Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Polish OAuth2ResourceServerConfigurerTests 

To confirm that resource server only produces SCOPE_<scope>
authorities by default.

Issue gh-7596
This commit is contained in:
Josh Cummings 2019-11-04 11:38:22 -07:00
parent 2d9e4d6c0b
commit 925bf48ec0
No known key found for this signature in database
GPG Key ID: 49EF60DD7FF83443
1 changed files with 7 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/server/resource/OAuth2ResourceServerConfigurerTests.java
View File

@ -76,7 +76,6 @@ import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.config.test.SpringTestRule;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.annotation.AuthenticationPrincipal;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.oauth2.core.DefaultOAuth2AuthenticatedPrincipal;
@ -383,7 +382,7 @@ public class OAuth2ResourceServerConfigurerTests {
this.mvc.perform(get("/requires-read-scope")
.with(bearerToken(token)))
.andExpect(status().isOk())
.andExpect(content().string("SCOPE_message:read"));
.andExpect(content().string("[SCOPE_message:read]"));
}
@Test
@ -469,7 +468,7 @@ public class OAuth2ResourceServerConfigurerTests {
this.mvc.perform(get("/ms-requires-read-scope")
.with(bearerToken(token)))
.andExpect(status().isOk())
.andExpect(content().string("SCOPE_message:read"));
.andExpect(content().string("[SCOPE_message:read]"));
}
@Test
@ -483,7 +482,7 @@ public class OAuth2ResourceServerConfigurerTests {
this.mvc.perform(get("/ms-requires-read-scope")
.with(bearerToken(token)))
.andExpect(status().isOk())
.andExpect(content().string("SCOPE_message:read"));
.andExpect(content().string("[SCOPE_message:read]"));
}
@Test
@ -2107,21 +2106,20 @@ public class OAuth2ResourceServerConfigurerTests {
}
@RequestMapping(value = "/authenticated", method = { GET, POST })
public String authenticated(@AuthenticationPrincipal Authentication authentication) {
public String authenticated(Authentication authentication) {
return authentication.getName();
}
@GetMapping("/requires-read-scope")
public String requiresReadScope(@AuthenticationPrincipal JwtAuthenticationToken token) {
public String requiresReadScope(JwtAuthenticationToken token) {
return token.getAuthorities().stream()
.map(GrantedAuthority::getAuthority)
.filter(auth -> auth.endsWith("message:read"))
.findFirst().orElse(null);
.collect(Collectors.toList()).toString();
}
@GetMapping("/ms-requires-read-scope")
@PreAuthorize("hasAuthority('SCOPE_message:read')")
public String msRequiresReadScope(@AuthenticationPrincipal JwtAuthenticationToken token) {
public String msRequiresReadScope(JwtAuthenticationToken token) {
return requiresReadScope(token);
}