Skip to content

Refactor oauth2-resource-server deprecated calls #18500

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
paulvas wants to merge 1 commit into from
Closed

Refactor oauth2-resource-server deprecated calls #18500

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
49 changes: 23 additions & 26 deletions ...ork/security/oauth2/server/resource/introspection/SpringOpaqueTokenIntrospectorTests.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -131,8 +131,11 @@ public void introspectWhenActiveTokenThenOk() throws Exception {
try (MockWebServer server = new MockWebServer()) {
server.setDispatcher(requiresAuth(CLIENT_ID, CLIENT_SECRET, ACTIVE_RESPONSE));
String introspectUri = server.url("/introspect").toString();
OpaqueTokenIntrospector introspectionClient = new SpringOpaqueTokenIntrospector(introspectUri, CLIENT_ID,
CLIENT_SECRET);
OpaqueTokenIntrospector introspectionClient = SpringOpaqueTokenIntrospector
.withIntrospectionUri(introspectUri)
.clientId(CLIENT_ID)
.clientSecret(CLIENT_SECRET)
.build();
OAuth2AuthenticatedPrincipal authority = introspectionClient.introspect("token");
// @formatter:off
assertThat(authority.getAttributes())
Expand All @@ -156,8 +159,11 @@ public void introspectWhenBadClientCredentialsThenError() throws IOException {
try (MockWebServer server = new MockWebServer()) {
server.setDispatcher(requiresAuth(CLIENT_ID, CLIENT_SECRET, ACTIVE_RESPONSE));
String introspectUri = server.url("/introspect").toString();
OpaqueTokenIntrospector introspectionClient = new SpringOpaqueTokenIntrospector(introspectUri, CLIENT_ID,
"wrong");
OpaqueTokenIntrospector introspectionClient = SpringOpaqueTokenIntrospector
.withIntrospectionUri(introspectUri)
.clientId(CLIENT_ID)
.clientSecret("wrong")
.build();
assertThatExceptionOfType(OAuth2IntrospectionException.class)
.isThrownBy(() -> introspectionClient.introspect("token"));
}
Expand Down Expand Up @@ -263,20 +269,29 @@ public void introspectWhenActiveThenMapsAuthorities() {

@Test
public void constructorWhenIntrospectionUriIsNullThenIllegalArgumentException() {
assertThatIllegalArgumentException()
.isThrownBy(() -> new SpringOpaqueTokenIntrospector(null, CLIENT_ID, CLIENT_SECRET));
assertThatIllegalArgumentException().isThrownBy(() -> SpringOpaqueTokenIntrospector.withIntrospectionUri(null)
.clientId(CLIENT_ID)
.clientSecret(CLIENT_SECRET)
.build());

}

@Test
public void constructorWhenClientIdIsNullThenIllegalArgumentException() {
assertThatIllegalArgumentException()
.isThrownBy(() -> new SpringOpaqueTokenIntrospector(INTROSPECTION_URL, null, CLIENT_SECRET));
.isThrownBy(() -> SpringOpaqueTokenIntrospector.withIntrospectionUri(INTROSPECTION_URL)
.clientId(null)
.clientSecret(CLIENT_SECRET)
.build());
}

@Test
public void constructorWhenClientSecretIsNullThenIllegalArgumentException() {
assertThatIllegalArgumentException()
.isThrownBy(() -> new SpringOpaqueTokenIntrospector(INTROSPECTION_URL, CLIENT_ID, null));
.isThrownBy(() -> SpringOpaqueTokenIntrospector.withIntrospectionUri(INTROSPECTION_URL)
.clientId(CLIENT_ID)
.clientSecret(null)
.build());
}

@Test
Expand Down Expand Up @@ -339,24 +354,6 @@ public void setAuthenticationConverterWhenNonNullConverterGivenThenConverterUsed
verify(authenticationConverter).convert(any());
}

@Test
public void introspectWithoutEncodeClientCredentialsThenExceptionIsThrown() throws Exception {
try (MockWebServer server = new MockWebServer()) {
String response = """
{
"active": true,
"username": "client%&1"
}
""";
server.setDispatcher(requiresAuth("client%25%261", "secret%40%242", response));
String introspectUri = server.url("/introspect").toString();
OpaqueTokenIntrospector introspectionClient = new SpringOpaqueTokenIntrospector(introspectUri, "client%&1",
"secret@$2");
assertThatExceptionOfType(OAuth2IntrospectionException.class)
.isThrownBy(() -> introspectionClient.introspect("token"));
}
}

