Cwikius-Spring/spring-security
1
0
Fork 0
mirror of synced 2026-05-22 21:33:16 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix checkstyle

Browse Source 
Issue gh-17880
This commit is contained in:
Joe Grandja
2025-09-05 08:18:16 -04:00
parent 6484d1ae25
commit e5dc46270a
61 changed files with 1085 additions and 1122 deletions
Download Patch File Download Diff File Expand all files Collapse all files
oauth2/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/InMemoryOAuth2AuthorizationServiceTests.java
+21 -19
View File
@@ -33,7 +33,7 @@ import org.springframework.security.oauth2.server.authorization.client.Registere
import org.springframework.security.oauth2.server.authorization.client.TestRegisteredClients;
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.assertThatThrownBy;
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
/**
* Tests for {@link InMemoryOAuth2AuthorizationService}.
@@ -69,16 +69,16 @@ public class InMemoryOAuth2AuthorizationServiceTests {
@Test
public void constructorVarargsWhenAuthorizationNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> new InMemoryOAuth2AuthorizationService((OAuth2Authorization) null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("authorization cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> new InMemoryOAuth2AuthorizationService((OAuth2Authorization) null))
.withMessage("authorization cannot be null");
}
@Test
public void constructorListWhenAuthorizationsNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> new InMemoryOAuth2AuthorizationService((List<OAuth2Authorization>) null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("authorizations cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> new InMemoryOAuth2AuthorizationService((List<OAuth2Authorization>) null))
.withMessage("authorizations cannot be null");
}
@Test
@@ -90,15 +90,15 @@ public class InMemoryOAuth2AuthorizationServiceTests {
.token(AUTHORIZATION_CODE)
.build();
assertThatThrownBy(() -> new InMemoryOAuth2AuthorizationService(authorization, authorization))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("The authorization must be unique. Found duplicate identifier: id");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> new InMemoryOAuth2AuthorizationService(authorization, authorization))
.withMessage("The authorization must be unique. Found duplicate identifier: id");
}
@Test
public void saveWhenAuthorizationNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> this.authorizationService.save(null)).isInstanceOf(IllegalArgumentException.class)
.hasMessage("authorization cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class).isThrownBy(() -> this.authorizationService.save(null))
.withMessage("authorization cannot be null");
}
@Test
@@ -179,8 +179,9 @@ public class InMemoryOAuth2AuthorizationServiceTests {
@Test
public void removeWhenAuthorizationNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> this.authorizationService.remove(null)).isInstanceOf(IllegalArgumentException.class)
.hasMessage("authorization cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> this.authorizationService.remove(null))
.withMessage("authorization cannot be null");
}
@Test
@@ -205,15 +206,16 @@ public class InMemoryOAuth2AuthorizationServiceTests {
@Test
public void findByIdWhenIdNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> this.authorizationService.findById(null)).isInstanceOf(IllegalArgumentException.class)
.hasMessage("id cannot be empty");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> this.authorizationService.findById(null))
.withMessage("id cannot be empty");
}
@Test
public void findByTokenWhenTokenNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> this.authorizationService.findByToken(null, AUTHORIZATION_CODE_TOKEN_TYPE))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("token cannot be empty");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> this.authorizationService.findByToken(null, AUTHORIZATION_CODE_TOKEN_TYPE))
.withMessage("token cannot be empty");
}
@Test
oauth2/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/JdbcOAuth2AuthorizationConsentServiceTests.java
+9 -13
View File
@@ -41,8 +41,8 @@ import org.springframework.security.oauth2.server.authorization.client.TestRegis
import org.springframework.util.StringUtils;
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
import static org.assertj.core.api.Assertions.assertThatThrownBy;
import static org.mockito.ArgumentMatchers.any;
import static org.mockito.ArgumentMatchers.anyInt;
import static org.mockito.ArgumentMatchers.eq;
@@ -100,36 +100,32 @@ public class JdbcOAuth2AuthorizationConsentServiceTests {
@Test
public void constructorWhenJdbcOperationsIsNullThenThrowIllegalArgumentException() {
// @formatter:off
assertThatThrownBy(() -> new JdbcOAuth2AuthorizationConsentService(null, this.registeredClientRepository))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("jdbcOperations cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class).isThrownBy(() -> new JdbcOAuth2AuthorizationConsentService(null, this.registeredClientRepository))
.withMessage("jdbcOperations cannot be null");
// @formatter:on
}
@Test
public void constructorWhenRegisteredClientRepositoryIsNullThenThrowIllegalArgumentException() {
// @formatter:off
assertThatThrownBy(() -> new JdbcOAuth2AuthorizationConsentService(this.jdbcOperations, null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("registeredClientRepository cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class).isThrownBy(() -> new JdbcOAuth2AuthorizationConsentService(this.jdbcOperations, null))
.withMessage("registeredClientRepository cannot be null");
// @formatter:on
}
@Test
public void setAuthorizationConsentRowMapperWhenNullThenThrowIllegalArgumentException() {
// @formatter:off
assertThatThrownBy(() -> this.authorizationConsentService.setAuthorizationConsentRowMapper(null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("authorizationConsentRowMapper cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class).isThrownBy(() -> this.authorizationConsentService.setAuthorizationConsentRowMapper(null))
.withMessage("authorizationConsentRowMapper cannot be null");
// @formatter:on
}
@Test
public void setAuthorizationConsentParametersMapperWhenNullThenThrowIllegalArgumentException() {
// @formatter:off
assertThatThrownBy(() -> this.authorizationConsentService.setAuthorizationConsentParametersMapper(null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("authorizationConsentParametersMapper cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class).isThrownBy(() -> this.authorizationConsentService.setAuthorizationConsentParametersMapper(null))
.withMessage("authorizationConsentParametersMapper cannot be null");
// @formatter:on
}
oauth2/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/JdbcOAuth2AuthorizationServiceTests.java
+21 -31
View File
@@ -60,7 +60,7 @@ import org.springframework.util.CollectionUtils;
import org.springframework.util.StringUtils;
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.assertThatThrownBy;
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
import static org.mockito.ArgumentMatchers.any;
import static org.mockito.ArgumentMatchers.anyInt;
import static org.mockito.ArgumentMatchers.eq;
@@ -130,54 +130,48 @@ public class JdbcOAuth2AuthorizationServiceTests {
@Test
public void constructorWhenJdbcOperationsIsNullThenThrowIllegalArgumentException() {
// @formatter:off
assertThatThrownBy(() -> new JdbcOAuth2AuthorizationService(null, this.registeredClientRepository))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("jdbcOperations cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class).isThrownBy(() -> new JdbcOAuth2AuthorizationService(null, this.registeredClientRepository))
.withMessage("jdbcOperations cannot be null");
// @formatter:on
}
@Test
public void constructorWhenRegisteredClientRepositoryIsNullThenThrowIllegalArgumentException() {
// @formatter:off
assertThatThrownBy(() -> new JdbcOAuth2AuthorizationService(this.jdbcOperations, null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("registeredClientRepository cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class).isThrownBy(() -> new JdbcOAuth2AuthorizationService(this.jdbcOperations, null))
.withMessage("registeredClientRepository cannot be null");
// @formatter:on
}
@Test
public void constructorWhenLobHandlerIsNullThenThrowIllegalArgumentException() {
// @formatter:off
assertThatThrownBy(() -> new JdbcOAuth2AuthorizationService(this.jdbcOperations, this.registeredClientRepository, null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("lobHandler cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class).isThrownBy(() -> new JdbcOAuth2AuthorizationService(this.jdbcOperations, this.registeredClientRepository, null))
.withMessage("lobHandler cannot be null");
