Remove deprecated UnAuthenticatedServerOAuth2AuthorizedClientRepository

Closes gh-11508
This commit is contained in:
Joe Grandja 2022-07-14 10:59:24 -04:00
parent f5a436df80
commit 67b27a41c3
4 changed files with 36 additions and 396 deletions

View File

@ -1,5 +1,5 @@
/*
* Copyright 2002-2020 the original author or authors.
* Copyright 2002-2022 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -36,11 +36,9 @@ import org.springframework.security.core.context.ReactiveSecurityContextHolder;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.oauth2.client.ClientAuthorizationException;
import org.springframework.security.oauth2.client.ClientCredentialsReactiveOAuth2AuthorizedClientProvider;
import org.springframework.security.oauth2.client.OAuth2AuthorizationContext;
import org.springframework.security.oauth2.client.OAuth2AuthorizeRequest;
import org.springframework.security.oauth2.client.OAuth2AuthorizedClient;
import org.springframework.security.oauth2.client.ReactiveOAuth2AuthorizationFailureHandler;
import org.springframework.security.oauth2.client.ReactiveOAuth2AuthorizationSuccessHandler;
import org.springframework.security.oauth2.client.ReactiveOAuth2AuthorizedClientManager;
import org.springframework.security.oauth2.client.ReactiveOAuth2AuthorizedClientProvider;
import org.springframework.security.oauth2.client.ReactiveOAuth2AuthorizedClientProviderBuilder;
@ -53,7 +51,6 @@ import org.springframework.security.oauth2.client.registration.ClientRegistratio
import org.springframework.security.oauth2.client.registration.ReactiveClientRegistrationRepository;
import org.springframework.security.oauth2.client.web.DefaultReactiveOAuth2AuthorizedClientManager;
import org.springframework.security.oauth2.client.web.server.ServerOAuth2AuthorizedClientRepository;
import org.springframework.security.oauth2.client.web.server.UnAuthenticatedServerOAuth2AuthorizedClientRepository;
import org.springframework.security.oauth2.core.OAuth2AuthorizationException;
import org.springframework.security.oauth2.core.OAuth2Error;
import org.springframework.security.oauth2.core.OAuth2ErrorCodes;
@ -227,16 +224,6 @@ public final class ServerOAuth2AuthorizedClientExchangeFilterFunction implements
ServerOAuth2AuthorizedClientRepository authorizedClientRepository,
ReactiveOAuth2AuthorizationFailureHandler authorizationFailureHandler) {
// gh-7544
if (authorizedClientRepository instanceof UnAuthenticatedServerOAuth2AuthorizedClientRepository) {
UnAuthenticatedReactiveOAuth2AuthorizedClientManager unauthenticatedAuthorizedClientManager = new UnAuthenticatedReactiveOAuth2AuthorizedClientManager(
clientRegistrationRepository,
(UnAuthenticatedServerOAuth2AuthorizedClientRepository) authorizedClientRepository,
authorizationFailureHandler);
unauthenticatedAuthorizedClientManager
.setAuthorizedClientProvider(ReactiveOAuth2AuthorizedClientProviderBuilder.builder()
.authorizationCode().refreshToken().clientCredentials().password().build());
return unauthenticatedAuthorizedClientManager;
}
DefaultReactiveOAuth2AuthorizedClientManager authorizedClientManager = new DefaultReactiveOAuth2AuthorizedClientManager(
clientRegistrationRepository, authorizedClientRepository);
authorizedClientManager.setAuthorizationFailureHandler(authorizationFailureHandler);
@ -386,14 +373,8 @@ public final class ServerOAuth2AuthorizedClientExchangeFilterFunction implements
.password((configurer) -> configurer.clockSkew(this.accessTokenExpiresSkew))
.build();
// @formatter:on
if (this.authorizedClientManager instanceof UnAuthenticatedReactiveOAuth2AuthorizedClientManager) {
((UnAuthenticatedReactiveOAuth2AuthorizedClientManager) this.authorizedClientManager)
.setAuthorizedClientProvider(authorizedClientProvider);
}
else {
((DefaultReactiveOAuth2AuthorizedClientManager) this.authorizedClientManager)