@Test
public void introspectWithEncodeClientCredentialsThenOk() throws Exception {
try (MockWebServer server = new MockWebServer()) {
Expand Down
51 changes: 36 additions & 15 deletions ...rity/oauth2/server/resource/introspection/SpringReactiveOpaqueTokenIntrospectorTests.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -111,8 +111,11 @@ public void authenticateWhenActiveTokenThenOk() throws Exception {
try (MockWebServer server = new MockWebServer()) {
server.setDispatcher(requiresAuth(CLIENT_ID, CLIENT_SECRET, ACTIVE_RESPONSE));
String introspectUri = server.url("/introspect").toString();
SpringReactiveOpaqueTokenIntrospector introspectionClient = new SpringReactiveOpaqueTokenIntrospector(
introspectUri, CLIENT_ID, CLIENT_SECRET);
SpringReactiveOpaqueTokenIntrospector introspectionClient = SpringReactiveOpaqueTokenIntrospector
.withIntrospectionUri(introspectUri)
.clientId(CLIENT_ID)
.clientSecret(CLIENT_SECRET)
.build();
OAuth2AuthenticatedPrincipal authority = introspectionClient.introspect("token").block();
assertThat(authority).isNotNull();
// @formatter:off
Expand All @@ -137,8 +140,11 @@ public void authenticateWhenBadClientCredentialsThenAuthenticationException() th
try (MockWebServer server = new MockWebServer()) {
server.setDispatcher(requiresAuth(CLIENT_ID, CLIENT_SECRET, ACTIVE_RESPONSE));
String introspectUri = server.url("/introspect").toString();
SpringReactiveOpaqueTokenIntrospector introspectionClient = new SpringReactiveOpaqueTokenIntrospector(
introspectUri, CLIENT_ID, "wrong");
SpringReactiveOpaqueTokenIntrospector introspectionClient = SpringReactiveOpaqueTokenIntrospector
.withIntrospectionUri(introspectUri)
.clientId(CLIENT_ID)
.clientSecret("wrong")
.build();
assertThatExceptionOfType(OAuth2IntrospectionException.class)
.isThrownBy(() -> introspectionClient.introspect("token").block());

Expand Down Expand Up @@ -241,19 +247,29 @@ public void setAuthenticationConverterWhenNonNullConverterGivenThenConverterUsed
@Test
public void constructorWhenIntrospectionUriIsEmptyThenIllegalArgumentException() {
assertThatIllegalArgumentException()
.isThrownBy(() -> new SpringReactiveOpaqueTokenIntrospector("", CLIENT_ID, CLIENT_SECRET));
.isThrownBy(() -> SpringReactiveOpaqueTokenIntrospector.withIntrospectionUri("")
.clientId(CLIENT_ID)
.clientSecret(CLIENT_SECRET)
.build());
}

@Test
public void constructorWhenClientIdIsEmptyThenIllegalArgumentException() {
public void constructorWhenClientIdIsNullThenIllegalArgumentException() {
assertThatIllegalArgumentException()
.isThrownBy(() -> new SpringReactiveOpaqueTokenIntrospector(INTROSPECTION_URL, "", CLIENT_SECRET));
.isThrownBy(() -> SpringReactiveOpaqueTokenIntrospector.withIntrospectionUri(INTROSPECTION_URL)
.clientId(null)
.clientSecret(CLIENT_SECRET)
.build());

}

@Test
public void constructorWhenClientSecretIsNullThenIllegalArgumentException() {
assertThatIllegalArgumentException()
.isThrownBy(() -> new SpringReactiveOpaqueTokenIntrospector(INTROSPECTION_URL, CLIENT_ID, null));
.isThrownBy(() -> SpringReactiveOpaqueTokenIntrospector.withIntrospectionUri(INTROSPECTION_URL)
.clientId(CLIENT_ID)
.clientSecret(null)
.build());
}

@Test
Expand All @@ -263,7 +279,7 @@ public void constructorWhenRestOperationsIsNullThenIllegalArgumentException() {
}

@Test
public void introspectWithoutEncodeClientCredentialsThenExceptionIsThrown() throws Exception {
public void introspectWithoutEncodeClientCredentialsThenOk() throws Exception {
try (MockWebServer server = new MockWebServer()) {
String response = """
{
Expand All @@ -273,12 +289,17 @@ public void introspectWithoutEncodeClientCredentialsThenExceptionIsThrown() thro
""";
server.setDispatcher(requiresAuth("client%25%261", "secret%40%242", response));
String introspectUri = server.url("/introspect").toString();
ReactiveOpaqueTokenIntrospector introspectionClient = new SpringReactiveOpaqueTokenIntrospector(
introspectUri, "client%&1", "secret@$2");
// @formatter:off
assertThatExceptionOfType(OAuth2IntrospectionException.class)
.isThrownBy(() -> introspectionClient.introspect("token").block());
// @formatter:on

ReactiveOpaqueTokenIntrospector introspectionClient = SpringReactiveOpaqueTokenIntrospector
.withIntrospectionUri(introspectUri)
.clientId("client%&1")
.clientSecret("secret@$2")
.build();
OAuth2AuthenticatedPrincipal authority = introspectionClient.introspect("token").block();
assertThat(authority).isNotNull();
assertThat(authority.getAttributes()).isNotNull()
.containsEntry(OAuth2TokenIntrospectionClaimNames.ACTIVE, true)
.containsEntry(OAuth2TokenIntrospectionClaimNames.USERNAME, "client%&1");
}
}

Expand Down
Loading