// @formatter:on
}
@Test
public void setAuthorizationRowMapperWhenNullThenThrowIllegalArgumentException() {
// @formatter:off
assertThatThrownBy(() -> this.authorizationService.setAuthorizationRowMapper(null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("authorizationRowMapper cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class).isThrownBy(() -> this.authorizationService.setAuthorizationRowMapper(null))
.withMessage("authorizationRowMapper cannot be null");
// @formatter:on
}
@Test
public void setAuthorizationParametersMapperWhenNullThenThrowIllegalArgumentException() {
// @formatter:off
assertThatThrownBy(() -> this.authorizationService.setAuthorizationParametersMapper(null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("authorizationParametersMapper cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class).isThrownBy(() -> this.authorizationService.setAuthorizationParametersMapper(null))
.withMessage("authorizationParametersMapper cannot be null");
// @formatter:on
}
@Test
public void saveWhenAuthorizationNullThenThrowIllegalArgumentException() {
// @formatter:off
assertThatThrownBy(() -> this.authorizationService.save(null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("authorization cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class).isThrownBy(() -> this.authorizationService.save(null))
.withMessage("authorization cannot be null");
// @formatter:on
}
@@ -247,9 +241,8 @@ public class JdbcOAuth2AuthorizationServiceTests {
@Test
public void removeWhenAuthorizationNullThenThrowIllegalArgumentException() {
// @formatter:off
assertThatThrownBy(() -> this.authorizationService.remove(null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("authorization cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class).isThrownBy(() -> this.authorizationService.remove(null))
.withMessage("authorization cannot be null");
// @formatter:on
}
@@ -277,27 +270,24 @@ public class JdbcOAuth2AuthorizationServiceTests {
@Test
public void findByIdWhenIdNullThenThrowIllegalArgumentException() {
// @formatter:off
assertThatThrownBy(() -> this.authorizationService.findById(null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("id cannot be empty");
assertThatExceptionOfType(IllegalArgumentException.class).isThrownBy(() -> this.authorizationService.findById(null))
.withMessage("id cannot be empty");
// @formatter:on
}
@Test
public void findByIdWhenIdEmptyThenThrowIllegalArgumentException() {
// @formatter:off
assertThatThrownBy(() -> this.authorizationService.findById(" "))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("id cannot be empty");
assertThatExceptionOfType(IllegalArgumentException.class).isThrownBy(() -> this.authorizationService.findById(" "))
.withMessage("id cannot be empty");
// @formatter:on
}
@Test
public void findByTokenWhenTokenNullThenThrowIllegalArgumentException() {
// @formatter:off
assertThatThrownBy(() -> this.authorizationService.findByToken(null, AUTHORIZATION_CODE_TOKEN_TYPE))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("token cannot be empty");
assertThatExceptionOfType(IllegalArgumentException.class).isThrownBy(() -> this.authorizationService.findByToken(null, AUTHORIZATION_CODE_TOKEN_TYPE))
.withMessage("token cannot be empty");
// @formatter:on
}
oauth2/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/OAuth2AuthorizationTests.java
+16 -17
View File
@@ -28,7 +28,7 @@ import org.springframework.security.oauth2.server.authorization.client.Registere
import org.springframework.security.oauth2.server.authorization.client.TestRegisteredClients;
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.assertThatThrownBy;
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
/**
* Tests for {@link OAuth2Authorization}.
@@ -56,15 +56,15 @@ public class OAuth2AuthorizationTests {
@Test
public void withRegisteredClientWhenRegisteredClientNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> OAuth2Authorization.withRegisteredClient(null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("registeredClient cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> OAuth2Authorization.withRegisteredClient(null))
.withMessage("registeredClient cannot be null");
}
@Test
public void fromWhenAuthorizationNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> OAuth2Authorization.from(null)).isInstanceOf(IllegalArgumentException.class)
.hasMessage("authorization cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class).isThrownBy(() -> OAuth2Authorization.from(null))
.withMessage("authorization cannot be null");
}
@Test
@@ -91,32 +91,31 @@ public class OAuth2AuthorizationTests {
@Test
public void buildWhenPrincipalNameNotProvidedThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> OAuth2Authorization.withRegisteredClient(REGISTERED_CLIENT).build())
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> OAuth2Authorization.withRegisteredClient(REGISTERED_CLIENT).build())
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("principalName cannot be empty");
.withMessage("principalName cannot be empty");
}
@Test
public void buildWhenAuthorizationGrantTypeNotProvidedThenThrowIllegalArgumentException() {
assertThatThrownBy(
assertThatExceptionOfType(IllegalArgumentException.class).isThrownBy(
() -> OAuth2Authorization.withRegisteredClient(REGISTERED_CLIENT).principalName(PRINCIPAL_NAME).build())
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("authorizationGrantType cannot be null");
.withMessage("authorizationGrantType cannot be null");
}
@Test
public void attributeWhenNameNullThenThrowIllegalArgumentException() {
assertThatThrownBy(
assertThatExceptionOfType(IllegalArgumentException.class).isThrownBy(
() -> OAuth2Authorization.withRegisteredClient(REGISTERED_CLIENT).attribute(null, AUTHORIZATION_CODE))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("name cannot be empty");
.withMessage("name cannot be empty");
}
@Test
public void attributeWhenValueNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> OAuth2Authorization.withRegisteredClient(REGISTERED_CLIENT).attribute("name", null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("value cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> OAuth2Authorization.withRegisteredClient(REGISTERED_CLIENT).attribute("name", null))
.withMessage("value cannot be null");
}
@Test
oauth2/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/authentication/ClientSecretAuthenticationProviderTests.java
+31 -31
View File
@@ -41,7 +41,7 @@ import org.springframework.security.oauth2.server.authorization.client.Registere
import org.springframework.security.oauth2.server.authorization.client.TestRegisteredClients;
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.assertThatThrownBy;
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
import static org.mockito.ArgumentMatchers.any;
import static org.mockito.ArgumentMatchers.eq;
import static org.mockito.BDDMockito.given;
@@ -103,23 +103,23 @@ public class ClientSecretAuthenticationProviderTests {
@Test
public void constructorWhenRegisteredClientRepositoryNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> new ClientSecretAuthenticationProvider(null, this.authorizationService))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("registeredClientRepository cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> new ClientSecretAuthenticationProvider(null, this.authorizationService))
.withMessage("registeredClientRepository cannot be null");
}
@Test
public void constructorWhenAuthorizationServiceNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> new ClientSecretAuthenticationProvider(this.registeredClientRepository, null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("authorizationService cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> new ClientSecretAuthenticationProvider(this.registeredClientRepository, null))
.withMessage("authorizationService cannot be null");
}
@Test
public void setPasswordEncoderWhenNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> this.authenticationProvider.setPasswordEncoder(null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("passwordEncoder cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> this.authenticationProvider.setPasswordEncoder(null))
.withMessage("passwordEncoder cannot be null");
}
@Test
@@ -136,9 +136,9 @@ public class ClientSecretAuthenticationProviderTests {
OAuth2ClientAuthenticationToken authentication = new OAuth2ClientAuthenticationToken(
registeredClient.getClientId() + "-invalid", ClientAuthenticationMethod.CLIENT_SECRET_BASIC,
registeredClient.getClientSecret(), null);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.extracting(OAuth2AuthenticationException::getError)
.satisfies((error) -> {
assertThat(error.getErrorCode()).isEqualTo(OAuth2ErrorCodes.INVALID_CLIENT);
assertThat(error.getDescription()).contains(OAuth2ParameterNames.CLIENT_ID);
