveUserInfo(userRequest())).isFalse(); }
@Test public void shouldRetrieveUserInfoWhenNoUserInfoUriThenFalse() { this.registration.userInfoUri(null); assertThat(OidcUserRequestUtils.shouldRetrieveUserInfo(userRequest())).isFalse(); }
private Mono<OidcUserInfo> getUserInfo(OidcUserRequest userRequest) { if (!OidcUserRequestUtils.shouldRetrieveUserInfo(userRequest)) { return Mono.empty(); } return this.oauth2UserService.loadUser(userRequest) .map(OAuth2User::getAttributes) .map(OidcUserInfo::new) .doOnNext(userInfo -> { String subject = userInfo.getSubject(); if (subject == null || !subject.equals(userRequest.getIdToken().getSubject())) { OAuth2Error oauth2Error = new OAuth2Error(INVALID_USER_INFO_RESPONSE_ERROR_CODE); throw new OAuth2AuthenticationException(oauth2Error, oauth2Error.toString()); } }); }