Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-05-31 09:12:14 +00:00
Code Issues Packages Projects Releases Wiki Activity

oidcLogin MockMvc Documentation

Browse Source 
Remove documentation requiring a valid ClientRegistrationRepository

Issue: gh-7618
This commit is contained in:
Josh Cummings 2019-12-02 22:29:20 -07:00
parent 8c32d5fe48
commit d102cae243
No known key found for this signature in database
GPG Key ID: 49EF60DD7FF83443
3 changed files with 22 additions and 43 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

47
samples/boot/oauth2login/src/test/java/sample/web/OAuth2LoginControllerTests.java
View File

@ -23,12 +23,11 @@ import org.junit.runner.RunWith;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.test.autoconfigure.web.servlet.WebMvcTest; import org.springframework.boot.test.autoconfigure.web.servlet.WebMvcTest;
import org.springframework.boot.test.context.TestConfiguration;
import org.springframework.boot.test.mock.mockito.MockBean;
import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Import;
import org.springframework.security.oauth2.client.registration.ClientRegistration; import org.springframework.security.oauth2.client.registration.ClientRegistration;
import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository; import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository;
import org.springframework.security.oauth2.client.registration.InMemoryClientRegistrationRepository;
import org.springframework.security.oauth2.client.web.HttpSessionOAuth2AuthorizedClientRepository; import org.springframework.security.oauth2.client.web.HttpSessionOAuth2AuthorizedClientRepository;
import org.springframework.security.oauth2.client.web.OAuth2AuthorizedClientRepository; import org.springframework.security.oauth2.client.web.OAuth2AuthorizedClientRepository;
import org.springframework.security.oauth2.core.AuthorizationGrantType; import org.springframework.security.oauth2.core.AuthorizationGrantType;
@ -46,20 +45,23 @@ import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.
* @author Josh Cummings * @author Josh Cummings
*/ */
@RunWith(SpringRunner.class) @RunWith(SpringRunner.class)
@WebMvcTest @WebMvcTest(OAuth2LoginController.class)
@Import({OAuth2LoginController.class, OAuth2LoginControllerTests.OAuth2ClientConfig.class})
public class OAuth2LoginControllerTests { public class OAuth2LoginControllerTests {
static ClientRegistration clientRegistration = ClientRegistration.withRegistrationId("test")
.authorizationGrantType(AuthorizationGrantType.PASSWORD)
.clientId("my-client-id")
.clientName("my-client-name")
.tokenUri("https://token-uri.example.org")
.build();
@Autowired @Autowired
MockMvc mvc; MockMvc mvc;
@MockBean
ClientRegistrationRepository clientRegistrationRepository;
@TestConfiguration
static class AuthorizedClient {
@Bean
public OAuth2AuthorizedClientRepository authorizedClientRepository() {
return new HttpSessionOAuth2AuthorizedClientRepository();
}
}
@Test @Test
public void rootWhenAuthenticatedReturnsUserAndClient() throws Exception { public void rootWhenAuthenticatedReturnsUserAndClient() throws Exception {
this.mvc.perform(get("/").with(oidcLogin())) this.mvc.perform(get("/").with(oidcLogin()))
@ -70,6 +72,13 @@ public class OAuth2LoginControllerTests {
@Test @Test
public void rootWhenOverridingClientRegistrationReturnsAccordingly() throws Exception { public void rootWhenOverridingClientRegistrationReturnsAccordingly() throws Exception {
ClientRegistration clientRegistration = ClientRegistration.withRegistrationId("test")
.authorizationGrantType(AuthorizationGrantType.PASSWORD)
.clientId("my-client-id")
.clientName("my-client-name")
.tokenUri("https://token-uri.example.org")
.build();
this.mvc.perform(get("/").with(oidcLogin() this.mvc.perform(get("/").with(oidcLogin()
.clientRegistration(clientRegistration) .clientRegistration(clientRegistration)
.idToken(i -> i.subject("spring-security")))) .idToken(i -> i.subject("spring-security"))))
@ -77,18 +86,4 @@ public class OAuth2LoginControllerTests {
.andExpect(model().attribute("clientName", "my-client-name")) .andExpect(model().attribute("clientName", "my-client-name"))
.andExpect(model().attribute("userAttributes", Collections.singletonMap(SUB, "spring-security"))); .andExpect(model().attribute("userAttributes", Collections.singletonMap(SUB, "spring-security")));
} }
@Configuration
static class OAuth2ClientConfig {
@Bean
ClientRegistrationRepository clientRegistrationRepository() {
return new InMemoryClientRegistrationRepository(clientRegistration);
}
@Bean
OAuth2AuthorizedClientRepository authorizedClientRepository() {
return new HttpSessionOAuth2AuthorizedClientRepository();
}
}
} }

