[BAEL-1410] Spring Boot OAuth2 Support (#3409)
* initial setup with spring boot/ spring data jpa/ flyway * BAEL-1315 - added flyway test extensions for spring * BAEL-1315 - added flyway test extensions for spring * BAEL-1315 - created multiple migration scripts and locations * BAEL-1315 - test insert after schema creation * cleanup * BAEL-1315 - test data changes by a migration * [BAEL-1410] Spring Boot Security Auto-Configuration * [BAEL-1410] Added some tests for incorrect credentials use case * [BAEL-1410] Added readme and some code improvements * [BAEL-1410] removed form based auth config because is redundant added oauth2 server auto-configuration sample with test * [BAEL-1410] added custom Authorization Server Config * [BAEL-1410] update README * [BAEL-1410]refactor tests * [BAEL-1410]oauth2 resource server * [BAEL-1410]oauth2 sso sample with facebook * [BAEL-1410]remove spring-flyway
This commit is contained in:
parent
293968321e
commit
f993bc0435
|
@ -1,6 +1,8 @@
|
|||
### Spring Boot Security Auto-Configuration
|
||||
|
||||
- mvn clean install
|
||||
- uncomment in application.properties spring.profiles.active=basic # for basic auth config
|
||||
- uncomment in application.properties spring.profiles.active=form # for form based auth config
|
||||
- uncomment actuator dependency simultaneously with the line from main class
|
||||
- uncomment actuator dependency simultaneously with the line from basic auth main class
|
||||
- uncomment security properties for easy testing. If not random will be generated.
|
||||
|
||||
### CURL commands
|
||||
- curl -X POST -u baeldung-admin:baeldung -d grant_type=client_credentials -d username=baeldung-admin -d password=baeldung http://localhost:8080/oauth/token
|
||||
|
|
|
@ -43,6 +43,10 @@
|
|||
<groupId>org.springframework.boot</groupId>
|
||||
<artifactId>spring-boot-starter-security</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security.oauth</groupId>
|
||||
<artifactId>spring-security-oauth2</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.boot</groupId>
|
||||
<artifactId>spring-boot-starter-web</artifactId>
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
package com.baeldung.springbootsecurity;
|
||||
package com.baeldung.springbootsecurity.basic_auth;
|
||||
|
||||
import org.springframework.boot.SpringApplication;
|
||||
import org.springframework.boot.autoconfigure.SpringBootApplication;
|
||||
|
@ -7,7 +7,7 @@ import org.springframework.boot.autoconfigure.security.SecurityAutoConfiguration
|
|||
@SpringBootApplication(exclude = {
|
||||
SecurityAutoConfiguration.class
|
||||
// ,ManagementWebSecurityAutoConfiguration.class
|
||||
})
|
||||
}, scanBasePackages = "com.baeldung.springbootsecurity.basic_auth")
|
||||
public class SpringBootSecurityApplication {
|
||||
|
||||
public static void main(String[] args) {
|
|
@ -1,7 +1,6 @@
|
|||
package com.baeldung.springbootsecurity.config;
|
||||
package com.baeldung.springbootsecurity.basic_auth.config;
|
||||
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.context.annotation.Profile;
|
||||
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
||||
|
@ -9,8 +8,7 @@ import org.springframework.security.config.annotation.web.configuration.WebSecur
|
|||
|
||||
@Configuration
|
||||
@EnableWebSecurity
|
||||
@Profile("basic")
|
||||
public class BasicConfiguration extends WebSecurityConfigurerAdapter {
|
||||
public class BasicAuthConfiguration extends WebSecurityConfigurerAdapter {
|
||||
|
||||
@Override
|
||||
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
|
|
@ -1,39 +0,0 @@
|
|||
package com.baeldung.springbootsecurity.config;
|
||||
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.context.annotation.Profile;
|
||||
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
||||
