From 766c4434d4ba2c3e68b48aa67ac70a9de9f80c5b Mon Sep 17 00:00:00 2001
From: Andreas Falk <andreas.falk@novatec-gmbh.de>
Date: Sun, 18 Aug 2019 16:53:42 +0200
Subject: [PATCH] Improve test coverage of JwtGrantedAuthoritiesConverter

Some negative test cases were missing. Added these to have
full test coverage for JwtGrantedAuthoritiesConverter.
---
 .../JwtGrantedAuthoritiesConverterTests.java  | 37 +++++++++++++++++++
 1 file changed, 37 insertions(+)

diff --git a/oauth2/oauth2-resource-server/src/test/java/org/springframework/security/oauth2/server/resource/authentication/JwtGrantedAuthoritiesConverterTests.java b/oauth2/oauth2-resource-server/src/test/java/org/springframework/security/oauth2/server/resource/authentication/JwtGrantedAuthoritiesConverterTests.java
index 643049f1cb..8c4333d906 100644
--- a/oauth2/oauth2-resource-server/src/test/java/org/springframework/security/oauth2/server/resource/authentication/JwtGrantedAuthoritiesConverterTests.java
+++ b/oauth2/oauth2-resource-server/src/test/java/org/springframework/security/oauth2/server/resource/authentication/JwtGrantedAuthoritiesConverterTests.java
@@ -139,6 +139,43 @@ public class JwtGrantedAuthoritiesConverterTests {
 		assertThat(authorities).isEmpty();
 	}
 
+	@Test
+	public void convertWhenTokenHasEmptyScopeAndEmptyScpAttributeThenTranslatesToNoAuthorities() {
+		Map<String, Object> claims = new HashMap<>();
+		claims.put("scp", Collections.emptyList());
+		claims.put("scope", Collections.emptyList());
+		Jwt jwt = this.jwt(claims);
+
+		JwtGrantedAuthoritiesConverter jwtGrantedAuthoritiesConverter = new JwtGrantedAuthoritiesConverter();
+		Collection<GrantedAuthority> authorities = jwtGrantedAuthoritiesConverter.convert(jwt);
+
+		assertThat(authorities).isEmpty();
+	}
+
+	@Test
+	public void convertWhenTokenHasNoScopeAndNoScpAttributeThenTranslatesToNoAuthorities() {
+		Map<String, Object> claims = new HashMap<>();
+		claims.put("roles", Arrays.asList("message:read", "message:write"));
+		Jwt jwt = this.jwt(claims);
+
+		JwtGrantedAuthoritiesConverter jwtGrantedAuthoritiesConverter = new JwtGrantedAuthoritiesConverter();
+		Collection<GrantedAuthority> authorities = jwtGrantedAuthoritiesConverter.convert(jwt);
+
+		assertThat(authorities).isEmpty();
+	}
+
+	@Test
+	public void convertWhenTokenHasUnsupportedTypeForScopeThenTranslatesToNoAuthorities() {
+		Map<String, Object> claims = new HashMap<>();
+		claims.put("scope", new String[] {"message:read", "message:write"});
+		Jwt jwt = this.jwt(claims);
+
+		JwtGrantedAuthoritiesConverter jwtGrantedAuthoritiesConverter = new JwtGrantedAuthoritiesConverter();
+		Collection<GrantedAuthority> authorities = jwtGrantedAuthoritiesConverter.convert(jwt);
+
+		assertThat(authorities).isEmpty();
+	}
+
 	@Test
 	public void convertWhenTokenHasCustomClaimNameThenCustomClaimNameAttributeIsTranslatedToAuthorities() {
 		Map<String, Object> claims = new HashMap<>();