4
test/src/main/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessors.java
View File

@ -1161,10 +1161,6 @@ public final class SecurityMockMvcRequestPostProcessors {
* annotations should register an {@link HttpSessionOAuth2AuthorizedClientRepository} bean * annotations should register an {@link HttpSessionOAuth2AuthorizedClientRepository} bean
* to the application context. * to the application context.
* *
* The client registration must be a valid {@link ClientRegistration} from the
* {@link org.springframework.security.oauth2.client.registration.ClientRegistrationRepository}
* in the application context.
*
* @param clientRegistration the {@link ClientRegistration} to use * @param clientRegistration the {@link ClientRegistration} to use
* @return the {@link OidcLoginRequestPostProcessor} for further configuration * @return the {@link OidcLoginRequestPostProcessor} for further configuration
*/ */

14
test/src/test/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessorsOidcLoginTests.java
View File

@ -34,11 +34,9 @@ import org.springframework.security.core.annotation.AuthenticationPrincipal;
import org.springframework.security.core.authority.SimpleGrantedAuthority; import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.oauth2.client.OAuth2AuthorizedClient; import org.springframework.security.oauth2.client.OAuth2AuthorizedClient;
import org.springframework.security.oauth2.client.annotation.RegisteredOAuth2AuthorizedClient; import org.springframework.security.oauth2.client.annotation.RegisteredOAuth2AuthorizedClient;
import org.springframework.security.oauth2.client.registration.ClientRegistration;
import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository; import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository;
import org.springframework.security.oauth2.client.web.HttpSessionOAuth2AuthorizedClientRepository; import org.springframework.security.oauth2.client.web.HttpSessionOAuth2AuthorizedClientRepository;
import org.springframework.security.oauth2.client.web.OAuth2AuthorizedClientRepository; import org.springframework.security.oauth2.client.web.OAuth2AuthorizedClientRepository;
import org.springframework.security.oauth2.core.AuthorizationGrantType;
import org.springframework.security.oauth2.core.oidc.user.OidcUser; import org.springframework.security.oauth2.core.oidc.user.OidcUser;
import org.springframework.security.test.context.TestSecurityContextHolder; import org.springframework.security.test.context.TestSecurityContextHolder;
import org.springframework.test.context.ContextConfiguration; import org.springframework.test.context.ContextConfiguration;
@ -52,9 +50,7 @@ import org.springframework.web.bind.annotation.RestController;
import org.springframework.web.context.WebApplicationContext; import org.springframework.web.context.WebApplicationContext;
import org.springframework.web.servlet.config.annotation.EnableWebMvc; import org.springframework.web.servlet.config.annotation.EnableWebMvc;
import static org.mockito.ArgumentMatchers.anyString;
import static org.mockito.Mockito.mock; import static org.mockito.Mockito.mock;
import static org.powermock.api.mockito.PowerMockito.when;
import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.oidcLogin; import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.oidcLogin;
import static org.springframework.security.test.web.servlet.setup.SecurityMockMvcConfigurers.springSecurity; import static org.springframework.security.test.web.servlet.setup.SecurityMockMvcConfigurers.springSecurity;
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get; import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
@ -105,15 +101,7 @@ public class SecurityMockMvcRequestPostProcessorsOidcLoginTests {
public void oidcLoginWhenUsingDefaultsThenProducesDefaultAuthorizedClient() public void oidcLoginWhenUsingDefaultsThenProducesDefaultAuthorizedClient()
throws Exception { throws Exception {
ClientRegistration clientRegistration = ClientRegistration.withRegistrationId("test") this.mvc.perform(get("/access-token").with(oidcLogin()))
.authorizationGrantType(AuthorizationGrantType.PASSWORD)
.clientId("test-client")
.tokenUri("https://token-uri.example.org")
.build();
ClientRegistrationRepository repository = this.context.getBean(ClientRegistrationRepository.class);
when(repository.findByRegistrationId(anyString())).thenReturn(clientRegistration);
this.mvc.perform(get("/access-token").with(oidcLogin().clientRegistration(clientRegistration)))
.andExpect(content().string("access-token")); .andExpect(content().string("access-token"));
} }