@Before public void setup() { this.filter = new OAuth2AuthorizationCodeGrantWebFilter( this.authenticationManager, this.clientRegistrationRepository, this.authorizedClientRepository); }
@Test public void constructorWhenClientRegistrationRepositoryNullThenIllegalArgumentException() { this.clientRegistrationRepository = null; assertThatCode(() -> new OAuth2AuthorizationCodeGrantWebFilter( this.authenticationManager, this.clientRegistrationRepository, this.authorizedClientRepository)) .isInstanceOf(IllegalArgumentException.class); }
@Test public void constructorWhenAuthenticationManagerNullThenIllegalArgumentException() { this.authenticationManager = null; assertThatCode(() -> new OAuth2AuthorizationCodeGrantWebFilter( this.authenticationManager, this.clientRegistrationRepository, this.authorizedClientRepository)) .isInstanceOf(IllegalArgumentException.class); }
@Test public void constructorWhenAuthorizedClientRepositoryNullThenIllegalArgumentException() { this.authorizedClientRepository = null; assertThatCode(() -> new OAuth2AuthorizationCodeGrantWebFilter( this.authenticationManager, this.clientRegistrationRepository, this.authorizedClientRepository)) .isInstanceOf(IllegalArgumentException.class); }
protected void configure(ServerHttpSecurity http) { ReactiveClientRegistrationRepository clientRegistrationRepository = getClientRegistrationRepository(); ServerOAuth2AuthorizedClientRepository authorizedClientRepository = getAuthorizedClientRepository(); ServerAuthenticationConverter authenticationConverter = getAuthenticationConverter(); ReactiveAuthenticationManager authenticationManager = getAuthenticationManager(); OAuth2AuthorizationCodeGrantWebFilter codeGrantWebFilter = new OAuth2AuthorizationCodeGrantWebFilter(authenticationManager, authenticationConverter, authorizedClientRepository); OAuth2AuthorizationRequestRedirectWebFilter oauthRedirectFilter = new OAuth2AuthorizationRequestRedirectWebFilter( clientRegistrationRepository); http.addFilterAt(codeGrantWebFilter, SecurityWebFiltersOrder.OAUTH2_AUTHORIZATION_CODE); http.addFilterAt(oauthRedirectFilter, SecurityWebFiltersOrder.HTTP_BASIC); }
@Test public void filterWhenMatchThenAuthorizedClientSaved() { Mono<Authentication> authentication = Mono .just(TestOAuth2AuthorizationCodeAuthenticationTokens.unauthenticated()); OAuth2AuthorizationCodeAuthenticationToken authenticated = TestOAuth2AuthorizationCodeAuthenticationTokens .authenticated(); ServerAuthenticationConverter converter = e -> authentication; this.filter = new OAuth2AuthorizationCodeGrantWebFilter( this.authenticationManager, converter, this.authorizedClientRepository); MockServerWebExchange exchange = MockServerWebExchange.from(MockServerHttpRequest .get("/authorize/oauth2/code/registration-id")); DefaultWebFilterChain chain = new DefaultWebFilterChain( e -> e.getResponse().setComplete()); when(this.authenticationManager.authenticate(any())).thenReturn(Mono.just( authenticated)); when(this.authorizedClientRepository.saveAuthorizedClient(any(), any(), any())) .thenReturn(Mono.empty()); this.filter.filter(exchange, chain).block(); verify(this.authorizedClientRepository).saveAuthorizedClient(any(), any(AnonymousAuthenticationToken.class), any()); } }
protected void configure(ServerHttpSecurity http) { ReactiveClientRegistrationRepository clientRegistrationRepository = getClientRegistrationRepository(); ServerOAuth2AuthorizedClientRepository authorizedClientRepository = getAuthorizedClientRepository(); ServerAuthenticationConverter authenticationConverter = getAuthenticationConverter(); ReactiveAuthenticationManager authenticationManager = getAuthenticationManager(); OAuth2AuthorizationCodeGrantWebFilter codeGrantWebFilter = new OAuth2AuthorizationCodeGrantWebFilter(authenticationManager, authenticationConverter, authorizedClientRepository); OAuth2AuthorizationRequestRedirectWebFilter oauthRedirectFilter = new OAuth2AuthorizationRequestRedirectWebFilter( clientRegistrationRepository); http.addFilterAt(codeGrantWebFilter, SecurityWebFiltersOrder.OAUTH2_AUTHORIZATION_CODE); http.addFilterAt(oauthRedirectFilter, SecurityWebFiltersOrder.HTTP_BASIC); }
protected void configure(ServerHttpSecurity http) { ReactiveClientRegistrationRepository clientRegistrationRepository = getClientRegistrationRepository(); ServerOAuth2AuthorizedClientRepository authorizedClientRepository = getAuthorizedClientRepository(); ServerAuthenticationConverter authenticationConverter = getAuthenticationConverter(); ReactiveAuthenticationManager authenticationManager = getAuthenticationManager(); OAuth2AuthorizationCodeGrantWebFilter codeGrantWebFilter = new OAuth2AuthorizationCodeGrantWebFilter(authenticationManager, authenticationConverter, authorizedClientRepository); OAuth2AuthorizationRequestRedirectWebFilter oauthRedirectFilter = new OAuth2AuthorizationRequestRedirectWebFilter( clientRegistrationRepository); http.addFilterAt(codeGrantWebFilter, SecurityWebFiltersOrder.OAUTH2_AUTHORIZATION_CODE); http.addFilterAt(oauthRedirectFilter, SecurityWebFiltersOrder.HTTP_BASIC); }