.setAuthorizedClientProvider(authorizedClientProvider);
}
((DefaultReactiveOAuth2AuthorizedClientManager) this.authorizedClientManager)
.setAuthorizedClientProvider(authorizedClientProvider);
}
private void updateClientCredentialsProvider(
@ -558,114 +539,6 @@ public final class ServerOAuth2AuthorizedClientExchangeFilterFunction implements
}
private static final class UnAuthenticatedReactiveOAuth2AuthorizedClientManager
implements ReactiveOAuth2AuthorizedClientManager {
private final ReactiveClientRegistrationRepository clientRegistrationRepository;
private final UnAuthenticatedServerOAuth2AuthorizedClientRepository authorizedClientRepository;
private final ReactiveOAuth2AuthorizationSuccessHandler authorizationSuccessHandler;
private final ReactiveOAuth2AuthorizationFailureHandler authorizationFailureHandler;
private ReactiveOAuth2AuthorizedClientProvider authorizedClientProvider;
private UnAuthenticatedReactiveOAuth2AuthorizedClientManager(
ReactiveClientRegistrationRepository clientRegistrationRepository,
UnAuthenticatedServerOAuth2AuthorizedClientRepository authorizedClientRepository,
ReactiveOAuth2AuthorizationFailureHandler authorizationFailureHandler) {
this.clientRegistrationRepository = clientRegistrationRepository;
this.authorizedClientRepository = authorizedClientRepository;
this.authorizationSuccessHandler = (authorizedClient, principal, attributes) -> authorizedClientRepository
.saveAuthorizedClient(authorizedClient, principal, null);
this.authorizationFailureHandler = authorizationFailureHandler;
}
@Override
public Mono<OAuth2AuthorizedClient> authorize(OAuth2AuthorizeRequest authorizeRequest) {
Assert.notNull(authorizeRequest, "authorizeRequest cannot be null");
String clientRegistrationId = authorizeRequest.getClientRegistrationId();
Authentication principal = authorizeRequest.getPrincipal();
// @formatter:off
return Mono.justOrEmpty(authorizeRequest.getAuthorizedClient())
.switchIfEmpty(loadAuthorizedClient(clientRegistrationId, principal))
.flatMap((authorizedClient) -> reauthorize(authorizedClient, authorizeRequest, principal))
.switchIfEmpty(findAndAuthorize(clientRegistrationId, principal));
// @formatter:on
}
private Mono<OAuth2AuthorizedClient> loadAuthorizedClient(String clientRegistrationId,
Authentication principal) {
return Mono.defer(
() -> this.authorizedClientRepository.loadAuthorizedClient(clientRegistrationId, principal, null));
}
private Mono<OAuth2AuthorizedClient> reauthorize(OAuth2AuthorizedClient authorizedClient,
OAuth2AuthorizeRequest authorizeRequest, Authentication principal) {
return Mono
.just(OAuth2AuthorizationContext.withAuthorizedClient(authorizedClient).principal(principal)
.build())
.flatMap((authorizationContext) -> authorize(authorizationContext, principal))
// Default to the existing authorizedClient if the client was not
// re-authorized
.defaultIfEmpty((authorizeRequest.getAuthorizedClient() != null)
? authorizeRequest.getAuthorizedClient() : authorizedClient);
}
private Mono<OAuth2AuthorizedClient> findAndAuthorize(String clientRegistrationId, Authentication principal) {
// @formatter:off
return Mono.defer(() ->
this.clientRegistrationRepository.findByRegistrationId(clientRegistrationId)
.switchIfEmpty(Mono.error(() ->
new IllegalArgumentException("Could not find ClientRegistration with id '" + clientRegistrationId + "'"))
)
.flatMap((clientRegistration) -> Mono.just(OAuth2AuthorizationContext
.withClientRegistration(clientRegistration).principal(principal).build())
)
.flatMap((authorizationContext) -> authorize(authorizationContext, principal))
);
// @formatter:on
}
/**
* Performs authorization and then delegates to either the
* {@link #authorizationSuccessHandler} or {@link #authorizationFailureHandler},
* depending on the authorization result.