|
||||
@Configuration
|
||||
@EnableWebSecurity
|
||||
@Profile("form")
|
||||
public class FormLoginConfiguration extends WebSecurityConfigurerAdapter {
|
||||
|
||||
@Override
|
||||
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
|
||||
auth
|
||||
.inMemoryAuthentication()
|
||||
.withUser("user")
|
||||
.password("password")
|
||||
.roles("USER")
|
||||
.and()
|
||||
.withUser("admin")
|
||||
.password("password")
|
||||
.roles("USER", "ADMIN");
|
||||
}
|
||||
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
http
|
||||
.authorizeRequests()
|
||||
.anyRequest()
|
||||
.authenticated()
|
||||
.and()
|
||||
.formLogin()
|
||||
.and()
|
||||
.httpBasic();
|
||||
}
|
||||
}
|
|
@ -0,0 +1,30 @@
|
|||
package com.baeldung.springbootsecurity.oauth2resource;
|
||||
|
||||
import org.springframework.boot.autoconfigure.SpringBootApplication;
|
||||
import org.springframework.boot.builder.SpringApplicationBuilder;
|
||||
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
|
||||
import org.springframework.web.bind.annotation.GetMapping;
|
||||
import org.springframework.web.bind.annotation.RestController;
|
||||
|
||||
@EnableResourceServer
|
||||
@SpringBootApplication(scanBasePackages = "com.baeldung.springbootsecurity.oauth2resource")
|
||||
public class SpringBootOAuth2ResourceApplication {
|
||||
|
||||
public static void main(String[] args) {
|
||||
new SpringApplicationBuilder()
|
||||
.profiles("resource")
|
||||
.sources(SpringBootOAuth2ResourceApplication.class)
|
||||
.build()
|
||||
.run(args);
|
||||
}
|
||||
|
||||
@RestController
|
||||
class SecuredResourceController {
|
||||
|
||||
@GetMapping("/securedResource")
|
||||
public String securedResource() {
|
||||
return "Baeldung Secured Resource OK";
|
||||
}
|
||||
|
||||
}
|
||||
}
|
|
@ -0,0 +1,30 @@
|
|||
package com.baeldung.springbootsecurity.oauth2server;
|
||||
|
||||
import org.springframework.boot.SpringApplication;
|
||||
import org.springframework.boot.autoconfigure.SpringBootApplication;
|
||||
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
|
||||
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
|
||||
import org.springframework.web.bind.annotation.GetMapping;
|
||||
import org.springframework.web.bind.annotation.RestController;
|
||||
|
||||
import java.security.Principal;
|
||||
|
||||
@EnableResourceServer
|
||||
@EnableAuthorizationServer
|
||||
@SpringBootApplication(scanBasePackages = "com.baeldung.springbootsecurity.oauth2server")
|
||||
public class SpringBootAuthorizationServerApplication {
|
||||
|
||||
public static void main(String[] args) {
|
||||
SpringApplication.run(SpringBootAuthorizationServerApplication.class, args);
|
||||
}
|
||||
|
||||
@RestController
|
||||
class UserController {
|
||||
|
||||
@GetMapping("/user")
|
||||
public Principal user(Principal user) {
|
||||
return user;
|
||||
}
|
||||
|
||||
}
|
||||
}
|
|
@ -0,0 +1,39 @@
|
|||
package com.baeldung.springbootsecurity.oauth2server.config;
|
||||
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.context.annotation.Profile;
|
||||
import org.springframework.security.authentication.AuthenticationManager;
|
||||
import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
|
||||
import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
|
||||
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
|
||||
|
||||
@Configuration
|
||||
@Profile("authz")
|
||||
public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdapter {
|
||||
|
||||
@Autowired
|
||||
private AuthenticationManager authenticationManager;
|
||||
|
||||
@Override
|
||||
public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
|
||||
endpoints.authenticationManager(authenticationManager);
|
||||
}
|
||||
|
||||
@Override
|
||||
public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
