Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-05-31 09:12:14 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add missing calls to principalName

Browse Source 
Issue gh-8054
This commit is contained in:
Josh Cummings 2020-03-03 17:11:42 -07:00
parent 3766322f03
commit 85b0e468ad
No known key found for this signature in database
GPG Key ID: 49EF60DD7FF83443
5 changed files with 104 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
test/src/main/java/org/springframework/security/test/web/reactive/server/SecurityMockServerConfigurers.java
View File

@ -785,16 +785,18 @@ public class SecurityMockServerConfigurers {
.clientRegistration(this.clientRegistration) .clientRegistration(this.clientRegistration)
.principalName(token.getPrincipal().getName()) .principalName(token.getPrincipal().getName())
.beforeServerCreated(builder); .beforeServerCreated(builder);
mockAuthentication(getToken()).beforeServerCreated(builder); mockAuthentication(token).beforeServerCreated(builder);
} }
@Override @Override
public void afterConfigureAdded(WebTestClient.MockServerSpec<?> serverSpec) { public void afterConfigureAdded(WebTestClient.MockServerSpec<?> serverSpec) {
OAuth2AuthenticationToken token = getToken();
mockOAuth2Client() mockOAuth2Client()
.accessToken(this.accessToken) .accessToken(this.accessToken)
.clientRegistration(this.clientRegistration) .clientRegistration(this.clientRegistration)
.principalName(token.getPrincipal().getName())
.afterConfigureAdded(serverSpec); .afterConfigureAdded(serverSpec);
mockAuthentication(getToken()).afterConfigureAdded(serverSpec); mockAuthentication(token).afterConfigureAdded(serverSpec);
} }
@Override @Override
@ -806,6 +808,7 @@ public class SecurityMockServerConfigurers {
mockOAuth2Client() mockOAuth2Client()
.accessToken(this.accessToken) .accessToken(this.accessToken)
.clientRegistration(this.clientRegistration) .clientRegistration(this.clientRegistration)
.principalName(token.getPrincipal().getName())
.afterConfigurerAdded(builder, httpHandlerBuilder, connector); .afterConfigurerAdded(builder, httpHandlerBuilder, connector);
mockAuthentication(token).afterConfigurerAdded(builder, httpHandlerBuilder, connector); mockAuthentication(token).afterConfigurerAdded(builder, httpHandlerBuilder, connector);
} }
@ -953,18 +956,21 @@ public class SecurityMockServerConfigurers {
OAuth2AuthenticationToken token = getToken(); OAuth2AuthenticationToken token = getToken();
mockOAuth2Client() mockOAuth2Client()
.accessToken(this.accessToken) .accessToken(this.accessToken)
.principalName(token.getPrincipal().getName())
.clientRegistration(this.clientRegistration) .clientRegistration(this.clientRegistration)
.beforeServerCreated(builder); .beforeServerCreated(builder);
mockAuthentication(getToken()).beforeServerCreated(builder); mockAuthentication(token).beforeServerCreated(builder);
} }
@Override @Override
public void afterConfigureAdded(WebTestClient.MockServerSpec<?> serverSpec) { public void afterConfigureAdded(WebTestClient.MockServerSpec<?> serverSpec) {
OAuth2AuthenticationToken token = getToken();
mockOAuth2Client() mockOAuth2Client()
.accessToken(this.accessToken) .accessToken(this.accessToken)
.principalName(token.getPrincipal().getName())
.clientRegistration(this.clientRegistration) .clientRegistration(this.clientRegistration)
.afterConfigureAdded(serverSpec); .afterConfigureAdded(serverSpec);
mockAuthentication(getToken()).afterConfigureAdded(serverSpec); mockAuthentication(token).afterConfigureAdded(serverSpec);
} }
@Override @Override
@ -975,6 +981,7 @@ public class SecurityMockServerConfigurers {
OAuth2AuthenticationToken token = getToken(); OAuth2AuthenticationToken token = getToken();
mockOAuth2Client() mockOAuth2Client()
.accessToken(this.accessToken) .accessToken(this.accessToken)
.principalName(token.getPrincipal().getName())
.clientRegistration(this.clientRegistration) .clientRegistration(this.clientRegistration)
.afterConfigurerAdded(builder, httpHandlerBuilder, connector); .afterConfigurerAdded(builder, httpHandlerBuilder, connector);
mockAuthentication(token).afterConfigurerAdded(builder, httpHandlerBuilder, connector); mockAuthentication(token).afterConfigurerAdded(builder, httpHandlerBuilder, connector);

28
test/src/test/java/org/springframework/security/test/web/reactive/server/SecurityMockServerConfigurersOAuth2LoginTests.java
View File