* @param authorizationContext the context to authorize
* @param principal the principle to authorize
* @return a {@link Mono} that emits the authorized client after the authorization
* attempt succeeds and the {@link #authorizationSuccessHandler} has completed, or
* completes with an exception after the authorization attempt fails and the
* {@link #authorizationFailureHandler} has completed
*/
private Mono<OAuth2AuthorizedClient> authorize(OAuth2AuthorizationContext authorizationContext,
Authentication principal) {
// @formatter:off
return this.authorizedClientProvider.authorize(authorizationContext)
// Delegates to the authorizationSuccessHandler of the successful
// authorization
.flatMap((authorizedClient) -> this.authorizationSuccessHandler
.onAuthorizationSuccess(authorizedClient, principal, Collections.emptyMap())
.thenReturn(authorizedClient)
)
// Delegates to the authorizationFailureHandler of the failed
// authorization
.onErrorResume(OAuth2AuthorizationException.class, (authorizationException) ->
this.authorizationFailureHandler
.onAuthorizationFailure(authorizationException, principal, Collections.emptyMap())
.then(Mono.error(authorizationException))
);
// @formatter:on
}
private void setAuthorizedClientProvider(ReactiveOAuth2AuthorizedClientProvider authorizedClientProvider) {
Assert.notNull(authorizedClientProvider, "authorizedClientProvider cannot be null");
this.authorizedClientProvider = authorizedClientProvider;
}
}
/**
* Forwards authentication and authorization failures to a
* {@link ReactiveOAuth2AuthorizationFailureHandler}.

View File

@ -1,84 +0,0 @@
/*
* Copyright 2002-2020 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* https://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.springframework.security.oauth2.client.web.server;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;
import reactor.core.publisher.Mono;
import org.springframework.security.authentication.AuthenticationTrustResolver;
import org.springframework.security.authentication.AuthenticationTrustResolverImpl;
import org.springframework.security.core.Authentication;
import org.springframework.security.oauth2.client.AuthorizedClientServiceReactiveOAuth2AuthorizedClientManager;
import org.springframework.security.oauth2.client.OAuth2AuthorizedClient;
import org.springframework.util.Assert;
import org.springframework.web.server.ServerWebExchange;
/**
* Provides support for an unauthenticated user. This is useful when running as a process
* with no user associated to it. The implementation ensures that
* {@link ServerWebExchange} is null and that the {@link Authentication} is either null or
* anonymous to prevent using it incorrectly.
*
* @author Rob Winch
* @since 5.1
* @deprecated Use {@link AuthorizedClientServiceReactiveOAuth2AuthorizedClientManager}
* instead
*/
@Deprecated
public class UnAuthenticatedServerOAuth2AuthorizedClientRepository implements ServerOAuth2AuthorizedClientRepository {
private final AuthenticationTrustResolver trustResolver = new AuthenticationTrustResolverImpl();
private final Map<String, OAuth2AuthorizedClient> clientRegistrationIdToAuthorizedClient = new ConcurrentHashMap<>();
@Override
public <T extends OAuth2AuthorizedClient> Mono<T> loadAuthorizedClient(String clientRegistrationId,
Authentication authentication, ServerWebExchange serverWebExchange) {
Assert.notNull(clientRegistrationId, "clientRegistrationId cannot be null");
Assert.isNull(serverWebExchange, "serverWebExchange must be null");
Assert.isTrue(isUnauthenticated(authentication), "The user " + authentication + " should not be authenticated");
return Mono.fromSupplier(() -> (T) this.clientRegistrationIdToAuthorizedClient.get(clientRegistrationId));
}
@Override
public Mono<Void> saveAuthorizedClient(OAuth2AuthorizedClient authorizedClient, Authentication authentication,
ServerWebExchange serverWebExchange) {
Assert.notNull(authorizedClient, "authorizedClient cannot be null");
Assert.isNull(serverWebExchange, "serverWebExchange must be null");
Assert.isTrue(isUnauthenticated(authentication), "The user " + authentication + " should not be authenticated");
return Mono.fromRunnable(() -> {
String clientRegistrationId = authorizedClient.getClientRegistration().getRegistrationId();
this.clientRegistrationIdToAuthorizedClient.put(clientRegistrationId, authorizedClient);
});
}
@Override
public Mono<Void> removeAuthorizedClient(String clientRegistrationId, Authentication authentication,
ServerWebExchange serverWebExchange) {
Assert.notNull(clientRegistrationId, "clientRegistrationId cannot be null");
Assert.isNull(serverWebExchange, "serverWebExchange " + serverWebExchange + "must be null");
Assert.isTrue(isUnauthenticated(authentication), "The user " + authentication + " should not be authenticated");
return Mono.fromRunnable(() -> this.clientRegistrationIdToAuthorizedClient.remove(clientRegistrationId));
}
private boolean isUnauthenticated(Authentication authentication) {
return authentication == null || this.trustResolver.isAnonymous(authentication);
}
}

View File

@ -1,5 +1,5 @@
/*
* Copyright 2002-2020 the original author or authors.