|
||||
clients
|
||||
.inMemory()
|
||||
.withClient("baeldung")
|
||||
.secret("baeldung")
|
||||
.authorizedGrantTypes("client_credentials", "password", "authorization_code")
|
||||
.scopes("openid", "read")
|
||||
.autoApprove(true)
|
||||
.and()
|
||||
.withClient("baeldung-admin")
|
||||
.secret("baeldung")
|
||||
.authorizedGrantTypes("authorization_code", "client_credentials", "refresh_token")
|
||||
.scopes("read", "write")
|
||||
.autoApprove(true);
|
||||
}
|
||||
}
|
|
@ -0,0 +1,18 @@
|
|||
package com.baeldung.springbootsecurity.oauth2sso;
|
||||
|
||||
import org.springframework.boot.autoconfigure.SpringBootApplication;
|
||||
import org.springframework.boot.autoconfigure.security.oauth2.client.EnableOAuth2Sso;
|
||||
import org.springframework.boot.builder.SpringApplicationBuilder;
|
||||
|
||||
@EnableOAuth2Sso
|
||||
@SpringBootApplication(scanBasePackages = "com.baeldung.springbootsecurity.oauth2sso")
|
||||
public class SpringBootOAuth2SsoApplication {
|
||||
|
||||
public static void main(String[] args) {
|
||||
new SpringApplicationBuilder()
|
||||
.profiles("sso")
|
||||
.sources(SpringBootOAuth2SsoApplication.class)
|
||||
.build()
|
||||
.run(args);
|
||||
}
|
||||
}
|
|
@ -0,0 +1,3 @@
|
|||
security.user.password=password
|
||||
security.oauth2.client.client-id=client
|
||||
security.oauth2.client.client-secret=secret
|
|
@ -0,0 +1,2 @@
|
|||
server.port=8081
|
||||
security.oauth2.resource.userInfoUri=http://localhost:8080/user
|
|
@ -0,0 +1,9 @@
|
|||
server.port=8082
|
||||
security.oauth2.client.clientId=<generated_app_id>
|
||||
security.oauth2.client.clientSecret=<app_secret>
|
||||
security.oauth2.client.accessTokenUri=https://graph.facebook.com/oauth/access_token
|
||||
security.oauth2.client.userAuthorizationUri=https://www.facebook.com/dialog/oauth
|
||||
security.oauth2.client.tokenName=oauth_token
|
||||
security.oauth2.client.authenticationScheme=query
|
||||
security.oauth2.client.clientAuthenticationScheme=form
|
||||
security.oauth2.resource.userInfoUri=https://graph.facebook.com/me
|
|
@ -1,4 +1,4 @@
|
|||
#spring.autoconfigure.exclude=org.springframework.boot.autoconfigure.security.SecurityAutoConfiguration
|
||||
#spring.profiles.active=form
|
||||
#spring.profiles.active=basic
|
||||
#security.user.password=password
|
||||
#security.user.password=password
|
||||
#security.oauth2.client.client-id=client
|
||||
#security.oauth2.client.client-secret=secret
|
||||
|
|
|
@ -1,106 +0,0 @@
|
|||
package com.baeldung.springbootsecurity;
|
||||
|
||||
import org.junit.Test;
|
||||
import org.junit.runner.RunWith;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.boot.context.embedded.LocalServerPort;
|
||||
import org.springframework.boot.test.context.SpringBootTest;
|
||||
import org.springframework.boot.test.web.client.TestRestTemplate;
|
||||
import org.springframework.http.*;
|
||||
import org.springframework.test.context.ActiveProfiles;
|
||||
import org.springframework.test.context.junit4.SpringRunner;
|
||||
import org.springframework.util.LinkedMultiValueMap;
|
||||
import org.springframework.util.MultiValueMap;
|
||||
|
||||
import java.util.Collections;
|
||||
import java.util.regex.Matcher;
|
||||
import java.util.regex.Pattern;
|
||||
|
||||
import static org.junit.Assert.*;
|
||||
import static org.springframework.boot.test.context.SpringBootTest.WebEnvironment.RANDOM_PORT;
|
||||
|
||||
@RunWith(SpringRunner.class)
|
||||
@SpringBootTest(webEnvironment = RANDOM_PORT)
|
||||
@ActiveProfiles("form")
|
||||
public class FormConfigurationIntegrationTest {
|
||||
|
||||
@Autowired TestRestTemplate restTemplate;
|
||||
@LocalServerPort int port;
|
||||
|
||||
@Test
|
||||
public void whenLoginPageIsRequested_ThenSuccess() {
|
||||