@@ -154,9 +154,9 @@ public class ClientSecretAuthenticationProviderTests {
OAuth2ClientAuthenticationToken authentication = new OAuth2ClientAuthenticationToken(
registeredClient.getClientId(), ClientAuthenticationMethod.CLIENT_SECRET_POST,
registeredClient.getClientSecret(), null);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.extracting(OAuth2AuthenticationException::getError)
.satisfies((error) -> {
assertThat(error.getErrorCode()).isEqualTo(OAuth2ErrorCodes.INVALID_CLIENT);
assertThat(error.getDescription()).contains("authentication_method");
@@ -171,9 +171,9 @@ public class ClientSecretAuthenticationProviderTests {
OAuth2ClientAuthenticationToken authentication = new OAuth2ClientAuthenticationToken(
registeredClient.getClientId(), ClientAuthenticationMethod.CLIENT_SECRET_BASIC, null, null);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.extracting(OAuth2AuthenticationException::getError)
.satisfies((error) -> {
assertThat(error.getErrorCode()).isEqualTo(OAuth2ErrorCodes.INVALID_CLIENT);
assertThat(error.getDescription()).contains("credentials");
@@ -189,9 +189,9 @@ public class ClientSecretAuthenticationProviderTests {
OAuth2ClientAuthenticationToken authentication = new OAuth2ClientAuthenticationToken(
registeredClient.getClientId(), ClientAuthenticationMethod.CLIENT_SECRET_BASIC,
registeredClient.getClientSecret() + "-invalid", null);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.extracting(OAuth2AuthenticationException::getError)
.satisfies((error) -> {
assertThat(error.getErrorCode()).isEqualTo(OAuth2ErrorCodes.INVALID_CLIENT);
assertThat(error.getDescription()).contains(OAuth2ParameterNames.CLIENT_SECRET);
@@ -210,9 +210,9 @@ public class ClientSecretAuthenticationProviderTests {
OAuth2ClientAuthenticationToken authentication = new OAuth2ClientAuthenticationToken(
registeredClient.getClientId(), ClientAuthenticationMethod.CLIENT_SECRET_BASIC,
registeredClient.getClientSecret(), null);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.extracting(OAuth2AuthenticationException::getError)
.satisfies((error) -> {
assertThat(error.getErrorCode()).isEqualTo(OAuth2ErrorCodes.INVALID_CLIENT);
assertThat(error.getDescription()).contains("client_secret_expires_at");
@@ -302,9 +302,9 @@ public class ClientSecretAuthenticationProviderTests {
registeredClient.getClientId(), ClientAuthenticationMethod.CLIENT_SECRET_BASIC,
registeredClient.getClientSecret(), parameters);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.extracting(OAuth2AuthenticationException::getError)
.satisfies((error) -> {
assertThat(error.getErrorCode()).isEqualTo(OAuth2ErrorCodes.INVALID_GRANT);
assertThat(error.getDescription()).contains(OAuth2ParameterNames.CODE);
@@ -329,9 +329,9 @@ public class ClientSecretAuthenticationProviderTests {
registeredClient.getClientId(), ClientAuthenticationMethod.CLIENT_SECRET_BASIC,
registeredClient.getClientSecret(), parameters);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.extracting(OAuth2AuthenticationException::getError)
.satisfies((error) -> {
assertThat(error.getErrorCode()).isEqualTo(OAuth2ErrorCodes.INVALID_GRANT);
assertThat(error.getDescription()).contains(PkceParameterNames.CODE_VERIFIER);
oauth2/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/authentication/JwtClientAssertionAuthenticationProviderTests.java
+26 -27
View File
@@ -64,7 +64,7 @@ import org.springframework.security.oauth2.server.authorization.settings.ClientS
import org.springframework.web.util.UriComponentsBuilder;
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.assertThatThrownBy;
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
import static org.mockito.ArgumentMatchers.eq;
import static org.mockito.BDDMockito.given;
import static org.mockito.Mockito.mock;
@@ -114,23 +114,23 @@ public class JwtClientAssertionAuthenticationProviderTests {
@Test
public void constructorWhenRegisteredClientRepositoryNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> new JwtClientAssertionAuthenticationProvider(null, this.authorizationService))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("registeredClientRepository cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> new JwtClientAssertionAuthenticationProvider(null, this.authorizationService))
.withMessage("registeredClientRepository cannot be null");
}
@Test
public void constructorWhenAuthorizationServiceNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> new JwtClientAssertionAuthenticationProvider(this.registeredClientRepository, null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("authorizationService cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> new JwtClientAssertionAuthenticationProvider(this.registeredClientRepository, null))
.withMessage("authorizationService cannot be null");
}
@Test
public void setJwtDecoderFactoryWhenNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> this.authenticationProvider.setJwtDecoderFactory(null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("jwtDecoderFactory cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> this.authenticationProvider.setJwtDecoderFactory(null))
.withMessage("jwtDecoderFactory cannot be null");
}
@Test
@@ -151,9 +151,9 @@ public class JwtClientAssertionAuthenticationProviderTests {
OAuth2ClientAuthenticationToken authentication = new OAuth2ClientAuthenticationToken(
registeredClient.getClientId() + "-invalid", JWT_CLIENT_ASSERTION_AUTHENTICATION_METHOD,
"jwt-assertion", null);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.extracting(OAuth2AuthenticationException::getError)
.satisfies((error) -> {
assertThat(error.getErrorCode()).isEqualTo(OAuth2ErrorCodes.INVALID_CLIENT);
assertThat(error.getDescription()).contains(OAuth2ParameterNames.CLIENT_ID);
@@ -168,9 +168,9 @@ public class JwtClientAssertionAuthenticationProviderTests {
OAuth2ClientAuthenticationToken authentication = new OAuth2ClientAuthenticationToken(
registeredClient.getClientId(), JWT_CLIENT_ASSERTION_AUTHENTICATION_METHOD, "jwt-assertion", null);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.extracting(OAuth2AuthenticationException::getError)
.satisfies((error) -> {
assertThat(error.getErrorCode()).isEqualTo(OAuth2ErrorCodes.INVALID_CLIENT);
assertThat(error.getDescription()).contains("authentication_method");
@@ -189,9 +189,9 @@ public class JwtClientAssertionAuthenticationProviderTests {
OAuth2ClientAuthenticationToken authentication = new OAuth2ClientAuthenticationToken(
registeredClient.getClientId(), JWT_CLIENT_ASSERTION_AUTHENTICATION_METHOD, null, null);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.extracting(OAuth2AuthenticationException::getError)
.satisfies((error) -> {
assertThat(error.getErrorCode()).isEqualTo(OAuth2ErrorCodes.INVALID_CLIENT);
assertThat(error.getDescription()).contains("credentials");
@@ -217,10 +217,10 @@ public class JwtClientAssertionAuthenticationProviderTests {
OAuth2ClientAuthenticationToken authentication = new OAuth2ClientAuthenticationToken(
registeredClient.getClientId(), JWT_CLIENT_ASSERTION_AUTHENTICATION_METHOD, "invalid-jwt-assertion",
null);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthenticationException.class)
.hasCauseInstanceOf(BadJwtException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.withCauseInstanceOf(BadJwtException.class)
.extracting(OAuth2AuthenticationException::getError)
.satisfies((error) -> {
assertThat(error.getErrorCode()).isEqualTo(OAuth2ErrorCodes.INVALID_CLIENT);
assertThat(error.getDescription()).contains(OAuth2ParameterNames.CLIENT_ASSERTION);
@@ -259,10 +259,9 @@ public class JwtClientAssertionAuthenticationProviderTests {
OAuth2ClientAuthenticationToken authentication = new OAuth2ClientAuthenticationToken(
registeredClient.getClientId(), JWT_CLIENT_ASSERTION_AUTHENTICATION_METHOD,
jwtAssertion.getTokenValue(), null);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthenticationException.class)
.hasCauseInstanceOf(JwtValidationException.class)
.extracting((ex) -> (OAuth2AuthenticationException) ex)
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.withCauseInstanceOf(JwtValidationException.class)
.satisfies((ex) -> {
assertThat(ex.getError().getErrorCode()).isEqualTo(OAuth2ErrorCodes.INVALID_CLIENT);
assertThat(ex.getError().getDescription()).contains(OAuth2ParameterNames.CLIENT_ASSERTION);
oauth2/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/authentication/JwtClientAssertionDecoderFactoryTests.java
+13 -13
View File
@@ -28,7 +28,7 @@ import org.springframework.security.oauth2.server.authorization.client.TestRegis
import org.springframework.security.oauth2.server.authorization.settings.ClientSettings;
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.assertThatThrownBy;
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
/**
* Tests for {@link JwtClientAssertionDecoderFactory}.