* Copyright 2002-2022 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -60,13 +60,17 @@ import org.springframework.security.authentication.TestingAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.authority.AuthorityUtils;
import org.springframework.security.core.context.ReactiveSecurityContextHolder;
import org.springframework.security.oauth2.client.AuthorizedClientServiceReactiveOAuth2AuthorizedClientManager;
import org.springframework.security.oauth2.client.ClientAuthorizationException;
import org.springframework.security.oauth2.client.ClientCredentialsReactiveOAuth2AuthorizedClientProvider;
import org.springframework.security.oauth2.client.InMemoryReactiveOAuth2AuthorizedClientService;
import org.springframework.security.oauth2.client.JwtBearerReactiveOAuth2AuthorizedClientProvider;
import org.springframework.security.oauth2.client.OAuth2AuthorizationContext;
import org.springframework.security.oauth2.client.OAuth2AuthorizedClient;
import org.springframework.security.oauth2.client.ReactiveOAuth2AuthorizationFailureHandler;
import org.springframework.security.oauth2.client.ReactiveOAuth2AuthorizedClientProvider;
import org.springframework.security.oauth2.client.ReactiveOAuth2AuthorizedClientProviderBuilder;
import org.springframework.security.oauth2.client.ReactiveOAuth2AuthorizedClientService;
import org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken;
import org.springframework.security.oauth2.client.endpoint.JwtBearerGrantRequest;
import org.springframework.security.oauth2.client.endpoint.OAuth2ClientCredentialsGrantRequest;
@ -79,7 +83,6 @@ import org.springframework.security.oauth2.client.registration.ReactiveClientReg
import org.springframework.security.oauth2.client.registration.TestClientRegistrations;
import org.springframework.security.oauth2.client.web.DefaultReactiveOAuth2AuthorizedClientManager;
import org.springframework.security.oauth2.client.web.server.ServerOAuth2AuthorizedClientRepository;
import org.springframework.security.oauth2.client.web.server.UnAuthenticatedServerOAuth2AuthorizedClientRepository;
import org.springframework.security.oauth2.core.AuthorizationGrantType;
import org.springframework.security.oauth2.core.ClientAuthenticationMethod;
import org.springframework.security.oauth2.core.OAuth2AccessToken;
@ -872,13 +875,32 @@ public class ServerOAuth2AuthorizedClientExchangeFilterFunctionTests {
@Test
public void filterWhenClientCredentialsClientNotAuthorizedAndOutsideRequestContextThenGetNewToken() {
setupMockHeaders();
// Use UnAuthenticatedServerOAuth2AuthorizedClientRepository when operating
// outside of a request context
ServerOAuth2AuthorizedClientRepository unauthenticatedAuthorizedClientRepository = spy(
new UnAuthenticatedServerOAuth2AuthorizedClientRepository());
this.function = new ServerOAuth2AuthorizedClientExchangeFilterFunction(this.clientRegistrationRepository,
unauthenticatedAuthorizedClientRepository);
this.function.setClientCredentialsTokenResponseClient(this.clientCredentialsTokenResponseClient);
ReactiveOAuth2AuthorizedClientService authorizedClientServiceDelegate = new InMemoryReactiveOAuth2AuthorizedClientService(
this.clientRegistrationRepository);
ReactiveOAuth2AuthorizedClientService authorizedClientService = new ReactiveOAuth2AuthorizedClientService() {
@Override
public <T extends OAuth2AuthorizedClient> Mono<T> loadAuthorizedClient(String clientRegistrationId,
String principalName) {
return authorizedClientServiceDelegate.loadAuthorizedClient(clientRegistrationId, principalName);
}
@Override
public Mono<Void> saveAuthorizedClient(OAuth2AuthorizedClient authorizedClient, Authentication principal) {
return authorizedClientServiceDelegate.saveAuthorizedClient(authorizedClient, principal);
}
@Override
public Mono<Void> removeAuthorizedClient(String clientRegistrationId, String principalName) {
return authorizedClientServiceDelegate.removeAuthorizedClient(clientRegistrationId, principalName);
}
};
authorizedClientService = spy(authorizedClientService);
AuthorizedClientServiceReactiveOAuth2AuthorizedClientManager authorizedClientManager = new AuthorizedClientServiceReactiveOAuth2AuthorizedClientManager(
this.clientRegistrationRepository, authorizedClientService);
