oauth2 live test
This commit is contained in:
parent
2b378747f7
commit
f8258e9221
|
@ -0,0 +1,16 @@
|
|||
package org.baeldung.config;
|
||||
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.security.access.expression.method.MethodSecurityExpressionHandler;
|
||||
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
|
||||
import org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration;
|
||||
import org.springframework.security.oauth2.provider.expression.OAuth2MethodSecurityExpressionHandler;
|
||||
|
||||
@Configuration
|
||||
@EnableGlobalMethodSecurity(prePostEnabled = true)
|
||||
public class MethodSecurityConfig extends GlobalMethodSecurityConfiguration {
|
||||
@Override
|
||||
protected MethodSecurityExpressionHandler createExpressionHandler() {
|
||||
return new OAuth2MethodSecurityExpressionHandler();
|
||||
}
|
||||
}
|
|
@ -9,7 +9,6 @@ import org.springframework.context.annotation.PropertySource;
|
|||
import org.springframework.core.env.Environment;
|
||||
import org.springframework.http.HttpMethod;
|
||||
import org.springframework.jdbc.datasource.DriverManagerDataSource;
|
||||
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
import org.springframework.security.config.http.SessionCreationPolicy;
|
||||
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
|
||||
|
@ -20,7 +19,6 @@ import org.springframework.security.oauth2.provider.token.store.JdbcTokenStore;
|
|||
@Configuration
|
||||
@PropertySource({ "classpath:persistence.properties" })
|
||||
@EnableResourceServer
|
||||
@EnableGlobalMethodSecurity(prePostEnabled = true)
|
||||
public class OAuth2ResourceServerConfig extends ResourceServerConfigurerAdapter {
|
||||
@Autowired
|
||||
private Environment env;
|
||||
|
|
|
@ -21,7 +21,7 @@ public class BarController {
|
|||
}
|
||||
|
||||
// API - read
|
||||
// @PreAuthorize("#oauth2.hasScope('read')")
|
||||
// @PreAuthorize("#oauth2.hasScope('read') and hasRole('ROLE_ADMIN')")
|
||||
@RequestMapping(method = RequestMethod.GET, value = "/bars/{id}")
|
||||
@ResponseBody
|
||||
public Bar findById(@PathVariable final long id) {
|
||||
|
@ -29,7 +29,7 @@ public class BarController {
|
|||
}
|
||||
|
||||
// API - write
|
||||
// @PreAuthorize("#oauth2.hasScope('write')")
|
||||
// @PreAuthorize("#oauth2.hasScope('write') and hasRole('ROLE_ADMIN')")
|
||||
@RequestMapping(method = RequestMethod.POST, value = "/bars")
|
||||
@ResponseStatus(HttpStatus.CREATED)
|
||||
@ResponseBody
|
||||
|
|
|
@ -55,7 +55,7 @@ public class OAuth2AuthorizationServerConfig extends AuthorizationServerConfigur
|
|||
.withClient("clientIdPassword")
|
||||
.secret("secret")
|
||||
.authorizedGrantTypes("password","authorization_code", "refresh_token")
|
||||
.scopes("read");
|
||||
.scopes("read","write");
|
||||
|
||||
// @formatter:on
|
||||
}
|
||||
|
|
|
@ -22,8 +22,48 @@
|
|||
<groupId>org.springframework.boot</groupId>
|
||||
<artifactId>spring-boot-starter-thymeleaf</artifactId>
|
||||
</dependency>
|
||||
|
||||
|
||||
<!-- test -->
|
||||
|
||||
<dependency>
|
||||
<groupId>org.springframework</groupId>
|
||||
<artifactId>spring-test</artifactId>
|
||||
<scope>test</scope>
|
||||
</dependency>
|
||||
|
||||
<dependency>
|
||||
<groupId>junit</groupId>
|
||||
<artifactId>junit</artifactId>
|
||||
<scope>test</scope>
|
||||
</dependency>
|
||||
|
||||
<dependency>
|
||||
<groupId>org.hamcrest</groupId>
|
||||
<artifactId>hamcrest-core</artifactId>
|
||||
<scope>test</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.hamcrest</groupId>