@@ -41,9 +41,9 @@ public class JwtClientAssertionDecoderFactoryTests {
@Test
public void setJwtValidatorFactoryWhenNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> this.jwtDecoderFactory.setJwtValidatorFactory(null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("jwtValidatorFactory cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> this.jwtDecoderFactory.setJwtValidatorFactory(null))
.withMessage("jwtValidatorFactory cannot be null");
}
@Test
@@ -59,9 +59,9 @@ public class JwtClientAssertionDecoderFactoryTests {
.build();
// @formatter:on
assertThatThrownBy(() -> this.jwtDecoderFactory.createDecoder(registeredClient))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.jwtDecoderFactory.createDecoder(registeredClient))
.extracting(OAuth2AuthenticationException::getError)
.satisfies((error) -> {
assertThat(error.getErrorCode()).isEqualTo(OAuth2ErrorCodes.INVALID_CLIENT);
assertThat(error.getDescription()).isEqualTo("Failed to find a Signature Verifier for Client: '"
@@ -83,9 +83,9 @@ public class JwtClientAssertionDecoderFactoryTests {
.build();
// @formatter:on
assertThatThrownBy(() -> this.jwtDecoderFactory.createDecoder(registeredClient))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.jwtDecoderFactory.createDecoder(registeredClient))
.extracting(OAuth2AuthenticationException::getError)
.satisfies((error) -> {
assertThat(error.getErrorCode()).isEqualTo(OAuth2ErrorCodes.INVALID_CLIENT);
assertThat(error.getDescription()).isEqualTo("Failed to find a Signature Verifier for Client: '"
@@ -101,9 +101,9 @@ public class JwtClientAssertionDecoderFactoryTests {
.build();
// @formatter:on
assertThatThrownBy(() -> this.jwtDecoderFactory.createDecoder(registeredClient))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.jwtDecoderFactory.createDecoder(registeredClient))
.extracting(OAuth2AuthenticationException::getError)
.satisfies((error) -> {
assertThat(error.getErrorCode()).isEqualTo(OAuth2ErrorCodes.INVALID_CLIENT);
assertThat(error.getDescription())
oauth2/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2AccessTokenAuthenticationContextTests.java
+6 -6
View File
@@ -27,7 +27,7 @@ import org.springframework.security.oauth2.server.authorization.client.Registere
import org.springframework.security.oauth2.server.authorization.client.TestRegisteredClients;
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.assertThatThrownBy;
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
/**
* Tests for {@link OAuth2AccessTokenAuthenticationContext}
@@ -50,9 +50,9 @@ public class OAuth2AccessTokenAuthenticationContextTests {
@Test
public void withWhenAuthenticationNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> OAuth2AccessTokenAuthenticationContext.with(null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("authentication cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> OAuth2AccessTokenAuthenticationContext.with(null))
.withMessage("authentication cannot be null");
}
@Test
@@ -60,8 +60,8 @@ public class OAuth2AccessTokenAuthenticationContextTests {
OAuth2AccessTokenAuthenticationContext.Builder builder = OAuth2AccessTokenAuthenticationContext
.with(this.accessTokenAuthenticationToken);
assertThatThrownBy(() -> builder.accessTokenResponse(null)).isInstanceOf(IllegalArgumentException.class)
.hasMessage("value cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class).isThrownBy(() -> builder.accessTokenResponse(null))
.withMessage("value cannot be null");
}
@Test
oauth2/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2AccessTokenAuthenticationTokenTests.java
+15 -16
View File
@@ -30,7 +30,7 @@ import org.springframework.security.oauth2.server.authorization.client.Registere
import org.springframework.security.oauth2.server.authorization.client.TestRegisteredClients;
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.assertThatThrownBy;
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
/**
* Tests for {@link OAuth2AccessTokenAuthenticationToken}.
@@ -54,33 +54,32 @@ public class OAuth2AccessTokenAuthenticationTokenTests {
@Test
public void constructorWhenRegisteredClientNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> new OAuth2AccessTokenAuthenticationToken(null, this.clientPrincipal, this.accessToken))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("registeredClient cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> new OAuth2AccessTokenAuthenticationToken(null, this.clientPrincipal, this.accessToken))
.withMessage("registeredClient cannot be null");
}
@Test
public void constructorWhenClientPrincipalNullThenThrowIllegalArgumentException() {
assertThatThrownBy(
() -> new OAuth2AccessTokenAuthenticationToken(this.registeredClient, null, this.accessToken))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("clientPrincipal cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> new OAuth2AccessTokenAuthenticationToken(this.registeredClient, null, this.accessToken))
.withMessage("clientPrincipal cannot be null");
}
@Test
public void constructorWhenAccessTokenNullThenThrowIllegalArgumentException() {
assertThatThrownBy(
() -> new OAuth2AccessTokenAuthenticationToken(this.registeredClient, this.clientPrincipal, null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("accessToken cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(
() -> new OAuth2AccessTokenAuthenticationToken(this.registeredClient, this.clientPrincipal, null))
.withMessage("accessToken cannot be null");
}
@Test
public void constructorWhenAdditionalParametersNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> new OAuth2AccessTokenAuthenticationToken(this.registeredClient, this.clientPrincipal,
this.accessToken, this.refreshToken, null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("additionalParameters cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> new OAuth2AccessTokenAuthenticationToken(this.registeredClient, this.clientPrincipal,
this.accessToken, this.refreshToken, null))
.withMessage("additionalParameters cannot be null");
}
@Test
oauth2/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2AuthorizationCodeAuthenticationProviderTests.java
+43 -43
View File
@@ -88,7 +88,7 @@ import org.springframework.security.oauth2.server.authorization.token.OAuth2Toke
import org.springframework.security.oauth2.server.authorization.token.OAuth2TokenGenerator;
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.assertThatThrownBy;
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
import static org.assertj.core.api.Assertions.entry;
import static org.mockito.ArgumentMatchers.any;
import static org.mockito.ArgumentMatchers.eq;
@@ -168,16 +168,16 @@ public class OAuth2AuthorizationCodeAuthenticationProviderTests {
@Test
public void constructorWhenAuthorizationServiceNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> new OAuth2AuthorizationCodeAuthenticationProvider(null, this.tokenGenerator))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("authorizationService cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> new OAuth2AuthorizationCodeAuthenticationProvider(null, this.tokenGenerator))
.withMessage("authorizationService cannot be null");
}
@Test
public void constructorWhenTokenGeneratorNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> new OAuth2AuthorizationCodeAuthenticationProvider(this.authorizationService, null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("tokenGenerator cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> new OAuth2AuthorizationCodeAuthenticationProvider(this.authorizationService, null))
.withMessage("tokenGenerator cannot be null");
}
@Test
@@ -187,9 +187,9 @@ public class OAuth2AuthorizationCodeAuthenticationProviderTests {
@Test
public void setSessionRegistryWhenNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> this.authenticationProvider.setSessionRegistry(null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("sessionRegistry cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> this.authenticationProvider.setSessionRegistry(null))
.withMessage("sessionRegistry cannot be null");
}
@Test
@@ -199,9 +199,9 @@ public class OAuth2AuthorizationCodeAuthenticationProviderTests {
registeredClient.getClientSecret());
OAuth2AuthorizationCodeAuthenticationToken authentication = new OAuth2AuthorizationCodeAuthenticationToken(
AUTHORIZATION_CODE, clientPrincipal, null, null);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.extracting(OAuth2AuthenticationException::getError)
