private ClientRequest.Builder initRequestBuilder() { if (defaultRequest != null) { defaultRequest.accept(this); } return ClientRequest.create(this.httpMethod, initUri()) .headers(headers -> headers.addAll(initHeaders())) .cookies(cookies -> cookies.addAll(initCookies())) .attributes(attributes -> attributes.putAll(this.attributes)); }
@Test public void filterWhenClientRegistrationIdAndServerWebExchangeFromContextThenServerWebExchangeFromContext() { OAuth2RefreshToken refreshToken = new OAuth2RefreshToken("refresh-token", this.accessToken.getIssuedAt()); OAuth2AuthorizedClient authorizedClient = new OAuth2AuthorizedClient(this.registration, "principalName", this.accessToken, refreshToken); when(this.authorizedClientRepository.loadAuthorizedClient(any(), any(), any())).thenReturn(Mono.just(authorizedClient)); when(this.clientRegistrationRepository.findByRegistrationId(any())).thenReturn(Mono.just(this.registration)); ClientRequest request = ClientRequest.create(GET, URI.create("https://example.com")) .attributes(clientRegistrationId(this.registration.getRegistrationId())) .build(); this.function.filter(request, this.exchange) .subscriberContext(serverWebExchange()) .block(); verify(this.authorizedClientRepository).loadAuthorizedClient(eq(this.registration.getRegistrationId()), any(), eq(this.serverWebExchange)); }
@Test public void filterWhenClientRegistrationIdThenAuthorizedClientResolved() { OAuth2RefreshToken refreshToken = new OAuth2RefreshToken("refresh-token", this.accessToken.getIssuedAt()); OAuth2AuthorizedClient authorizedClient = new OAuth2AuthorizedClient(this.registration, "principalName", this.accessToken, refreshToken); when(this.authorizedClientRepository.loadAuthorizedClient(any(), any(), any())).thenReturn(Mono.just(authorizedClient)); when(this.clientRegistrationRepository.findByRegistrationId(any())).thenReturn(Mono.just(this.registration)); ClientRequest request = ClientRequest.create(GET, URI.create("https://example.com")) .attributes(clientRegistrationId(this.registration.getRegistrationId())) .build(); this.function.filter(request, this.exchange).block(); List<ClientRequest> requests = this.exchange.getRequests(); assertThat(requests).hasSize(1); ClientRequest request0 = requests.get(0); assertThat(request0.headers().getFirst(HttpHeaders.AUTHORIZATION)).isEqualTo("Bearer token-0"); assertThat(request0.url().toASCIIString()).isEqualTo("https://example.com"); assertThat(request0.method()).isEqualTo(HttpMethod.GET); assertThat(getBody(request0)).isEmpty(); }
"principalName", this.accessToken, refreshToken); ClientRequest request = ClientRequest.create(GET, URI.create("https://example.com")) .attributes(oauth2AuthorizedClient(authorizedClient)) .build();
"principalName", accessToken, null); ClientRequest request = ClientRequest.create(GET, URI.create("https://example.com")) .attributes(oauth2AuthorizedClient(authorizedClient)) .build();
"principalName", this.accessToken, refreshToken); ClientRequest request = ClientRequest.create(GET, URI.create("https://example.com")) .attributes(oauth2AuthorizedClient(authorizedClient)) .build();
"principalName", this.accessToken, refreshToken); ClientRequest request = ClientRequest.create(GET, URI.create("https://example.com")) .attributes(oauth2AuthorizedClient(authorizedClient)) .attributes(authentication(this.authentication)) .build();
"principalName", this.accessToken, null); ClientRequest request = ClientRequest.create(GET, URI.create("https://example.com")) .attributes(oauth2AuthorizedClient(authorizedClient)) .attributes(authentication(this.authentication)) .build();
@Test public void filterWhenClientCredentialsTokenNotExpiredThenUseCurrentToken() { TestingAuthenticationToken authentication = new TestingAuthenticationToken("test", "this"); ClientRegistration registration = TestClientRegistrations.clientCredentials().build(); this.function = new ServerOAuth2AuthorizedClientExchangeFilterFunction(this.authorizedClientRepository, this.authorizedClientResolver); OAuth2AuthorizedClient authorizedClient = new OAuth2AuthorizedClient(registration, "principalName", this.accessToken, null); ClientRequest request = ClientRequest.create(GET, URI.create("https://example.com")) .attributes(oauth2AuthorizedClient(authorizedClient)) .build(); this.function.filter(request, this.exchange) .subscriberContext(ReactiveSecurityContextHolder.withAuthentication(authentication)) .block(); verify(this.authorizedClientResolver, never()).clientCredentials(any(), any(), any()); verify(this.authorizedClientResolver, never()).createDefaultedRequest(any(), any(), any()); List<ClientRequest> requests = this.exchange.getRequests(); assertThat(requests).hasSize(1); ClientRequest request1 = requests.get(0); assertThat(request1.headers().getFirst(HttpHeaders.AUTHORIZATION)).isEqualTo("Bearer token-0"); assertThat(request1.url().toASCIIString()).isEqualTo("https://example.com"); assertThat(request1.method()).isEqualTo(HttpMethod.GET); assertThat(getBody(request1)).isEmpty(); }
