Skip to content

Commit

Permalink
Fix authorization server smoke test
Browse files Browse the repository at this point in the history 
Change from spring-projects/spring-authorization-server#1468

See gh-38696
  • Loading branch information
@bclozel
bclozel committed Dec 19, 2023
1 parent 561c7f7 commit c4150df
Showing 1 changed file with 30 additions and 29 deletions.
59 changes: 30 additions & 29 deletions ...rc/test/java/smoketest/oauth2/server/SampleOAuth2AuthorizationServerApplicationTests.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,7 +39,8 @@
import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames;
import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationServerMetadata;
import org.springframework.security.oauth2.server.authorization.oidc.OidcProviderConfiguration;
import org.springframework.web.util.UriComponentsBuilder;
import org.springframework.util.LinkedMultiValueMap;
import org.springframework.util.MultiValueMap;

import static org.assertj.core.api.Assertions.assertThat;

Expand Down Expand Up @@ -103,13 +104,13 @@ void anonymousShouldRedirectToLogin() {
void validTokenRequestShouldReturnTokenResponse() {
HttpHeaders headers = new HttpHeaders();
headers.setBasicAuth("messaging-client", "secret");
HttpEntity<Object> request = new HttpEntity<>(headers);
String requestUri = UriComponentsBuilder.fromUriString("/token")
.queryParam(OAuth2ParameterNames.CLIENT_ID, "messaging-client")
.queryParam(OAuth2ParameterNames.GRANT_TYPE, AuthorizationGrantType.CLIENT_CREDENTIALS.getValue())
.queryParam(OAuth2ParameterNames.SCOPE, "message.read+message.write")
.toUriString();
ResponseEntity<Map<String, Object>> entity = this.restTemplate.exchange(requestUri, HttpMethod.POST, request,
headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED);
MultiValueMap<String, Object> body = new LinkedMultiValueMap<>();
body.add(OAuth2ParameterNames.CLIENT_ID, "messaging-client");
body.add(OAuth2ParameterNames.GRANT_TYPE, AuthorizationGrantType.CLIENT_CREDENTIALS.getValue());
body.add(OAuth2ParameterNames.SCOPE, "message.read message.write");
HttpEntity<Object> request = new HttpEntity<>(body, headers);
ResponseEntity<Map<String, Object>> entity = this.restTemplate.exchange("/token", HttpMethod.POST, request,
MAP_TYPE_REFERENCE);
assertThat(entity.getStatusCode()).isEqualTo(HttpStatus.OK);
Map<String, Object> tokenResponse = Objects.requireNonNull(entity.getBody());
Expand All @@ -123,43 +124,43 @@ void validTokenRequestShouldReturnTokenResponse() {
@Test
void anonymousTokenRequestShouldReturnUnauthorized() {
HttpHeaders headers = new HttpHeaders();
HttpEntity<Object> request = new HttpEntity<>(headers);
String requestUri = UriComponentsBuilder.fromUriString("/token")
.queryParam(OAuth2ParameterNames.CLIENT_ID, "messaging-client")
.queryParam(OAuth2ParameterNames.GRANT_TYPE, AuthorizationGrantType.CLIENT_CREDENTIALS.getValue())
.queryParam(OAuth2ParameterNames.SCOPE, "message.read+message.write")
.toUriString();
ResponseEntity<Map<String, Object>> entity = this.restTemplate.exchange(requestUri, HttpMethod.POST, request,
headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED);
MultiValueMap<String, Object> body = new LinkedMultiValueMap<>();
body.add(OAuth2ParameterNames.CLIENT_ID, "messaging-client");
body.add(OAuth2ParameterNames.GRANT_TYPE, AuthorizationGrantType.CLIENT_CREDENTIALS.getValue());
body.add(OAuth2ParameterNames.SCOPE, "message.read message.write");
HttpEntity<Object> request = new HttpEntity<>(body, headers);
ResponseEntity<Map<String, Object>> entity = this.restTemplate.exchange("/token", HttpMethod.POST, request,
MAP_TYPE_REFERENCE);
assertThat(entity.getStatusCode()).isEqualTo(HttpStatus.UNAUTHORIZED);
}

@Test
void anonymousTokenRequestWithAcceptHeaderAllShouldReturnUnauthorized() {
HttpHeaders headers = new HttpHeaders();
headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED);
headers.setAccept(List.of(MediaType.ALL));
HttpEntity<Object> request = new HttpEntity<>(headers);
String requestUri = UriComponentsBuilder.fromUriString("/token")
.queryParam(OAuth2ParameterNames.CLIENT_ID, "messaging-client")
.queryParam(OAuth2ParameterNames.GRANT_TYPE, AuthorizationGrantType.CLIENT_CREDENTIALS.getValue())
.queryParam(OAuth2ParameterNames.SCOPE, "message.read+message.write")
.toUriString();
ResponseEntity<Map<String, Object>> entity = this.restTemplate.exchange(requestUri, HttpMethod.POST, request,
MultiValueMap<String, Object> body = new LinkedMultiValueMap<>();
body.add(OAuth2ParameterNames.CLIENT_ID, "messaging-client");
body.add(OAuth2ParameterNames.GRANT_TYPE, AuthorizationGrantType.CLIENT_CREDENTIALS.getValue());
body.add(OAuth2ParameterNames.SCOPE, "message.read message.write");
HttpEntity<Object> request = new HttpEntity<>(body, headers);
ResponseEntity<Map<String, Object>> entity = this.restTemplate.exchange("/token", HttpMethod.POST, request,
MAP_TYPE_REFERENCE);
assertThat(entity.getStatusCode()).isEqualTo(HttpStatus.UNAUTHORIZED);
}

@Test
void anonymousTokenRequestWithAcceptHeaderTextHtmlShouldRedirectToLogin() {
HttpHeaders headers = new HttpHeaders();
headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED);
headers.setAccept(List.of(MediaType.TEXT_HTML));
HttpEntity<Object> request = new HttpEntity<>(headers);
String requestUri = UriComponentsBuilder.fromUriString("/token")
.queryParam(OAuth2ParameterNames.CLIENT_ID, "messaging-client")
.queryParam(OAuth2ParameterNames.GRANT_TYPE, AuthorizationGrantType.CLIENT_CREDENTIALS.getValue())
.queryParam(OAuth2ParameterNames.SCOPE, "message.read+message.write")
.toUriString();
ResponseEntity<Map<String, Object>> entity = this.restTemplate.exchange(requestUri, HttpMethod.POST, request,
MultiValueMap<String, Object> body = new LinkedMultiValueMap<>();
body.add(OAuth2ParameterNames.CLIENT_ID, "messaging-client");
body.add(OAuth2ParameterNames.GRANT_TYPE, AuthorizationGrantType.CLIENT_CREDENTIALS.getValue());
body.add(OAuth2ParameterNames.SCOPE, "message.read message.write");
HttpEntity<Object> request = new HttpEntity<>(body, headers);
ResponseEntity<Map<String, Object>> entity = this.restTemplate.exchange("/token", HttpMethod.POST, request,
MAP_TYPE_REFERENCE);
assertThat(entity.getStatusCode()).isEqualTo(HttpStatus.FOUND);
assertThat(entity.getHeaders().getLocation()).isEqualTo(URI.create("http://localhost:" + this.port + "/login"));
Expand Down

0 comments on commit c4150df

Please sign in to comment.