.extracting("errorCode")
.isEqualTo(OAuth2ErrorCodes.INVALID_CLIENT);
}
@@ -214,9 +214,9 @@ public class OAuth2AuthorizationCodeAuthenticationProviderTests {
registeredClient.getClientSecret(), null);
OAuth2AuthorizationCodeAuthenticationToken authentication = new OAuth2AuthorizationCodeAuthenticationToken(
AUTHORIZATION_CODE, clientPrincipal, null, null);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.extracting(OAuth2AuthenticationException::getError)
.extracting("errorCode")
.isEqualTo(OAuth2ErrorCodes.INVALID_CLIENT);
}
@@ -228,9 +228,9 @@ public class OAuth2AuthorizationCodeAuthenticationProviderTests {
ClientAuthenticationMethod.CLIENT_SECRET_BASIC, registeredClient.getClientSecret());
OAuth2AuthorizationCodeAuthenticationToken authentication = new OAuth2AuthorizationCodeAuthenticationToken(
AUTHORIZATION_CODE, clientPrincipal, null, null);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.extracting(OAuth2AuthenticationException::getError)
.extracting("errorCode")
.isEqualTo(OAuth2ErrorCodes.INVALID_GRANT);
}
@@ -246,9 +246,9 @@ public class OAuth2AuthorizationCodeAuthenticationProviderTests {
ClientAuthenticationMethod.CLIENT_SECRET_BASIC, registeredClient.getClientSecret());
OAuth2AuthorizationCodeAuthenticationToken authentication = new OAuth2AuthorizationCodeAuthenticationToken(
AUTHORIZATION_CODE, clientPrincipal, null, null);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.extracting(OAuth2AuthenticationException::getError)
.extracting("errorCode")
.isEqualTo(OAuth2ErrorCodes.INVALID_GRANT);
@@ -273,9 +273,9 @@ public class OAuth2AuthorizationCodeAuthenticationProviderTests {
.getAttribute(OAuth2AuthorizationRequest.class.getName());
OAuth2AuthorizationCodeAuthenticationToken authentication = new OAuth2AuthorizationCodeAuthenticationToken(
AUTHORIZATION_CODE, clientPrincipal, authorizationRequest.getRedirectUri() + "-invalid", null);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.extracting(OAuth2AuthenticationException::getError)
.extracting("errorCode")
.isEqualTo(OAuth2ErrorCodes.INVALID_GRANT);
}
@@ -299,9 +299,9 @@ public class OAuth2AuthorizationCodeAuthenticationProviderTests {
OAuth2AuthorizationCodeAuthenticationToken authentication = new OAuth2AuthorizationCodeAuthenticationToken(
AUTHORIZATION_CODE, clientPrincipal, authorizationRequest.getRedirectUri(), null);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.extracting(OAuth2AuthenticationException::getError)
.extracting("errorCode")
.isEqualTo(OAuth2ErrorCodes.INVALID_GRANT);
@@ -332,9 +332,9 @@ public class OAuth2AuthorizationCodeAuthenticationProviderTests {
OAuth2AuthorizationCodeAuthenticationToken authentication = new OAuth2AuthorizationCodeAuthenticationToken(
AUTHORIZATION_CODE, clientPrincipal, authorizationRequest.getRedirectUri(), null);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.extracting(OAuth2AuthenticationException::getError)
.extracting("errorCode")
.isEqualTo(OAuth2ErrorCodes.INVALID_GRANT);
@@ -360,9 +360,9 @@ public class OAuth2AuthorizationCodeAuthenticationProviderTests {
OAuth2AuthorizationCodeAuthenticationToken authentication = new OAuth2AuthorizationCodeAuthenticationToken(
AUTHORIZATION_CODE, clientPrincipal, authorizationRequest.getRedirectUri(), null);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.extracting(OAuth2AuthenticationException::getError)
.extracting("errorCode")
.isEqualTo(OAuth2ErrorCodes.INVALID_GRANT);
}
@@ -391,9 +391,9 @@ public class OAuth2AuthorizationCodeAuthenticationProviderTests {
}
}).given(this.tokenGenerator).generate(any());
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.extracting(OAuth2AuthenticationException::getError)
.satisfies((error) -> {
assertThat(error.getErrorCode()).isEqualTo(OAuth2ErrorCodes.SERVER_ERROR);
assertThat(error.getDescription()).contains("The token generator failed to generate the access token.");
@@ -427,9 +427,9 @@ public class OAuth2AuthorizationCodeAuthenticationProviderTests {
}
}).given(this.tokenGenerator).generate(any());
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.extracting(OAuth2AuthenticationException::getError)
.satisfies((error) -> {
assertThat(error.getErrorCode()).isEqualTo(OAuth2ErrorCodes.SERVER_ERROR);
assertThat(error.getDescription())
@@ -463,9 +463,9 @@ public class OAuth2AuthorizationCodeAuthenticationProviderTests {
}
}).given(this.tokenGenerator).generate(any());
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.extracting(OAuth2AuthenticationException::getError)
.satisfies((error) -> {
assertThat(error.getErrorCode()).isEqualTo(OAuth2ErrorCodes.SERVER_ERROR);
assertThat(error.getDescription()).contains("The token generator failed to generate the ID token.");
oauth2/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2AuthorizationCodeAuthenticationTokenTests.java
+14 -15
View File
@@ -27,7 +27,7 @@ import org.springframework.security.oauth2.server.authorization.client.Registere
import org.springframework.security.oauth2.server.authorization.client.TestRegisteredClients;
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.assertThatThrownBy;
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
/**
* Tests for {@link OAuth2AuthorizationCodeAuthenticationToken}.
@@ -50,18 +50,17 @@ public class OAuth2AuthorizationCodeAuthenticationTokenTests {
@Test
public void constructorWhenCodeNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> new OAuth2AuthorizationCodeAuthenticationToken(null, this.clientPrincipal,
this.redirectUri, null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("code cannot be empty");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> new OAuth2AuthorizationCodeAuthenticationToken(null, this.clientPrincipal,
this.redirectUri, null))
.withMessage("code cannot be empty");
}
@Test
public void constructorWhenClientPrincipalNullThenThrowIllegalArgumentException() {
assertThatThrownBy(
() -> new OAuth2AuthorizationCodeAuthenticationToken(this.code, null, this.redirectUri, null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("clientPrincipal cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> new OAuth2AuthorizationCodeAuthenticationToken(this.code, null, this.redirectUri, null))
.withMessage("clientPrincipal cannot be null");
}
@Test
@@ -80,12 +79,12 @@ public class OAuth2AuthorizationCodeAuthenticationTokenTests {
public void getAdditionalParametersWhenUpdateThenThrowUnsupportedOperationException() {
OAuth2AuthorizationCodeAuthenticationToken authentication = new OAuth2AuthorizationCodeAuthenticationToken(
this.code, this.clientPrincipal, this.redirectUri, this.additionalParameters);
assertThatThrownBy(() -> authentication.getAdditionalParameters().put("another_key", 1))
.isInstanceOf(UnsupportedOperationException.class);
assertThatThrownBy(() -> authentication.getAdditionalParameters().remove("some_key"))
.isInstanceOf(UnsupportedOperationException.class);
assertThatThrownBy(() -> authentication.getAdditionalParameters().clear())
.isInstanceOf(UnsupportedOperationException.class);
assertThatExceptionOfType(UnsupportedOperationException.class)
.isThrownBy(() -> authentication.getAdditionalParameters().put("another_key", 1));
assertThatExceptionOfType(UnsupportedOperationException.class)
.isThrownBy(() -> authentication.getAdditionalParameters().remove("some_key"));
assertThatExceptionOfType(UnsupportedOperationException.class)
.isThrownBy(() -> authentication.getAdditionalParameters().clear());
}
}
oauth2/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2AuthorizationCodeRequestAuthenticationProviderTests.java
+94 -97
View File
@@ -32,6 +32,7 @@ import org.mockito.ArgumentCaptor;
import org.springframework.security.authentication.TestingAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.oauth2.core.AuthorizationGrantType;
import org.springframework.security.oauth2.core.OAuth2AuthenticationException;
import org.springframework.security.oauth2.core.OAuth2Error;
import org.springframework.security.oauth2.core.OAuth2ErrorCodes;
import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest;
@@ -57,7 +58,7 @@ import org.springframework.security.oauth2.server.authorization.token.OAuth2Toke
import org.springframework.util.StringUtils;
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.assertThatThrownBy;
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
import static org.mockito.ArgumentMatchers.any;