@Test public void filterWhenClientCredentialsTokenNotExpiredThenUseCurrentToken() { this.registration = TestClientRegistrations.clientCredentials().build(); this.function = new ServletOAuth2AuthorizedClientExchangeFilterFunction(this.clientRegistrationRepository, this.authorizedClientRepository); this.function.setClientCredentialsTokenResponseClient(this.clientCredentialsTokenResponseClient); OAuth2AuthorizedClient authorizedClient = new OAuth2AuthorizedClient(this.registration, "principalName", this.accessToken, null); ClientRequest request = ClientRequest.create(GET, URI.create("https://example.com")) .attributes(oauth2AuthorizedClient(authorizedClient)) .attributes(authentication(this.authentication)) .build(); this.function.filter(request, this.exchange).block(); verify(this.authorizedClientRepository, never()).saveAuthorizedClient(any(), eq(this.authentication), any(), any()); verify(clientCredentialsTokenResponseClient, never()).getTokenResponse(any()); List<ClientRequest> requests = this.exchange.getRequests(); assertThat(requests).hasSize(1); ClientRequest request1 = requests.get(0); assertThat(request1.headers().getFirst(HttpHeaders.AUTHORIZATION)).isEqualTo("Bearer token-0"); assertThat(request1.url().toASCIIString()).isEqualTo("https://example.com"); assertThat(request1.method()).isEqualTo(HttpMethod.GET); assertThat(getBody(request1)).isEmpty(); }
private Mono<ClientResponse> redirectIfNecessary(ClientRequest request, ExchangeFunction next, ClientResponse response) { URI location = response.headers().asHttpHeaders().getLocation(); String host = request.url().getHost(); String scheme = request.url().getScheme(); if (location != null) { String redirectUrl = location.toASCIIString(); if (location.getHost() == null) { redirectUrl = scheme+ "://" + host + location.toASCIIString(); } ClientRequest redirect = ClientRequest.method(HttpMethod.GET, URI.create(redirectUrl)) .headers(headers -> headers.addAll(request.headers())) .cookies(cookies -> cookies.addAll(request.cookies())) .attributes(attributes -> attributes.putAll(request.attributes())) .build(); return next.exchange(redirect).flatMap( r -> redirectIfNecessary(request, next, r)); } return Mono.just(response); } }
@Test public void filterWhenRefreshTokenNullThenShouldRefreshFalse() { this.function = new ServletOAuth2AuthorizedClientExchangeFilterFunction(this.clientRegistrationRepository, this.authorizedClientRepository); OAuth2AuthorizedClient authorizedClient = new OAuth2AuthorizedClient(this.registration, "principalName", this.accessToken); ClientRequest request = ClientRequest.create(GET, URI.create("https://example.com")) .attributes(oauth2AuthorizedClient(authorizedClient)) .build(); this.function.filter(request, this.exchange).block(); List<ClientRequest> requests = this.exchange.getRequests(); assertThat(requests).hasSize(1); ClientRequest request0 = requests.get(0); assertThat(request0.headers().getFirst(HttpHeaders.AUTHORIZATION)).isEqualTo("Bearer token-0"); assertThat(request0.url().toASCIIString()).isEqualTo("https://example.com"); assertThat(request0.method()).isEqualTo(HttpMethod.GET); assertThat(getBody(request0)).isEmpty(); }
@Test public void filterWhenNotExpiredThenShouldRefreshFalse() { OAuth2RefreshToken refreshToken = new OAuth2RefreshToken("refresh-token", this.accessToken.getIssuedAt()); OAuth2AuthorizedClient authorizedClient = new OAuth2AuthorizedClient(this.registration, "principalName", this.accessToken, refreshToken); ClientRequest request = ClientRequest.create(GET, URI.create("https://example.com")) .attributes(oauth2AuthorizedClient(authorizedClient)) .build(); this.function.filter(request, this.exchange).block(); List<ClientRequest> requests = this.exchange.getRequests(); assertThat(requests).hasSize(1); ClientRequest request0 = requests.get(0); assertThat(request0.headers().getFirst(HttpHeaders.AUTHORIZATION)).isEqualTo("Bearer token-0"); assertThat(request0.url().toASCIIString()).isEqualTo("https://example.com"); assertThat(request0.method()).isEqualTo(HttpMethod.GET); assertThat(getBody(request0)).isEmpty(); }