HttpHeaders httpHeaders = new HttpHeaders();
|
||||
httpHeaders.setAccept(Collections.singletonList(MediaType.TEXT_HTML));
|
||||
ResponseEntity<String> responseEntity = restTemplate.exchange("/login", HttpMethod.GET, new HttpEntity<Void>(httpHeaders), String.class);
|
||||
assertEquals(HttpStatus.OK, responseEntity.getStatusCode());
|
||||
assertTrue(responseEntity
|
||||
.getBody()
|
||||
.contains("_csrf"));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void whenTryingToLoginWithCorrectCredentials_ThenAuthenticateWithSuccess() {
|
||||
HttpHeaders httpHeaders = getHeaders();
|
||||
httpHeaders.setAccept(Collections.singletonList(MediaType.TEXT_HTML));
|
||||
httpHeaders.setContentType(MediaType.APPLICATION_FORM_URLENCODED);
|
||||
MultiValueMap<String, String> form = getFormSubmitCorrectCredentials();
|
||||
ResponseEntity<String> responseEntity = this.restTemplate.exchange("/login", HttpMethod.POST, new HttpEntity<>(form, httpHeaders), String.class);
|
||||
assertEquals(responseEntity.getStatusCode(), HttpStatus.FOUND);
|
||||
assertTrue(responseEntity
|
||||
.getHeaders()
|
||||
.getLocation()
|
||||
.toString()
|
||||
.endsWith(this.port + "/"));
|
||||
assertNotNull(responseEntity
|
||||
.getHeaders()
|
||||
.get("Set-Cookie"));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void whenTryingToLoginWithInorrectCredentials_ThenAuthenticationFailed() {
|
||||
HttpHeaders httpHeaders = getHeaders();
|
||||
httpHeaders.setAccept(Collections.singletonList(MediaType.TEXT_HTML));
|
||||
httpHeaders.setContentType(MediaType.APPLICATION_FORM_URLENCODED);
|
||||
MultiValueMap<String, String> form = getFormSubmitIncorrectCredentials();
|
||||
ResponseEntity<String> responseEntity = this.restTemplate.exchange("/login", HttpMethod.POST, new HttpEntity<>(form, httpHeaders), String.class);
|
||||
assertEquals(responseEntity.getStatusCode(), HttpStatus.FOUND);
|
||||
assertTrue(responseEntity
|
||||
.getHeaders()
|
||||
.getLocation()
|
||||
.toString()
|
||||
.endsWith(this.port + "/login?error"));
|
||||
assertNull(responseEntity
|
||||
.getHeaders()
|
||||
.get("Set-Cookie"));
|
||||
}
|
||||
|
||||
private MultiValueMap<String, String> getFormSubmitCorrectCredentials() {
|
||||
MultiValueMap<String, String> form = new LinkedMultiValueMap<>();
|
||||
form.set("username", "user");
|
||||
form.set("password", "password");
|
||||
return form;
|
||||
}
|
||||
|
||||
private MultiValueMap<String, String> getFormSubmitIncorrectCredentials() {
|
||||
MultiValueMap<String, String> form = new LinkedMultiValueMap<>();
|
||||
form.set("username", "user");
|
||||
form.set("password", "wrongpassword");
|
||||
return form;
|
||||
}
|
||||
|
||||
private HttpHeaders getHeaders() {
|
||||
HttpHeaders headers = new HttpHeaders();
|
||||
ResponseEntity<String> page = this.restTemplate.getForEntity("/login", String.class);
|
||||
assertEquals(page.getStatusCode(), HttpStatus.OK);
|
||||
String cookie = page
|
||||
.getHeaders()
|
||||
.getFirst("Set-Cookie");
|
||||
headers.set("Cookie", cookie);
|
||||
Pattern pattern = Pattern.compile("(?s).*name=\"_csrf\".*?value=\"([^\"]+).*");
|
||||
Matcher matcher = pattern.matcher(page.getBody());
|
||||
assertTrue(matcher.matches());
|
||||
headers.set("X-CSRF-TOKEN", matcher.group(1));
|
||||
return headers;
|
||||
}
|
||||
|
||||
}
|
|
@ -1,5 +1,6 @@
|
|||
package com.baeldung.springbootsecurity;
|
||||
package com.baeldung.springbootsecurity.basic_auth;
|
||||
|
||||
import com.baeldung.springbootsecurity.basic_auth.SpringBootSecurityApplication;
|
||||
import org.junit.Before;
|
||||
import org.junit.Test;
|
||||
import org.junit.runner.RunWith;
|
||||
|
@ -8,7 +9,6 @@ import org.springframework.boot.test.context.SpringBootTest;
|
|||
import org.springframework.boot.test.web.client.TestRestTemplate;