import static org.mockito.ArgumentMatchers.eq;
import static org.mockito.BDDMockito.given;
@@ -106,28 +107,27 @@ public class OAuth2AuthorizationCodeRequestAuthenticationProviderTests {
@Test
public void constructorWhenRegisteredClientRepositoryNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> new OAuth2AuthorizationCodeRequestAuthenticationProvider(null,
this.authorizationService, this.authorizationConsentService))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("registeredClientRepository cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> new OAuth2AuthorizationCodeRequestAuthenticationProvider(null, this.authorizationService,
this.authorizationConsentService))
.withMessage("registeredClientRepository cannot be null");
}
@Test
public void constructorWhenAuthorizationServiceNullThenThrowIllegalArgumentException() {
assertThatThrownBy(
() -> new OAuth2AuthorizationCodeRequestAuthenticationProvider(this.registeredClientRepository, null,
this.authorizationConsentService))
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> new OAuth2AuthorizationCodeRequestAuthenticationProvider(this.registeredClientRepository,
null, this.authorizationConsentService))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("authorizationService cannot be null");
.withMessage("authorizationService cannot be null");
}
@Test
public void constructorWhenAuthorizationConsentServiceNullThenThrowIllegalArgumentException() {
assertThatThrownBy(
() -> new OAuth2AuthorizationCodeRequestAuthenticationProvider(this.registeredClientRepository,
this.authorizationService, null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("authorizationConsentService cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> new OAuth2AuthorizationCodeRequestAuthenticationProvider(this.registeredClientRepository,
this.authorizationService, null))
.withMessage("authorizationConsentService cannot be null");
}
@Test
@@ -138,23 +138,24 @@ public class OAuth2AuthorizationCodeRequestAuthenticationProviderTests {
@Test
public void setAuthorizationCodeGeneratorWhenNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> this.authenticationProvider.setAuthorizationCodeGenerator(null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("authorizationCodeGenerator cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> this.authenticationProvider.setAuthorizationCodeGenerator(null))
.withMessage("authorizationCodeGenerator cannot be null");
}
@Test
public void setAuthenticationValidatorWhenNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> this.authenticationProvider.setAuthenticationValidator(null))
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> this.authenticationProvider.setAuthenticationValidator(null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("authenticationValidator cannot be null");
.withMessage("authenticationValidator cannot be null");
}
@Test
public void setAuthorizationConsentRequiredWhenNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> this.authenticationProvider.setAuthorizationConsentRequired(null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("authorizationConsentRequired cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> this.authenticationProvider.setAuthorizationConsentRequired(null))
.withMessage("authorizationConsentRequired cannot be null");
}
@Test
@@ -164,10 +165,10 @@ public class OAuth2AuthorizationCodeRequestAuthenticationProviderTests {
OAuth2AuthorizationCodeRequestAuthenticationToken authentication = new OAuth2AuthorizationCodeRequestAuthenticationToken(
AUTHORIZATION_URI, registeredClient.getClientId(), this.principal, redirectUri, STATE,
registeredClient.getScopes(), null);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthorizationCodeRequestAuthenticationException.class)
.satisfies((ex) -> assertAuthenticationException((OAuth2AuthorizationCodeRequestAuthenticationException) ex,
OAuth2ErrorCodes.INVALID_REQUEST, OAuth2ParameterNames.CLIENT_ID, null));
assertThatExceptionOfType(OAuth2AuthorizationCodeRequestAuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.satisfies((ex) -> assertAuthenticationException(ex, OAuth2ErrorCodes.INVALID_REQUEST,
OAuth2ParameterNames.CLIENT_ID, null));
}
// gh-243
@@ -179,10 +180,10 @@ public class OAuth2AuthorizationCodeRequestAuthenticationProviderTests {
OAuth2AuthorizationCodeRequestAuthenticationToken authentication = new OAuth2AuthorizationCodeRequestAuthenticationToken(
AUTHORIZATION_URI, registeredClient.getClientId(), this.principal, "https:///invalid", STATE,
registeredClient.getScopes(), null);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthorizationCodeRequestAuthenticationException.class)
.satisfies((ex) -> assertAuthenticationException((OAuth2AuthorizationCodeRequestAuthenticationException) ex,
OAuth2ErrorCodes.INVALID_REQUEST, OAuth2ParameterNames.REDIRECT_URI, null));
assertThatExceptionOfType(OAuth2AuthorizationCodeRequestAuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.satisfies((ex) -> assertAuthenticationException(ex, OAuth2ErrorCodes.INVALID_REQUEST,
OAuth2ParameterNames.REDIRECT_URI, null));
}
// gh-243
@@ -194,10 +195,10 @@ public class OAuth2AuthorizationCodeRequestAuthenticationProviderTests {
OAuth2AuthorizationCodeRequestAuthenticationToken authentication = new OAuth2AuthorizationCodeRequestAuthenticationToken(
AUTHORIZATION_URI, registeredClient.getClientId(), this.principal, "https://example.com#fragment",
STATE, registeredClient.getScopes(), null);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthorizationCodeRequestAuthenticationException.class)
.satisfies((ex) -> assertAuthenticationException((OAuth2AuthorizationCodeRequestAuthenticationException) ex,
OAuth2ErrorCodes.INVALID_REQUEST, OAuth2ParameterNames.REDIRECT_URI, null));
assertThatExceptionOfType(OAuth2AuthorizationCodeRequestAuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.satisfies((ex) -> assertAuthenticationException(ex, OAuth2ErrorCodes.INVALID_REQUEST,
OAuth2ParameterNames.REDIRECT_URI, null));
}
@Test
@@ -208,10 +209,10 @@ public class OAuth2AuthorizationCodeRequestAuthenticationProviderTests {
OAuth2AuthorizationCodeRequestAuthenticationToken authentication = new OAuth2AuthorizationCodeRequestAuthenticationToken(
AUTHORIZATION_URI, registeredClient.getClientId(), this.principal, "https://invalid-example.com", STATE,
registeredClient.getScopes(), null);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthorizationCodeRequestAuthenticationException.class)
.satisfies((ex) -> assertAuthenticationException((OAuth2AuthorizationCodeRequestAuthenticationException) ex,
OAuth2ErrorCodes.INVALID_REQUEST, OAuth2ParameterNames.REDIRECT_URI, null));
assertThatExceptionOfType(OAuth2AuthorizationCodeRequestAuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.satisfies((ex) -> assertAuthenticationException(ex, OAuth2ErrorCodes.INVALID_REQUEST,
OAuth2ParameterNames.REDIRECT_URI, null));
}
// gh-243
@@ -262,10 +263,10 @@ public class OAuth2AuthorizationCodeRequestAuthenticationProviderTests {
OAuth2AuthorizationCodeRequestAuthenticationToken authentication = new OAuth2AuthorizationCodeRequestAuthenticationToken(
AUTHORIZATION_URI, registeredClient.getClientId(), this.principal, null, STATE,
registeredClient.getScopes(), null);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthorizationCodeRequestAuthenticationException.class)
.satisfies((ex) -> assertAuthenticationException((OAuth2AuthorizationCodeRequestAuthenticationException) ex,
OAuth2ErrorCodes.INVALID_REQUEST, OAuth2ParameterNames.REDIRECT_URI, null));
assertThatExceptionOfType(OAuth2AuthorizationCodeRequestAuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.satisfies((ex) -> assertAuthenticationException(ex, OAuth2ErrorCodes.INVALID_REQUEST,
OAuth2ParameterNames.REDIRECT_URI, null));
}
@Test
@@ -277,10 +278,10 @@ public class OAuth2AuthorizationCodeRequestAuthenticationProviderTests {
OAuth2AuthorizationCodeRequestAuthenticationToken authentication = new OAuth2AuthorizationCodeRequestAuthenticationToken(
AUTHORIZATION_URI, registeredClient.getClientId(), this.principal, null, STATE,
registeredClient.getScopes(), null);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthorizationCodeRequestAuthenticationException.class)
.satisfies((ex) -> assertAuthenticationException((OAuth2AuthorizationCodeRequestAuthenticationException) ex,
OAuth2ErrorCodes.INVALID_REQUEST, OAuth2ParameterNames.REDIRECT_URI, null));