@Test public void filterWhenNotExpiredThenShouldRefreshFalse() { this.function = new ServletOAuth2AuthorizedClientExchangeFilterFunction(this.clientRegistrationRepository, this.authorizedClientRepository); OAuth2RefreshToken refreshToken = new OAuth2RefreshToken("refresh-token", this.accessToken.getIssuedAt()); OAuth2AuthorizedClient authorizedClient = new OAuth2AuthorizedClient(this.registration, "principalName", this.accessToken, refreshToken); ClientRequest request = ClientRequest.create(GET, URI.create("https://example.com")) .attributes(oauth2AuthorizedClient(authorizedClient)) .build(); this.function.filter(request, this.exchange).block(); List<ClientRequest> requests = this.exchange.getRequests(); assertThat(requests).hasSize(1); ClientRequest request0 = requests.get(0); assertThat(request0.headers().getFirst(HttpHeaders.AUTHORIZATION)).isEqualTo("Bearer token-0"); assertThat(request0.url().toASCIIString()).isEqualTo("https://example.com"); assertThat(request0.method()).isEqualTo(HttpMethod.GET); assertThat(getBody(request0)).isEmpty(); }
@Test public void filterWhenRefreshTokenNullThenShouldRefreshFalse() { OAuth2AuthorizedClient authorizedClient = new OAuth2AuthorizedClient(this.registration, "principalName", this.accessToken); ClientRequest request = ClientRequest.create(GET, URI.create("https://example.com")) .attributes(oauth2AuthorizedClient(authorizedClient)) .build(); this.function.filter(request, this.exchange).block(); List<ClientRequest> requests = this.exchange.getRequests(); assertThat(requests).hasSize(1); ClientRequest request0 = requests.get(0); assertThat(request0.headers().getFirst(HttpHeaders.AUTHORIZATION)).isEqualTo("Bearer token-0"); assertThat(request0.url().toASCIIString()).isEqualTo("https://example.com"); assertThat(request0.method()).isEqualTo(HttpMethod.GET); assertThat(getBody(request0)).isEmpty(); }
@Test public void filterWhenAuthorizedClientThenAuthorizationHeader() { OAuth2AuthorizedClient authorizedClient = new OAuth2AuthorizedClient(this.registration, "principalName", this.accessToken); ClientRequest request = ClientRequest.create(GET, URI.create("https://example.com")) .attributes(oauth2AuthorizedClient(authorizedClient)) .build(); this.function.filter(request, this.exchange).block(); assertThat(this.exchange.getRequest().headers().getFirst(HttpHeaders.AUTHORIZATION)).isEqualTo("Bearer " + this.accessToken.getTokenValue()); }
@Test public void filterWhenExistingAuthorizationThenSingleAuthorizationHeader() { OAuth2AuthorizedClient authorizedClient = new OAuth2AuthorizedClient(this.registration, "principalName", this.accessToken); ClientRequest request = ClientRequest.create(GET, URI.create("https://example.com")) .header(HttpHeaders.AUTHORIZATION, "Existing") .attributes(oauth2AuthorizedClient(authorizedClient)) .build(); this.function.filter(request, this.exchange).block(); HttpHeaders headers = this.exchange.getRequest().headers(); assertThat(headers.get(HttpHeaders.AUTHORIZATION)).containsOnly("Bearer " + this.accessToken.getTokenValue()); }
@Test public void filterWhenExistingAuthorizationThenSingleAuthorizationHeader() { OAuth2AuthorizedClient authorizedClient = new OAuth2AuthorizedClient(this.registration, "principalName", this.accessToken); ClientRequest request = ClientRequest.create(GET, URI.create("https://example.com")) .header(HttpHeaders.AUTHORIZATION, "Existing") .attributes(oauth2AuthorizedClient(authorizedClient)) .build(); this.function.filter(request, this.exchange).block(); HttpHeaders headers = this.exchange.getRequest().headers(); assertThat(headers.get(HttpHeaders.AUTHORIZATION)).containsOnly("Bearer " + this.accessToken.getTokenValue()); }
@Test public void filterWhenAuthorizedClientThenAuthorizationHeader() { OAuth2AuthorizedClient authorizedClient = new OAuth2AuthorizedClient(this.registration, "principalName", this.accessToken); ClientRequest request = ClientRequest.create(GET, URI.create("https://example.com")) .attributes(oauth2AuthorizedClient(authorizedClient)) .build(); this.function.filter(request, this.exchange).block(); assertThat(this.exchange.getRequest().headers().getFirst(HttpHeaders.AUTHORIZATION)).isEqualTo("Bearer " + this.accessToken.getTokenValue()); }
@Test @SuppressWarnings("deprecation") public void basicAuthenticationAttributes() { ClientRequest request = ClientRequest.create(HttpMethod.GET, DEFAULT_URL) .attributes(org.springframework.web.reactive.function.client.ExchangeFilterFunctions .Credentials.basicAuthenticationCredentials("foo", "bar")) .build(); ClientResponse response = mock(ClientResponse.class); ExchangeFunction exchange = r -> { assertTrue(r.headers().containsKey(HttpHeaders.AUTHORIZATION)); assertTrue(r.headers().getFirst(HttpHeaders.AUTHORIZATION).startsWith("Basic ")); return Mono.just(response); }; ExchangeFilterFunction auth = ExchangeFilterFunctions.basicAuthentication(); assertFalse(request.headers().containsKey(HttpHeaders.AUTHORIZATION)); ClientResponse result = auth.filter(request, exchange).block(); assertEquals(response, result); }