From fbdecdafb88140d3adce63bf3b3f2e6bb091c222 Mon Sep 17 00:00:00 2001 From: Josh Cummings Date: Mon, 13 Jan 2020 16:16:13 -0700 Subject: [PATCH] Add Mapping to Invalid Bearer Token Fixes gh-7793 --- .../DefaultAuthenticationEventPublisher.java | 5 +- ...icationEventPublisherBearerTokenTests.java | 52 +++++++++++++++++++ 2 files changed, 56 insertions(+), 1 deletion(-) create mode 100644 oauth2/oauth2-resource-server/src/test/java/org/springframework/security/oauth2/server/resource/DefaultAuthenticationEventPublisherBearerTokenTests.java diff --git a/core/src/main/java/org/springframework/security/authentication/DefaultAuthenticationEventPublisher.java b/core/src/main/java/org/springframework/security/authentication/DefaultAuthenticationEventPublisher.java index 2d0015fc55..21b2a291f0 100644 --- a/core/src/main/java/org/springframework/security/authentication/DefaultAuthenticationEventPublisher.java +++ b/core/src/main/java/org/springframework/security/authentication/DefaultAuthenticationEventPublisher.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2016 the original author or authors. + * Copyright 2002-2020 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -92,6 +92,9 @@ public class DefaultAuthenticationEventPublisher implements AuthenticationEventP addMapping( "org.springframework.security.authentication.cas.ProxyUntrustedException", AuthenticationFailureProxyUntrustedEvent.class); + addMapping( + "org.springframework.security.oauth2.server.resource.InvalidBearerTokenException", + AuthenticationFailureBadCredentialsEvent.class); } public void publishAuthenticationSuccess(Authentication authentication) { diff --git a/oauth2/oauth2-resource-server/src/test/java/org/springframework/security/oauth2/server/resource/DefaultAuthenticationEventPublisherBearerTokenTests.java b/oauth2/oauth2-resource-server/src/test/java/org/springframework/security/oauth2/server/resource/DefaultAuthenticationEventPublisherBearerTokenTests.java new file mode 100644 index 0000000000..d87c0d8acf --- /dev/null +++ b/oauth2/oauth2-resource-server/src/test/java/org/springframework/security/oauth2/server/resource/DefaultAuthenticationEventPublisherBearerTokenTests.java @@ -0,0 +1,52 @@ +/* + * Copyright 2002-2020 the original author or authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.springframework.security.oauth2.server.resource; + +import org.junit.Test; + +import org.springframework.context.ApplicationEventPublisher; +import org.springframework.security.authentication.DefaultAuthenticationEventPublisher; +import org.springframework.security.authentication.event.AuthenticationFailureBadCredentialsEvent; +import org.springframework.security.core.Authentication; +import org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationToken; + +import static org.mockito.ArgumentMatchers.isA; +import static org.mockito.Mockito.mock; +import static org.mockito.Mockito.times; +import static org.mockito.Mockito.verify; +import static org.springframework.security.oauth2.jwt.TestJwts.jwt; + +/** + * Tests for {@link DefaultAuthenticationEventPublisher}'s bearer token use cases + * + * {@see DefaultAuthenticationEventPublisher} + */ +public class DefaultAuthenticationEventPublisherBearerTokenTests { + DefaultAuthenticationEventPublisher publisher; + + @Test + public void publishAuthenticationFailureWhenInvalidBearerTokenExceptionThenMaps() { + ApplicationEventPublisher appPublisher = mock(ApplicationEventPublisher.class); + Authentication authentication = new JwtAuthenticationToken(jwt().build()); + Exception cause = new Exception(); + this.publisher = new DefaultAuthenticationEventPublisher(appPublisher); + this.publisher.publishAuthenticationFailure(new InvalidBearerTokenException("invalid"), authentication); + this.publisher.publishAuthenticationFailure(new InvalidBearerTokenException("invalid", cause), authentication); + verify(appPublisher, times(2)).publishEvent( + isA(AuthenticationFailureBadCredentialsEvent.class)); + } +}