assertThatExceptionOfType(OAuth2AuthorizationCodeRequestAuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.satisfies((ex) -> assertAuthenticationException(ex, OAuth2ErrorCodes.INVALID_REQUEST,
OAuth2ParameterNames.REDIRECT_URI, null));
}
@Test
@@ -295,11 +296,10 @@ public class OAuth2AuthorizationCodeRequestAuthenticationProviderTests {
OAuth2AuthorizationCodeRequestAuthenticationToken authentication = new OAuth2AuthorizationCodeRequestAuthenticationToken(
AUTHORIZATION_URI, registeredClient.getClientId(), this.principal, redirectUri, STATE,
registeredClient.getScopes(), null);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthorizationCodeRequestAuthenticationException.class)
.satisfies((ex) -> assertAuthenticationException((OAuth2AuthorizationCodeRequestAuthenticationException) ex,
OAuth2ErrorCodes.UNAUTHORIZED_CLIENT, OAuth2ParameterNames.CLIENT_ID,
authentication.getRedirectUri()));
assertThatExceptionOfType(OAuth2AuthorizationCodeRequestAuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.satisfies((ex) -> assertAuthenticationException(ex, OAuth2ErrorCodes.UNAUTHORIZED_CLIENT,
OAuth2ParameterNames.CLIENT_ID, authentication.getRedirectUri()));
}
@Test
@@ -311,10 +311,10 @@ public class OAuth2AuthorizationCodeRequestAuthenticationProviderTests {
OAuth2AuthorizationCodeRequestAuthenticationToken authentication = new OAuth2AuthorizationCodeRequestAuthenticationToken(
AUTHORIZATION_URI, registeredClient.getClientId(), this.principal, redirectUri, STATE,
Collections.singleton("invalid-scope"), null);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthorizationCodeRequestAuthenticationException.class)
.satisfies((ex) -> assertAuthenticationException((OAuth2AuthorizationCodeRequestAuthenticationException) ex,
OAuth2ErrorCodes.INVALID_SCOPE, OAuth2ParameterNames.SCOPE, authentication.getRedirectUri()));
assertThatExceptionOfType(OAuth2AuthorizationCodeRequestAuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.satisfies((ex) -> assertAuthenticationException(ex, OAuth2ErrorCodes.INVALID_SCOPE,
OAuth2ParameterNames.SCOPE, authentication.getRedirectUri()));
}
@Test
@@ -328,11 +328,10 @@ public class OAuth2AuthorizationCodeRequestAuthenticationProviderTests {
OAuth2AuthorizationCodeRequestAuthenticationToken authentication = new OAuth2AuthorizationCodeRequestAuthenticationToken(
AUTHORIZATION_URI, registeredClient.getClientId(), this.principal, redirectUri, STATE,
registeredClient.getScopes(), null);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthorizationCodeRequestAuthenticationException.class)
.satisfies((ex) -> assertAuthenticationException((OAuth2AuthorizationCodeRequestAuthenticationException) ex,
OAuth2ErrorCodes.INVALID_REQUEST, PkceParameterNames.CODE_CHALLENGE,
authentication.getRedirectUri()));
assertThatExceptionOfType(OAuth2AuthorizationCodeRequestAuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.satisfies((ex) -> assertAuthenticationException(ex, OAuth2ErrorCodes.INVALID_REQUEST,
PkceParameterNames.CODE_CHALLENGE, authentication.getRedirectUri()));
}
@Test
@@ -347,11 +346,10 @@ public class OAuth2AuthorizationCodeRequestAuthenticationProviderTests {
OAuth2AuthorizationCodeRequestAuthenticationToken authentication = new OAuth2AuthorizationCodeRequestAuthenticationToken(
AUTHORIZATION_URI, registeredClient.getClientId(), this.principal, redirectUri, STATE,
registeredClient.getScopes(), additionalParameters);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthorizationCodeRequestAuthenticationException.class)
.satisfies((ex) -> assertAuthenticationException((OAuth2AuthorizationCodeRequestAuthenticationException) ex,
OAuth2ErrorCodes.INVALID_REQUEST, PkceParameterNames.CODE_CHALLENGE_METHOD,
authentication.getRedirectUri()));
assertThatExceptionOfType(OAuth2AuthorizationCodeRequestAuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.satisfies((ex) -> assertAuthenticationException(ex, OAuth2ErrorCodes.INVALID_REQUEST,
PkceParameterNames.CODE_CHALLENGE_METHOD, authentication.getRedirectUri()));
}
// gh-770
@@ -366,11 +364,10 @@ public class OAuth2AuthorizationCodeRequestAuthenticationProviderTests {
OAuth2AuthorizationCodeRequestAuthenticationToken authentication = new OAuth2AuthorizationCodeRequestAuthenticationToken(
AUTHORIZATION_URI, registeredClient.getClientId(), this.principal, redirectUri, STATE,
registeredClient.getScopes(), additionalParameters);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthorizationCodeRequestAuthenticationException.class)
.satisfies((ex) -> assertAuthenticationException((OAuth2AuthorizationCodeRequestAuthenticationException) ex,
OAuth2ErrorCodes.INVALID_REQUEST, PkceParameterNames.CODE_CHALLENGE_METHOD,
authentication.getRedirectUri()));
assertThatExceptionOfType(OAuth2AuthorizationCodeRequestAuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.satisfies((ex) -> assertAuthenticationException(ex, OAuth2ErrorCodes.INVALID_REQUEST,
PkceParameterNames.CODE_CHALLENGE_METHOD, authentication.getRedirectUri()));
}
@Test
@@ -402,10 +399,10 @@ public class OAuth2AuthorizationCodeRequestAuthenticationProviderTests {
OAuth2AuthorizationCodeRequestAuthenticationToken authentication = new OAuth2AuthorizationCodeRequestAuthenticationToken(
AUTHORIZATION_URI, registeredClient.getClientId(), this.principal, redirectUri, STATE,
registeredClient.getScopes(), additionalParameters);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthorizationCodeRequestAuthenticationException.class)
.satisfies((ex) -> assertAuthenticationException((OAuth2AuthorizationCodeRequestAuthenticationException) ex,
OAuth2ErrorCodes.INVALID_REQUEST, "prompt", authentication.getRedirectUri()));
assertThatExceptionOfType(OAuth2AuthorizationCodeRequestAuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.satisfies((ex) -> assertAuthenticationException(ex, OAuth2ErrorCodes.INVALID_REQUEST, "prompt",
authentication.getRedirectUri()));
}
@Test
@@ -420,10 +417,10 @@ public class OAuth2AuthorizationCodeRequestAuthenticationProviderTests {
OAuth2AuthorizationCodeRequestAuthenticationToken authentication = new OAuth2AuthorizationCodeRequestAuthenticationToken(
AUTHORIZATION_URI, registeredClient.getClientId(), this.principal, redirectUri, STATE,
registeredClient.getScopes(), additionalParameters);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthorizationCodeRequestAuthenticationException.class)
.satisfies((ex) -> assertAuthenticationException((OAuth2AuthorizationCodeRequestAuthenticationException) ex,
"login_required", "prompt", authentication.getRedirectUri()));
assertThatExceptionOfType(OAuth2AuthorizationCodeRequestAuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.satisfies((ex) -> assertAuthenticationException(ex, "login_required", "prompt",
authentication.getRedirectUri()));
}
@Test
@@ -459,10 +456,10 @@ public class OAuth2AuthorizationCodeRequestAuthenticationProviderTests {
OAuth2AuthorizationCodeRequestAuthenticationToken authentication = new OAuth2AuthorizationCodeRequestAuthenticationToken(
AUTHORIZATION_URI, registeredClient.getClientId(), this.principal, redirectUri, STATE,
registeredClient.getScopes(), additionalParameters);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthorizationCodeRequestAuthenticationException.class)
.satisfies((ex) -> assertAuthenticationException((OAuth2AuthorizationCodeRequestAuthenticationException) ex,
"consent_required", "prompt", authentication.getRedirectUri()));
assertThatExceptionOfType(OAuth2AuthorizationCodeRequestAuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.satisfies((ex) -> assertAuthenticationException(ex, "consent_required", "prompt",
authentication.getRedirectUri()));
}
@Test
@@ -655,10 +652,10 @@ public class OAuth2AuthorizationCodeRequestAuthenticationProviderTests {
AUTHORIZATION_URI, registeredClient.getClientId(), this.principal, null, null, null,
Collections.singletonMap(OAuth2ParameterNames.REQUEST_URI, "invalid_request_uri"));
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthorizationCodeRequestAuthenticationException.class)
.satisfies((ex) -> assertAuthenticationException((OAuth2AuthorizationCodeRequestAuthenticationException) ex,
OAuth2ErrorCodes.INVALID_REQUEST, OAuth2ParameterNames.REQUEST_URI, null));
assertThatExceptionOfType(OAuth2AuthorizationCodeRequestAuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.satisfies((ex) -> assertAuthenticationException(ex, OAuth2ErrorCodes.INVALID_REQUEST,