@ -131,6 +131,34 @@ public class SecurityMockServerConfigurersOAuth2LoginTests extends AbstractMockS
.containsEntry("iss", "https://idp.example.org"); .containsEntry("iss", "https://idp.example.org");
} }
@Test
public void oauth2LoginWhenNameSpecifiedThenUserHasName() throws Exception {
OAuth2User oauth2User = new DefaultOAuth2User(
AuthorityUtils.commaSeparatedStringToAuthorityList("SCOPE_read"),
Collections.singletonMap("custom-attribute", "test-subject"),
"custom-attribute");
this.client.mutateWith(mockOAuth2Login()
.oauth2User(oauth2User))
.get().uri("/token")
.exchange()
.expectStatus().isOk();
OAuth2AuthenticationToken token = this.controller.token;
assertThat(token.getPrincipal().getName())
.isEqualTo("test-subject");
this.client.mutateWith(mockOAuth2Login()
.oauth2User(oauth2User))
.get().uri("/client")
.exchange()
.expectStatus().isOk();
OAuth2AuthorizedClient client = this.controller.authorizedClient;
assertThat(client.getPrincipalName())
.isEqualTo("test-subject");
}
@Test @Test
public void oauth2LoginWhenOAuth2UserSpecifiedThenLastCalledTakesPrecedence() throws Exception { public void oauth2LoginWhenOAuth2UserSpecifiedThenLastCalledTakesPrecedence() throws Exception {
OAuth2User oauth2User = new DefaultOAuth2User( OAuth2User oauth2User = new DefaultOAuth2User(

30
test/src/test/java/org/springframework/security/test/web/reactive/server/SecurityMockServerConfigurersOidcLoginTests.java
View File

@ -36,6 +36,7 @@ import org.springframework.security.oauth2.client.registration.ReactiveClientReg
import org.springframework.security.oauth2.client.web.reactive.result.method.annotation.OAuth2AuthorizedClientArgumentResolver; import org.springframework.security.oauth2.client.web.reactive.result.method.annotation.OAuth2AuthorizedClientArgumentResolver;
import org.springframework.security.oauth2.client.web.server.ServerOAuth2AuthorizedClientRepository; import org.springframework.security.oauth2.client.web.server.ServerOAuth2AuthorizedClientRepository;
import org.springframework.security.oauth2.client.web.server.WebSessionServerOAuth2AuthorizedClientRepository; import org.springframework.security.oauth2.client.web.server.WebSessionServerOAuth2AuthorizedClientRepository;
import org.springframework.security.oauth2.core.oidc.OidcIdToken;
import org.springframework.security.oauth2.core.oidc.user.DefaultOidcUser; import org.springframework.security.oauth2.core.oidc.user.DefaultOidcUser;
import org.springframework.security.oauth2.core.oidc.user.OidcUser; import org.springframework.security.oauth2.core.oidc.user.OidcUser;
import org.springframework.security.web.server.context.SecurityContextServerWebExchangeWebFilter; import org.springframework.security.web.server.context.SecurityContextServerWebExchangeWebFilter;
@ -45,6 +46,7 @@ import org.springframework.web.bind.annotation.RestController;
import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.assertThat;
import static org.springframework.security.oauth2.core.oidc.TestOidcIdTokens.idToken; import static org.springframework.security.oauth2.core.oidc.TestOidcIdTokens.idToken;
import static org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.mockOAuth2Login;
import static org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.mockOidcLogin; import static org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.mockOidcLogin;
import static org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.springSecurity; import static org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.springSecurity;
@ -146,6 +148,34 @@ public class SecurityMockServerConfigurersOidcLoginTests extends AbstractMockSer
.containsEntry("email", "email@email"); .containsEntry("email", "email@email");
} }
@Test
public void oidcUserWhenNameSpecifiedThenUserHasName() throws Exception {
OidcUser oidcUser = new DefaultOidcUser(
AuthorityUtils.commaSeparatedStringToAuthorityList("SCOPE_read"),
OidcIdToken.withTokenValue("id-token").claim("custom-attribute", "test-subject").build(),
"custom-attribute");
this.client.mutateWith(mockOAuth2Login()
.oauth2User(oidcUser))
.get().uri("/token")
.exchange()
.expectStatus().isOk();
OAuth2AuthenticationToken token = this.controller.token;
assertThat(token.getPrincipal().getName())
.isEqualTo("test-subject");
this.client.mutateWith(mockOAuth2Login()
.oauth2User(oidcUser))
.get().uri("/client")
.exchange()
.expectStatus().isOk();
OAuth2AuthorizedClient client = this.controller.authorizedClient;
assertThat(client.getPrincipalName())
.isEqualTo("test-subject");
}
// gh-7794 // gh-7794
@Test @Test
public void oidcLoginWhenOidcUserSpecifiedThenLastCalledTakesPrecedence() throws Exception { public void oidcLoginWhenOidcUserSpecifiedThenLastCalledTakesPrecedence() throws Exception {

