diff --git a/spring-boot-tests/spring-boot-smoke-tests/spring-boot-smoke-test-oauth2-authorization-server/src/test/java/smoketest/oauth2/server/SampleOAuth2AuthorizationServerApplicationTests.java b/spring-boot-tests/spring-boot-smoke-tests/spring-boot-smoke-test-oauth2-authorization-server/src/test/java/smoketest/oauth2/server/SampleOAuth2AuthorizationServerApplicationTests.java index dbc0bff4e5b0..b0695ea68892 100644 --- a/spring-boot-tests/spring-boot-smoke-tests/spring-boot-smoke-test-oauth2-authorization-server/src/test/java/smoketest/oauth2/server/SampleOAuth2AuthorizationServerApplicationTests.java +++ b/spring-boot-tests/spring-boot-smoke-tests/spring-boot-smoke-test-oauth2-authorization-server/src/test/java/smoketest/oauth2/server/SampleOAuth2AuthorizationServerApplicationTests.java @@ -39,7 +39,8 @@ import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames; import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationServerMetadata; import org.springframework.security.oauth2.server.authorization.oidc.OidcProviderConfiguration; -import org.springframework.web.util.UriComponentsBuilder; +import org.springframework.util.LinkedMultiValueMap; +import org.springframework.util.MultiValueMap; import static org.assertj.core.api.Assertions.assertThat; @@ -103,13 +104,13 @@ void anonymousShouldRedirectToLogin() { void validTokenRequestShouldReturnTokenResponse() { HttpHeaders headers = new HttpHeaders(); headers.setBasicAuth("messaging-client", "secret"); - HttpEntity request = new HttpEntity<>(headers); - String requestUri = UriComponentsBuilder.fromUriString("/token") - .queryParam(OAuth2ParameterNames.CLIENT_ID, "messaging-client") - .queryParam(OAuth2ParameterNames.GRANT_TYPE, AuthorizationGrantType.CLIENT_CREDENTIALS.getValue()) - .queryParam(OAuth2ParameterNames.SCOPE, "message.read+message.write") - .toUriString(); - ResponseEntity> entity = this.restTemplate.exchange(requestUri, HttpMethod.POST, request, + headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED); + MultiValueMap body = new LinkedMultiValueMap<>(); + body.add(OAuth2ParameterNames.CLIENT_ID, "messaging-client"); + body.add(OAuth2ParameterNames.GRANT_TYPE, AuthorizationGrantType.CLIENT_CREDENTIALS.getValue()); + body.add(OAuth2ParameterNames.SCOPE, "message.read message.write"); + HttpEntity request = new HttpEntity<>(body, headers); + ResponseEntity> entity = this.restTemplate.exchange("/token", HttpMethod.POST, request, MAP_TYPE_REFERENCE); assertThat(entity.getStatusCode()).isEqualTo(HttpStatus.OK); Map tokenResponse = Objects.requireNonNull(entity.getBody()); @@ -123,13 +124,13 @@ void validTokenRequestShouldReturnTokenResponse() { @Test void anonymousTokenRequestShouldReturnUnauthorized() { HttpHeaders headers = new HttpHeaders(); - HttpEntity request = new HttpEntity<>(headers); - String requestUri = UriComponentsBuilder.fromUriString("/token") - .queryParam(OAuth2ParameterNames.CLIENT_ID, "messaging-client") - .queryParam(OAuth2ParameterNames.GRANT_TYPE, AuthorizationGrantType.CLIENT_CREDENTIALS.getValue()) - .queryParam(OAuth2ParameterNames.SCOPE, "message.read+message.write") - .toUriString(); - ResponseEntity> entity = this.restTemplate.exchange(requestUri, HttpMethod.POST, request, + headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED); + MultiValueMap body = new LinkedMultiValueMap<>(); + body.add(OAuth2ParameterNames.CLIENT_ID, "messaging-client"); + body.add(OAuth2ParameterNames.GRANT_TYPE, AuthorizationGrantType.CLIENT_CREDENTIALS.getValue()); + body.add(OAuth2ParameterNames.SCOPE, "message.read message.write"); + HttpEntity request = new HttpEntity<>(body, headers); + ResponseEntity> entity = this.restTemplate.exchange("/token", HttpMethod.POST, request, MAP_TYPE_REFERENCE); assertThat(entity.getStatusCode()).isEqualTo(HttpStatus.UNAUTHORIZED); } @@ -137,14 +138,14 @@ void anonymousTokenRequestShouldReturnUnauthorized() { @Test void anonymousTokenRequestWithAcceptHeaderAllShouldReturnUnauthorized() { HttpHeaders headers = new HttpHeaders(); + headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED); headers.setAccept(List.of(MediaType.ALL)); - HttpEntity request = new HttpEntity<>(headers); - String requestUri = UriComponentsBuilder.fromUriString("/token") - .queryParam(OAuth2ParameterNames.CLIENT_ID, "messaging-client") - .queryParam(OAuth2ParameterNames.GRANT_TYPE, AuthorizationGrantType.CLIENT_CREDENTIALS.getValue()) - .queryParam(OAuth2ParameterNames.SCOPE, "message.read+message.write") - .toUriString(); - ResponseEntity> entity = this.restTemplate.exchange(requestUri, HttpMethod.POST, request, + MultiValueMap body = new LinkedMultiValueMap<>(); + body.add(OAuth2ParameterNames.CLIENT_ID, "messaging-client"); + body.add(OAuth2ParameterNames.GRANT_TYPE, AuthorizationGrantType.CLIENT_CREDENTIALS.getValue()); + body.add(OAuth2ParameterNames.SCOPE, "message.read message.write"); + HttpEntity request = new HttpEntity<>(body, headers); + ResponseEntity> entity = this.restTemplate.exchange("/token", HttpMethod.POST, request, MAP_TYPE_REFERENCE); assertThat(entity.getStatusCode()).isEqualTo(HttpStatus.UNAUTHORIZED); } @@ -152,14 +153,14 @@ void anonymousTokenRequestWithAcceptHeaderAllShouldReturnUnauthorized() { @Test void anonymousTokenRequestWithAcceptHeaderTextHtmlShouldRedirectToLogin() { HttpHeaders headers = new HttpHeaders(); + headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED); headers.setAccept(List.of(MediaType.TEXT_HTML)); - HttpEntity request = new HttpEntity<>(headers); - String requestUri = UriComponentsBuilder.fromUriString("/token") - .queryParam(OAuth2ParameterNames.CLIENT_ID, "messaging-client") - .queryParam(OAuth2ParameterNames.GRANT_TYPE, AuthorizationGrantType.CLIENT_CREDENTIALS.getValue()) - .queryParam(OAuth2ParameterNames.SCOPE, "message.read+message.write") - .toUriString(); - ResponseEntity> entity = this.restTemplate.exchange(requestUri, HttpMethod.POST, request, + MultiValueMap body = new LinkedMultiValueMap<>(); + body.add(OAuth2ParameterNames.CLIENT_ID, "messaging-client"); + body.add(OAuth2ParameterNames.GRANT_TYPE, AuthorizationGrantType.CLIENT_CREDENTIALS.getValue()); + body.add(OAuth2ParameterNames.SCOPE, "message.read message.write"); + HttpEntity request = new HttpEntity<>(body, headers); + ResponseEntity> entity = this.restTemplate.exchange("/token", HttpMethod.POST, request, MAP_TYPE_REFERENCE); assertThat(entity.getStatusCode()).isEqualTo(HttpStatus.FOUND); assertThat(entity.getHeaders().getLocation()).isEqualTo(URI.create("http://localhost:" + this.port + "/login"));