ClientCredentialsReactiveOAuth2AuthorizedClientProvider authorizedClientProvider = new ClientCredentialsReactiveOAuth2AuthorizedClientProvider();
authorizedClientProvider.setAccessTokenResponseClient(this.clientCredentialsTokenResponseClient);
authorizedClientManager.setAuthorizedClientProvider(authorizedClientProvider);
this.function = new ServerOAuth2AuthorizedClientExchangeFilterFunction(authorizedClientManager);
OAuth2AccessTokenResponse accessTokenResponse = OAuth2AccessTokenResponse.withToken("new-token")
.tokenType(OAuth2AccessToken.TokenType.BEARER).expiresIn(360).build();
given(this.clientCredentialsTokenResponseClient.getTokenResponse(any()))
@ -892,9 +914,9 @@ public class ServerOAuth2AuthorizedClientExchangeFilterFunctionTests {
.build();
// @formatter:on
this.function.filter(request, this.exchange).block();
verify(unauthenticatedAuthorizedClientRepository).loadAuthorizedClient(any(), any(), any());
verify(authorizedClientService).loadAuthorizedClient(any(), any());
verify(this.clientCredentialsTokenResponseClient).getTokenResponse(any());
verify(unauthenticatedAuthorizedClientRepository).saveAuthorizedClient(any(), any(), any());
verify(authorizedClientService).saveAuthorizedClient(any(), any());
List<ClientRequest> requests = this.exchange.getRequests();
assertThat(requests).hasSize(1);
ClientRequest request1 = requests.get(0);

View File

@ -1,171 +0,0 @@
/*
* Copyright 2002-2018 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* https://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.springframework.security.oauth2.client.web.server;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;
import org.springframework.mock.http.server.reactive.MockServerHttpRequest;
import org.springframework.mock.web.server.MockServerWebExchange;
import org.springframework.security.authentication.AnonymousAuthenticationToken;
import org.springframework.security.authentication.TestingAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.authority.AuthorityUtils;
import org.springframework.security.oauth2.client.OAuth2AuthorizedClient;
import org.springframework.security.oauth2.client.registration.ClientRegistration;
import org.springframework.security.oauth2.client.registration.TestClientRegistrations;
import org.springframework.security.oauth2.core.OAuth2AccessToken;
import org.springframework.security.oauth2.core.TestOAuth2AccessTokens;
import org.springframework.web.server.ServerWebExchange;
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
/**
* @author Rob Winch
*/
public class UnAuthenticatedServerOAuth2AuthorizedClientRepositoryTests {
private UnAuthenticatedServerOAuth2AuthorizedClientRepository repository = new UnAuthenticatedServerOAuth2AuthorizedClientRepository();
private ClientRegistration clientRegistration = TestClientRegistrations.clientCredentials().build();
private String clientRegistrationId = this.clientRegistration.getRegistrationId();
private ServerWebExchange exchange;
private Authentication anonymous = new AnonymousAuthenticationToken("key", "anonymous",
AuthorityUtils.createAuthorityList("ROLE_ANONYMOUS"));
private Authentication authentication;
private OAuth2AuthorizedClient authorizedClient;
@BeforeEach
public void setup() {
OAuth2AccessToken token = TestOAuth2AccessTokens.noScopes();
this.authorizedClient = new OAuth2AuthorizedClient(this.clientRegistration, "anonymousUser", token);
}
// loadAuthorizedClient
@Test
public void loadAuthorizedClientWhenClientRegistrationIdNullThenIllegalArgumentException() {
this.clientRegistrationId = null;
assertThatIllegalArgumentException().isThrownBy(() -> this.repository
.loadAuthorizedClient(this.clientRegistrationId, this.authentication, this.exchange).block());
}
@Test
public void loadAuthorizedClientWhenAuthenticationNotNullThenIllegalArgumentException() {
this.authentication = new TestingAuthenticationToken("a", "b", "ROLE_USER");
assertThatIllegalArgumentException().isThrownBy(() -> this.repository
.loadAuthorizedClient(this.clientRegistrationId, this.authentication, this.exchange).block());
}
@Test
public void loadAuthorizedClientWhenServerWebExchangeNotNullThenIllegalArgumentException() {
this.exchange = MockServerWebExchange.from(MockServerHttpRequest.get("/").build());