9
test/src/test/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessorsOAuth2LoginTests.java
View File

@ -130,6 +130,10 @@ public class SecurityMockMvcRequestPostProcessorsOAuth2LoginTests {
this.mvc.perform(get("/name") this.mvc.perform(get("/name")
.with(oauth2Login().oauth2User(oauth2User))) .with(oauth2Login().oauth2User(oauth2User)))
.andExpect(content().string("test-subject")); .andExpect(content().string("test-subject"));
this.mvc.perform(get("/client-name")
.with(oauth2Login().oauth2User(oauth2User)))
.andExpect(content().string("test-subject"));
} }
@Test @Test
@ -193,6 +197,11 @@ public class SecurityMockMvcRequestPostProcessorsOAuth2LoginTests {
return authorizedClient.getClientRegistration().getClientId(); return authorizedClient.getClientRegistration().getClientId();
} }
@GetMapping("/client-name")
String clientName(@RegisteredOAuth2AuthorizedClient OAuth2AuthorizedClient authorizedClient) {
return authorizedClient.getPrincipalName();
}
@GetMapping("/attributes/{attribute}") @GetMapping("/attributes/{attribute}")
String attributes( String attributes(
@AuthenticationPrincipal OAuth2User oauth2User, @PathVariable("attribute") String attribute) { @AuthenticationPrincipal OAuth2User oauth2User, @PathVariable("attribute") String attribute) {

26
test/src/test/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessorsOidcLoginTests.java
View File

@ -38,6 +38,7 @@ import org.springframework.security.oauth2.client.annotation.RegisteredOAuth2Aut
import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository; import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository;
import org.springframework.security.oauth2.client.web.HttpSessionOAuth2AuthorizedClientRepository; import org.springframework.security.oauth2.client.web.HttpSessionOAuth2AuthorizedClientRepository;
import org.springframework.security.oauth2.client.web.OAuth2AuthorizedClientRepository; import org.springframework.security.oauth2.client.web.OAuth2AuthorizedClientRepository;
import org.springframework.security.oauth2.core.oidc.OidcIdToken;
import org.springframework.security.oauth2.core.oidc.user.DefaultOidcUser; import org.springframework.security.oauth2.core.oidc.user.DefaultOidcUser;
import org.springframework.security.oauth2.core.oidc.user.OidcUser; import org.springframework.security.oauth2.core.oidc.user.OidcUser;
import org.springframework.security.test.context.TestSecurityContextHolder; import org.springframework.security.test.context.TestSecurityContextHolder;
@ -129,6 +130,26 @@ public class SecurityMockMvcRequestPostProcessorsOidcLoginTests {
.andExpect(content().string("email@email")); .andExpect(content().string("email@email"));
} }
@Test
public void oidcLoginWhenNameSpecifiedThenUserHasName() throws Exception {
OidcUser oidcUser = new DefaultOidcUser(
AuthorityUtils.commaSeparatedStringToAuthorityList("SCOPE_read"),
OidcIdToken.withTokenValue("id-token").claim("custom-attribute", "test-subject").build(),
"custom-attribute");
this.mvc.perform(get("/id-token/custom-attribute")
.with(oidcLogin().oidcUser(oidcUser)))
.andExpect(content().string("test-subject"));
this.mvc.perform(get("/name")
.with(oidcLogin().oidcUser(oidcUser)))
.andExpect(content().string("test-subject"));
this.mvc.perform(get("/client-name")
.with(oidcLogin().oidcUser(oidcUser)))
.andExpect(content().string("test-subject"));
}
// gh-7794 // gh-7794
@Test @Test
public void oidcLoginWhenOidcUserSpecifiedThenLastCalledTakesPrecedence() throws Exception { public void oidcLoginWhenOidcUserSpecifiedThenLastCalledTakesPrecedence() throws Exception {
@ -179,6 +200,11 @@ public class SecurityMockMvcRequestPostProcessorsOidcLoginTests {
return oidcUser.getName(); return oidcUser.getName();
} }
@GetMapping("/client-name")
String clientName(@RegisteredOAuth2AuthorizedClient OAuth2AuthorizedClient authorizedClient) {
return authorizedClient.getPrincipalName();
}
@GetMapping("/access-token") @GetMapping("/access-token")
String authorizedClient(@RegisteredOAuth2AuthorizedClient OAuth2AuthorizedClient authorizedClient) { String authorizedClient(@RegisteredOAuth2AuthorizedClient OAuth2AuthorizedClient authorizedClient) {
return authorizedClient.getAccessToken().getTokenValue(); return authorizedClient.getAccessToken().getTokenValue();