@Bean public ResourceServerTokenServices tokenServices() { return new CustomUserInfoTokenServices(sso.getUserInfoUri(), sso.getClientId()); } }
@Override public void customize(OAuth2RestTemplate template) { final TracingClientHttpRequestInterceptor interceptor = this.beanFactory .getBean(TracingClientHttpRequestInterceptor.class); new RestTemplateInterceptorInjector(interceptor).inject(template); if (this.delegate != null) { ((UserInfoRestTemplateCustomizer) this.delegate).customize(template); } }
private OAuth2Authentication extractAuthentication(Map<String, Object> map) { Object principal = getPrincipal(map); OAuth2Request request = getRequest(map); List<GrantedAuthority> authorities = this.authoritiesExtractor .extractAuthorities(map); UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken( principal, "N/A", authorities); token.setDetails(map); return new OAuth2Authentication(request, token); }
@Test public void validateWhenKeysUriOrValuePresentAndUserInfoAbsentShouldNotFail() throws Exception { this.properties = new ResourceServerProperties("client", ""); this.properties.getJwk().setKeySetUri("http://my-auth-server/token_keys"); setListableBeanFactory(); this.properties.validate(); verifyZeroInteractions(this.errors); }
@Test public void validateWhenBothJwtKeyValueAndJwkKeyUriPresentShouldFail() throws Exception { this.properties.getJwk().setKeySetUri("http://my-auth-server/token_keys"); this.properties.getJwt().setKeyValue("my-key"); setListableBeanFactory(); this.thrown.expect(IllegalStateException.class); this.thrown.expect(getMatcher("Only one of jwt.keyUri (or jwt.keyValue) " + "and jwk.keySetUri should be configured.", null)); this.properties.validate(); }
@Test public void validateWhenBothJwtAndJwkKeyUrisPresentShouldFail() throws Exception { this.properties.getJwk().setKeySetUri("http://my-auth-server/token_keys"); this.properties.getJwt().setKeyUri("http://my-auth-server/token_key"); setListableBeanFactory(); this.thrown.expect(IllegalStateException.class); this.thrown.expect(getMatcher("Only one of jwt.keyUri (or jwt.keyValue) " + "and jwk.keySetUri should be configured.", null)); this.properties.validate(); }
@Test public void validateWhenTokenUriAbsentAndClientSecretAbsentShouldNotFail() throws Exception { this.properties = new ResourceServerProperties("client", ""); this.properties.setUserInfoUri("http://my-auth-server/userinfo"); setListableBeanFactory(); this.properties.validate(); verifyZeroInteractions(this.errors); }
@Test public void validateWhenKeyValuePresentShouldSucceed() throws Exception { this.properties.getJwt().setKeyValue("my-key"); setListableBeanFactory(); this.properties.validate(); verifyZeroInteractions(this.errors); }
/** * Return the principal that should be used for the token. The default implementation * delegates to the {@link PrincipalExtractor}. * @param map the source map * @return the principal or {@literal "unknown"} */ protected Object getPrincipal(Map<String, Object> map) { Object principal = this.principalExtractor.extractPrincipal(map); return (principal == null ? "unknown" : principal); }
@Test public void validateWhenUserInfoUriConfiguredShouldNotFail() throws Exception { this.properties.setUserInfoUri("http://my-auth-server/userinfo"); setListableBeanFactory(); this.properties.validate(); verifyZeroInteractions(this.errors); }
@Test public void validateWhenTokenUriConfiguredShouldNotFail() throws Exception { this.properties.setTokenInfoUri("http://my-auth-server/userinfo"); setListableBeanFactory(); this.properties.validate(); verifyZeroInteractions(this.errors); }
@Test public void validateWhenKeyConfigAbsentAndInfoUrisNotConfiguredShouldFail() throws Exception { setListableBeanFactory(); this.thrown.expect(IllegalStateException.class); this.thrown.expect(getMatcher("Missing tokenInfoUri and userInfoUri and there" + " is no JWT verifier key", "tokenInfoUri")); this.properties.validate(); }
public void afterPropertiesSet() { validate(); }
private void setListableBeanFactory() { ListableBeanFactory beanFactory = new StaticWebApplicationContext() { @Override public String[] getBeanNamesForType(Class<?> type, boolean includeNonSingletons, boolean allowEagerInit) { if (type.isAssignableFrom( ResourceServerTokenServicesConfiguration.class)) { return new String[] { "ResourceServerTokenServicesConfiguration" }; } return new String[0]; } }; this.properties.setBeanFactory(beanFactory); }
@Bean public ResourceServerTokenServices tokenServices() { return new CustomUserInfoTokenServices(sso.getUserInfoUri(), sso.getClientId()); }
@Test public void validateWhenJwkKeySetUriProvidedShouldSucceed() throws Exception { this.properties.getJwk().setKeySetUri("http://my-auth-server/token_keys"); setListableBeanFactory(); this.properties.validate(); verifyZeroInteractions(this.errors); }
private OAuth2Authentication extractAuthentication(Map<String, Object> map) { Object principal = getPrincipal(map); OAuth2Request request = getRequest(map); List<GrantedAuthority> authorities = this.authoritiesExtractor .extractAuthorities(map); UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken( principal, "N/A", authorities); token.setDetails(map); return new OAuth2Authentication(request, token); }
/** * Return the principal that should be used for the token. The default implementation * delegates to the {@link PrincipalExtractor}. * @param map the source map * @return the principal or {@literal "unknown"} */ protected Object getPrincipal(Map<String, Object> map) { Object principal = this.principalExtractor.extractPrincipal(map); return (principal == null ? "unknown" : principal); }
public void afterPropertiesSet() { validate(); }
protected Object getPrincipal(Map<String, Object> map) { Object principal = this.principalExtractor.extractPrincipal(map); return principal == null?"unknown":principal; }