assertThatIllegalArgumentException().isThrownBy(() -> this.repository
.loadAuthorizedClient(this.clientRegistrationId, this.authentication, this.exchange).block());
}
@Test
public void loadAuthorizedClientWhenNotFoundThenEmpty() {
assertThat(this.repository.loadAuthorizedClient(this.clientRegistrationId, this.authentication, this.exchange)
.block()).isNull();
}
@Test
public void loadAuthorizedClientWhenFoundThenFound() {
this.repository.saveAuthorizedClient(this.authorizedClient, this.authentication, this.exchange).block();
assertThat(this.repository.loadAuthorizedClient(this.clientRegistrationId, this.authentication, this.exchange)
.block()).isEqualTo(this.authorizedClient);
}
@Test
public void loadAuthorizedClientWhenMultipleThenFound() {
ClientRegistration otherClientRegistration = TestClientRegistrations.clientRegistration()
.registrationId("other-client-registration").build();
OAuth2AuthorizedClient otherAuthorizedClient = new OAuth2AuthorizedClient(otherClientRegistration,
"anonymousUser", this.authorizedClient.getAccessToken());
this.repository.saveAuthorizedClient(this.authorizedClient, this.authentication, this.exchange).block();
this.repository.saveAuthorizedClient(otherAuthorizedClient, this.authentication, this.exchange).block();
assertThat(this.repository.loadAuthorizedClient(this.clientRegistrationId, this.authentication, this.exchange)
.block()).isEqualTo(this.authorizedClient);
}
@Test
public void loadAuthorizedClientWhenAnonymousThenFound() {
this.authentication = this.anonymous;
this.repository.saveAuthorizedClient(this.authorizedClient, this.authentication, this.exchange).block();
assertThat(this.repository.loadAuthorizedClient(this.clientRegistrationId, this.authentication, this.exchange)
.block()).isEqualTo(this.authorizedClient);
}
// saveAuthorizedClient
@Test
public void saveAuthorizedClientWhenAuthorizedClientNullThenIllegalArgumentException() {
this.authorizedClient = null;
assertThatIllegalArgumentException().isThrownBy(() -> this.repository
.saveAuthorizedClient(this.authorizedClient, this.authentication, this.exchange).block());
}
@Test
public void saveAuthorizedClientWhenAuthenticationNotNullThenIllegalArgumentException() {
this.authentication = new TestingAuthenticationToken("a", "b", "ROLE_USER");
assertThatIllegalArgumentException().isThrownBy(() -> this.repository
.saveAuthorizedClient(this.authorizedClient, this.authentication, this.exchange).block());
}
@Test
public void saveAuthorizedClientWhenServerWebExchangeNotNullThenIllegalArgumentException() {
this.exchange = MockServerWebExchange.from(MockServerHttpRequest.get("/").build());
assertThatIllegalArgumentException().isThrownBy(() -> this.repository
.saveAuthorizedClient(this.authorizedClient, this.authentication, this.exchange).block());
}
// removeAuthorizedClient
@Test
public void removeAuthorizedClientWhenClientRegistrationIdNullThenIllegalArgumentException() {
this.clientRegistrationId = null;
assertThatIllegalArgumentException().isThrownBy(() -> this.repository
.removeAuthorizedClient(this.clientRegistrationId, this.authentication, this.exchange).block());
}
@Test
public void removeAuthorizedClientWhenAuthenticationNotNullThenIllegalArgumentException() {
this.authentication = new TestingAuthenticationToken("a", "b", "ROLE_USER");
assertThatIllegalArgumentException().isThrownBy(() -> this.repository
.removeAuthorizedClient(this.clientRegistrationId, this.authentication, this.exchange).block());
}
@Test
public void removeAuthorizedClientWhenServerWebExchangeNotNullThenIllegalArgumentException() {
this.exchange = MockServerWebExchange.from(MockServerHttpRequest.get("/").build());
assertThatIllegalArgumentException().isThrownBy(() -> this.repository
.removeAuthorizedClient(this.clientRegistrationId, this.authentication, this.exchange).block());
}
@Test
public void removeAuthorizedClientWhenFoundThenFound() {
this.repository.saveAuthorizedClient(this.authorizedClient, this.authentication, this.exchange).block();
this.repository.removeAuthorizedClient(this.clientRegistrationId, this.authentication, this.exchange).block();
assertThat(this.repository.loadAuthorizedClient(this.clientRegistrationId, this.authentication, this.exchange)
.block()).isNull();
}
}