|
||||
<artifactId>hamcrest-library</artifactId>
|
||||
<scope>test</scope>
|
||||
</dependency>
|
||||
|
||||
<dependency>
|
||||
<groupId>com.jayway.restassured</groupId>
|
||||
<artifactId>rest-assured</artifactId>
|
||||
<version>${rest-assured.version}</version>
|
||||
<scope>test</scope>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<artifactId>commons-logging</artifactId>
|
||||
<groupId>commons-logging</groupId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
</dependencies>
|
||||
|
||||
|
||||
<build>
|
||||
<finalName>spring-security-oauth-ui-password</finalName>
|
||||
<resources>
|
||||
|
|
|
@ -0,0 +1,57 @@
|
|||
package org.baeldung.live;
|
||||
|
||||
import static org.junit.Assert.assertEquals;
|
||||
import static org.junit.Assert.assertNotNull;
|
||||
|
||||
import java.util.HashMap;
|
||||
import java.util.Map;
|
||||
|
||||
import org.junit.Test;
|
||||
|
||||
import com.jayway.restassured.RestAssured;
|
||||
import com.jayway.restassured.response.Response;
|
||||
|
||||
public class AuthorizationLiveTest {
|
||||
|
||||
private String obtainAccessToken(String username, String password) {
|
||||
final Map<String, String> params = new HashMap<String, String>();
|
||||
params.put("grant_type", "password");
|
||||
params.put("client_id", "clientIdPassword");
|
||||
params.put("username", username);
|
||||
params.put("password", password);
|
||||
final Response response = RestAssured.given().auth().preemptive().basic("clientIdPassword", "secret").and().with().params(params).when().post("http://localhost:8081/spring-security-oauth-server/oauth/token");
|
||||
return response.jsonPath().getString("access_token");
|
||||
}
|
||||
|
||||
@Test
|
||||
public void givenUser_whenAccessFoosResource_thenOk() {
|
||||
final String accessToken = obtainAccessToken("john", "123");
|
||||
final Response response = RestAssured.given().header("Authorization", "Bearer " + accessToken).get("http://localhost:8081/spring-security-oauth-resource/foos/1");
|
||||
assertEquals(200, response.getStatusCode());
|
||||
assertNotNull(response.jsonPath().get("name"));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void givenUser_whenAccessBarssResource_thenUnauthorized() {
|
||||
final String accessToken = obtainAccessToken("john", "123");
|
||||
final Response response = RestAssured.given().header("Authorization", "Bearer " + accessToken).get("http://localhost:8081/spring-security-oauth-resource/bars/1");
|
||||
assertEquals(403, response.getStatusCode());
|
||||
}
|
||||
|
||||
@Test
|
||||
public void givenAdmin_whenAccessFoosResource_thenOk() {
|
||||
final String accessToken = obtainAccessToken("tom", "111");
|
||||
final Response response = RestAssured.given().header("Authorization", "Bearer " + accessToken).get("http://localhost:8081/spring-security-oauth-resource/foos/1");
|
||||
assertEquals(200, response.getStatusCode());
|
||||
assertNotNull(response.jsonPath().get("name"));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void givenAdmin_whenAccessBarssResource_thenOk() {
|
||||
final String accessToken = obtainAccessToken("tom", "111");
|
||||
final Response response = RestAssured.given().header("Authorization", "Bearer " + accessToken).get("http://localhost:8081/spring-security-oauth-resource/bars/1");
|
||||
assertEquals(200, response.getStatusCode());
|
||||
assertNotNull(response.jsonPath().get("name"));
|
||||
}
|
||||
|
||||
}
|
Loading…
Reference in New Issue