Simplify opaqueToken support

Remove scopes convenience method to alleviate potential confusion with
the "scope" attribute.

Issue gh-7827
Issue gh-7712
This commit is contained in:
Josh Cummings 2020-03-02 18:24:08 -07:00
parent 689fc9df0c
commit 3bc1b7a933
No known key found for this signature in database
GPG Key ID: 49EF60DD7FF83443
5 changed files with 3 additions and 48 deletions

View File

@ -51,7 +51,7 @@ public class OAuth2ResourceServerControllerTests {
@Test
public void messageCanBeReadWithScopeMessageReadAuthority() throws Exception {
this.mvc.perform(get("/message").with(opaqueToken().scopes("message:read")))
this.mvc.perform(get("/message").with(opaqueToken().attributes(a -> a.put("scope", "message:read"))))
.andExpect(content().string(is("secret message")));
this.mvc.perform(get("/message")
@ -77,7 +77,7 @@ public class OAuth2ResourceServerControllerTests {
public void messageCanNotBeCreatedWithScopeMessageReadAuthority() throws Exception {
this.mvc.perform(post("/message")
.content("Hello message")
.with(opaqueToken().scopes("message:read")))
.with(opaqueToken().authorities(new SimpleGrantedAuthority("SCOPE_message:read"))))
.andExpect(status().isForbidden());
}
@ -85,7 +85,7 @@ public class OAuth2ResourceServerControllerTests {
public void messageCanBeCreatedWithScopeMessageWriteAuthority() throws Exception {
this.mvc.perform(post("/message")
.content("Hello message")
.with(opaqueToken().scopes("message:write")))
.with(opaqueToken().authorities(new SimpleGrantedAuthority("SCOPE_message:write"))))
.andExpect(status().isOk())
.andExpect(content().string(is("Message was created. Content: Hello message")));
}

View File

@ -590,18 +590,6 @@ public class SecurityMockServerConfigurers {
return this;
}
/**
* Use the provided scopes as the authorities in the resulting principal
* @param scopes the scopes to use
* @return the {@link OpaqueTokenMutator} for further configuration
*/
public OpaqueTokenMutator scopes(String... scopes) {
Assert.notNull(scopes, "scopes cannot be null");
this.authorities = () -> getAuthorities(Arrays.asList(scopes));
this.principal = this::defaultPrincipal;
return this;
}
/**
* Use the provided principal
* @param principal the principal to use

View File

@ -1228,18 +1228,6 @@ public final class SecurityMockMvcRequestPostProcessors {
return this;
}
/**
* Use the provided scopes as the authorities in the resulting principal
* @param scopes the scopes to use
* @return the {@link OpaqueTokenRequestPostProcessor} for further configuration
*/
public OpaqueTokenRequestPostProcessor scopes(String... scopes) {
Assert.notNull(scopes, "scopes cannot be null");
this.authorities = () -> getAuthorities(Arrays.asList(scopes));
this.principal = this::defaultPrincipal;
return this;
}
/**
* Use the provided principal
* @param principal the principal to use

View File

@ -90,20 +90,6 @@ public class SecurityMockServerConfigurerOpaqueTokenTests extends AbstractMockSe
.containsOnly(this.authority1, this.authority2);
}
@Test
public void mockOpaqueTokenWhenScopesThenBearerTokenAuthentication() {
this.client
.mutateWith(mockOpaqueToken().scopes("scoped", "authorities"))
.get()
.exchange()
.expectStatus().isOk();
SecurityContext context = securityContextController.removeSecurityContext();
assertThat((List<GrantedAuthority>) context.getAuthentication().getAuthorities())
.containsOnly(new SimpleGrantedAuthority("SCOPE_scoped"),
new SimpleGrantedAuthority("SCOPE_authorities"));
}
@Test
public void mockOpaqueTokenWhenAttributesThenBearerTokenAuthentication() {
String sub = new String("my-subject");

View File

@ -89,13 +89,6 @@ public class SecurityMockMvcRequestPostProcessorsOpaqueTokenTests {
.andExpect(status().isForbidden());
}
@Test
public void opaqueTokenWhenAuthoritiesSpecifiedThenGrantsAccess() throws Exception {
this.mvc.perform(get("/admin/scopes")
.with(opaqueToken().scopes("admin", "read")))
.andExpect(content().string("[\"SCOPE_admin\",\"SCOPE_read\"]"));
}
@Test
public void opaqueTokenWhenAttributeSpecifiedThenUserHasAttribute() throws Exception {
this.mvc.perform(get("/opaque-token/iss")