|
||||
import org.springframework.http.HttpStatus;
|
||||
import org.springframework.http.ResponseEntity;
|
||||
import org.springframework.test.context.ActiveProfiles;
|
||||
import org.springframework.test.context.junit4.SpringRunner;
|
||||
|
||||
import java.io.IOException;
|
||||
|
@ -20,9 +20,8 @@ import static org.junit.Assert.assertTrue;
|
|||
import static org.springframework.boot.test.context.SpringBootTest.WebEnvironment.RANDOM_PORT;
|
||||
|
||||
@RunWith(SpringRunner.class)
|
||||
@SpringBootTest(webEnvironment = RANDOM_PORT)
|
||||
@ActiveProfiles("basic")
|
||||
public class BasicConfigurationIntegrationTest {
|
||||
@SpringBootTest(webEnvironment = RANDOM_PORT, classes = SpringBootSecurityApplication.class)
|
||||
public class BasicAuthConfigurationIntegrationTest {
|
||||
|
||||
TestRestTemplate restTemplate;
|
||||
URL base;
|
|
@ -0,0 +1,75 @@
|
|||
package com.baeldung.springbootsecurity.oauth2server;
|
||||
|
||||
import org.junit.Test;
|
||||
import org.junit.runner.RunWith;
|
||||
import org.springframework.beans.factory.annotation.Value;
|
||||
import org.springframework.boot.test.context.SpringBootTest;
|
||||
import org.springframework.http.converter.json.MappingJackson2HttpMessageConverter;
|
||||
import org.springframework.security.oauth2.client.DefaultOAuth2ClientContext;
|
||||
import org.springframework.security.oauth2.client.OAuth2RestTemplate;
|
||||
import org.springframework.security.oauth2.client.resource.OAuth2AccessDeniedException;
|
||||
import org.springframework.security.oauth2.client.token.grant.client.ClientCredentialsResourceDetails;
|
||||
import org.springframework.security.oauth2.common.OAuth2AccessToken;
|
||||
import org.springframework.test.context.ActiveProfiles;
|
||||
import org.springframework.test.context.junit4.SpringRunner;
|
||||
|
||||
import static java.lang.String.format;
|
||||
import static java.util.Collections.singletonList;
|
||||
import static org.junit.Assert.assertNotNull;
|
||||
import static org.springframework.boot.test.context.SpringBootTest.WebEnvironment.RANDOM_PORT;
|
||||
|
||||
@RunWith(SpringRunner.class)
|
||||
@SpringBootTest(webEnvironment = RANDOM_PORT, classes = SpringBootAuthorizationServerApplication.class)
|
||||
@ActiveProfiles("authz")
|
||||
public class CustomConfigAuthorizationServerIntegrationTest {
|
||||
|
||||
@Value("${local.server.port}") protected int port;
|
||||
|
||||
@Test
|
||||
public void whenAccessTokenIsRequested_ThenAccessTokenValueIsNotNull() {
|
||||
ClientCredentialsResourceDetails resourceDetails = getClientCredentialsResourceDetails();
|
||||
resourceDetails.setClientId("baeldung");
|
||||
resourceDetails.setClientSecret("baeldung");
|
||||
resourceDetails.setScope(singletonList("read"));
|
||||
DefaultOAuth2ClientContext clientContext = new DefaultOAuth2ClientContext();
|
||||
OAuth2RestTemplate restTemplate = new OAuth2RestTemplate(resourceDetails, clientContext);
|
||||
restTemplate.setMessageConverters(singletonList(new MappingJackson2HttpMessageConverter()));
|
||||
OAuth2AccessToken accessToken = restTemplate.getAccessToken();
|
||||
assertNotNull(accessToken);
|
||||
|
||||
}
|
||||
|
||||
@Test(expected = OAuth2AccessDeniedException.class)
|
||||
public void whenAccessTokenIsRequestedWithInvalidException_ThenExceptionIsThrown() {
|
||||
ClientCredentialsResourceDetails resourceDetails = getClientCredentialsResourceDetails();
|
||||
resourceDetails.setClientId("baeldung");
|
||||
resourceDetails.setClientSecret("baeldung");
|
||||
resourceDetails.setScope(singletonList("write"));
|
||||
DefaultOAuth2ClientContext clientContext = new DefaultOAuth2ClientContext();
|
||||
OAuth2RestTemplate restTemplate = new OAuth2RestTemplate(resourceDetails, clientContext);
|
||||
restTemplate.setMessageConverters(singletonList(new MappingJackson2HttpMessageConverter()));
|
||||
restTemplate.getAccessToken();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void whenAccessTokenIsRequestedByClientWithWriteScope_ThenAccessTokenIsNotNull() {
|
||||
ClientCredentialsResourceDetails resourceDetails = getClientCredentialsResourceDetails();
|
||||
resourceDetails.setClientId("baeldung-admin");
|
||||
resourceDetails.setClientSecret("baeldung");
|
||||
resourceDetails.setScope(singletonList("write"));
|
||||
DefaultOAuth2ClientContext clientContext = new DefaultOAuth2ClientContext();
|
||||
OAuth2RestTemplate restTemplate = new OAuth2RestTemplate(resourceDetails, clientContext);
|
||||
restTemplate.setMessageConverters(singletonList(new MappingJackson2HttpMessageConverter()));
|
||||
OAuth2AccessToken accessToken = restTemplate.getAccessToken();
|
||||
assertNotNull(accessToken);
|
||||
}
|
||||
|
||||
private ClientCredentialsResourceDetails getClientCredentialsResourceDetails() {
|
||||
ClientCredentialsResourceDetails resourceDetails = new ClientCredentialsResourceDetails();
|
||||
resourceDetails.setAccessTokenUri(format("http://localhost:%d/oauth/token", port));
|
||||
resourceDetails.setGrantType("client_credentials");
|
||||
return resourceDetails;
|
||||
}
|
||||
|
||||
}
|
||||
|
|
@ -0,0 +1,44 @@
|
|||
package com.baeldung.springbootsecurity.oauth2server;
|
||||
|
||||
import org.junit.Test;
|
||||
import org.junit.runner.RunWith;
|
||||
import org.springframework.beans.factory.annotation.Value;
|
||||
import org.springframework.boot.test.context.SpringBootTest;
|
||||
import org.springframework.http.converter.json.MappingJackson2HttpMessageConverter;
|
||||
import org.springframework.security.oauth2.client.DefaultOAuth2ClientContext;
|
||||
import org.springframework.security.oauth2.client.OAuth2RestTemplate;
|
||||
import org.springframework.security.oauth2.client.token.grant.client.ClientCredentialsResourceDetails;
|
||||
import org.springframework.security.oauth2.common.OAuth2AccessToken;
|
||||
import org.springframework.test.context.junit4.SpringRunner;
|
||||
|
||||
import static java.lang.String.format;
|
||||
import static java.util.Arrays.asList;
|
||||
import static java.util.Collections.singletonList;
|
||||
import static org.junit.Assert.assertNotNull;
|
||||
import static org.springframework.boot.test.context.SpringBootTest.WebEnvironment.RANDOM_PORT;
|
||||
|
||||
@RunWith(SpringRunner.class)
|
||||
@SpringBootTest(webEnvironment = RANDOM_PORT, classes = SpringBootAuthorizationServerApplication.class,
|
||||
properties = { "security.oauth2.client.client-id=client", "security.oauth2.client.client-secret=secret" })
|
||||
public class DefaultConfigAuthorizationServerIntegrationTest {
|
||||
|
||||
@Value("${local.server.port}") protected int port;
|
||||
|
||||
@Test
|
||||
public void whenAccessTokenIsRequested_ThenAccessTokenValueIsNotNull() {
|
||||
ClientCredentialsResourceDetails resourceDetails = new ClientCredentialsResourceDetails();
|
||||
resourceDetails.setAccessTokenUri(format("http://localhost:%d/oauth/token", port));
|
||||
resourceDetails.setClientId("client");
|
||||
resourceDetails.setClientSecret("secret");
|
||||
resourceDetails.setGrantType("client_credentials");
|
||||
resourceDetails.setScope(asList("read", "write"));
|
||||
DefaultOAuth2ClientContext clientContext = new DefaultOAuth2ClientContext();
|
||||
OAuth2RestTemplate restTemplate = new OAuth2RestTemplate(resourceDetails, clientContext);
|
||||
restTemplate.setMessageConverters(singletonList(new MappingJackson2HttpMessageConverter()));
|
||||
OAuth2AccessToken accessToken = restTemplate.getAccessToken();
|
||||
assertNotNull(accessToken);
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
|
Loading…
Reference in New Issue