OAuth2ParameterNames.REQUEST_URI, null));
}
@Test
@@ -680,10 +677,10 @@ public class OAuth2AuthorizationCodeRequestAuthenticationProviderTests {
AUTHORIZATION_URI, anotherRegisteredClient.getClientId(), this.principal, null, null, null,
additionalParameters);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthorizationCodeRequestAuthenticationException.class)
.satisfies((ex) -> assertAuthenticationException((OAuth2AuthorizationCodeRequestAuthenticationException) ex,
OAuth2ErrorCodes.INVALID_REQUEST, OAuth2ParameterNames.CLIENT_ID, null));
assertThatExceptionOfType(OAuth2AuthorizationCodeRequestAuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.satisfies((ex) -> assertAuthenticationException(ex, OAuth2ErrorCodes.INVALID_REQUEST,
OAuth2ParameterNames.CLIENT_ID, null));
}
@Test
@@ -704,10 +701,10 @@ public class OAuth2AuthorizationCodeRequestAuthenticationProviderTests {
AUTHORIZATION_URI, registeredClient.getClientId(), this.principal, null, null, null,
additionalParameters);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthorizationCodeRequestAuthenticationException.class)
.satisfies((ex) -> assertAuthenticationException((OAuth2AuthorizationCodeRequestAuthenticationException) ex,
OAuth2ErrorCodes.INVALID_REQUEST, OAuth2ParameterNames.REQUEST_URI, null));
assertThatExceptionOfType(OAuth2AuthorizationCodeRequestAuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.satisfies((ex) -> assertAuthenticationException(ex, OAuth2ErrorCodes.INVALID_REQUEST,
OAuth2ParameterNames.REQUEST_URI, null));
verify(this.authorizationService).remove(eq(authorization));
}
@@ -726,9 +723,9 @@ public class OAuth2AuthorizationCodeRequestAuthenticationProviderTests {
AUTHORIZATION_URI, registeredClient.getClientId(), this.principal, redirectUri, STATE,
registeredClient.getScopes(), null);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthorizationCodeRequestAuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthorizationCodeRequestAuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthorizationCodeRequestAuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.extracting(OAuth2AuthenticationException::getError)
.satisfies((error) -> {
assertThat(error.getErrorCode()).isEqualTo(OAuth2ErrorCodes.SERVER_ERROR);
assertThat(error.getDescription())
oauth2/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2AuthorizationCodeRequestAuthenticationTokenTests.java
+17 -17
View File
@@ -30,7 +30,7 @@ import org.springframework.security.oauth2.server.authorization.client.Registere
import org.springframework.security.oauth2.server.authorization.client.TestRegisteredClients;
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.assertThatThrownBy;
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
/**
* Tests for {@link OAuth2AuthorizationCodeRequestAuthenticationToken}.
@@ -51,34 +51,34 @@ public class OAuth2AuthorizationCodeRequestAuthenticationTokenTests {
@Test
public void constructorWhenAuthorizationUriNotProvidedThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> new OAuth2AuthorizationCodeRequestAuthenticationToken(null,
REGISTERED_CLIENT.getClientId(), PRINCIPAL, null, null, (Set<String>) null, null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("authorizationUri cannot be empty");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> new OAuth2AuthorizationCodeRequestAuthenticationToken(null,
REGISTERED_CLIENT.getClientId(), PRINCIPAL, null, null, (Set<String>) null, null))
.withMessage("authorizationUri cannot be empty");
}
@Test
public void constructorWhenClientIdNotProvidedThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> new OAuth2AuthorizationCodeRequestAuthenticationToken(AUTHORIZATION_URI, null,
PRINCIPAL, null, null, (Set<String>) null, null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("clientId cannot be empty");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> new OAuth2AuthorizationCodeRequestAuthenticationToken(AUTHORIZATION_URI, null, PRINCIPAL,
null, null, (Set<String>) null, null))
.withMessage("clientId cannot be empty");
}
@Test
public void constructorWhenPrincipalNotProvidedThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> new OAuth2AuthorizationCodeRequestAuthenticationToken(AUTHORIZATION_URI,
REGISTERED_CLIENT.getClientId(), null, null, null, (Set<String>) null, null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("principal cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> new OAuth2AuthorizationCodeRequestAuthenticationToken(AUTHORIZATION_URI,
REGISTERED_CLIENT.getClientId(), null, null, null, (Set<String>) null, null))
.withMessage("principal cannot be null");
}
@Test
public void constructorWhenAuthorizationCodeNotProvidedThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> new OAuth2AuthorizationCodeRequestAuthenticationToken(AUTHORIZATION_URI,
REGISTERED_CLIENT.getClientId(), PRINCIPAL, null, null, null, (Set<String>) null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("authorizationCode cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> new OAuth2AuthorizationCodeRequestAuthenticationToken(AUTHORIZATION_URI,
REGISTERED_CLIENT.getClientId(), PRINCIPAL, null, null, null, (Set<String>) null))
.withMessage("authorizationCode cannot be null");
}
@Test
oauth2/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2AuthorizationConsentAuthenticationContextTests.java
+17 -17
View File
@@ -29,7 +29,7 @@ import org.springframework.security.oauth2.server.authorization.client.Registere
import org.springframework.security.oauth2.server.authorization.client.TestRegisteredClients;
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.assertThatThrownBy;
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
/**
* Tests for {@link OAuth2AuthorizationConsentAuthenticationContext}.
@@ -58,9 +58,9 @@ public class OAuth2AuthorizationConsentAuthenticationContextTests {
@Test
public void withWhenAuthenticationNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> OAuth2AuthorizationConsentAuthenticationContext.with(null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("authentication cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> OAuth2AuthorizationConsentAuthenticationContext.with(null))
.withMessage("authentication cannot be null");
}
@Test
@@ -68,11 +68,11 @@ public class OAuth2AuthorizationConsentAuthenticationContextTests {
OAuth2AuthorizationConsentAuthenticationContext.Builder builder = OAuth2AuthorizationConsentAuthenticationContext
.with(this.authorizationConsentAuthentication);
assertThatThrownBy(() -> builder.authorizationConsent(null)).isInstanceOf(IllegalArgumentException.class);
assertThatThrownBy(() -> builder.registeredClient(null)).isInstanceOf(IllegalArgumentException.class);
assertThatThrownBy(() -> builder.authorization(null)).isInstanceOf(IllegalArgumentException.class);
assertThatThrownBy(() -> builder.authorizationRequest(null)).isInstanceOf(IllegalArgumentException.class);
assertThatThrownBy(() -> builder.put(null, "")).isInstanceOf(IllegalArgumentException.class);
assertThatExceptionOfType(IllegalArgumentException.class).isThrownBy(() -> builder.authorizationConsent(null));
assertThatExceptionOfType(IllegalArgumentException.class).isThrownBy(() -> builder.registeredClient(null));
assertThatExceptionOfType(IllegalArgumentException.class).isThrownBy(() -> builder.authorization(null));
assertThatExceptionOfType(IllegalArgumentException.class).isThrownBy(() -> builder.authorizationRequest(null));
assertThatExceptionOfType(IllegalArgumentException.class).isThrownBy(() -> builder.put(null, ""));
}
@Test
@@ -80,20 +80,20 @@ public class OAuth2AuthorizationConsentAuthenticationContextTests {
OAuth2AuthorizationConsentAuthenticationContext.Builder builder = OAuth2AuthorizationConsentAuthenticationContext
.with(this.authorizationConsentAuthentication);
assertThatThrownBy(builder::build).isInstanceOf(IllegalArgumentException.class)
.hasMessage("authorizationConsentBuilder cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class).isThrownBy(builder::build)
.withMessage("authorizationConsentBuilder cannot be null");
builder.authorizationConsent(this.authorizationConsentBuilder);
assertThatThrownBy(builder::build).isInstanceOf(IllegalArgumentException.class)
.hasMessage("registeredClient cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class).isThrownBy(builder::build)
.withMessage("registeredClient cannot be null");
builder.registeredClient(this.registeredClient);
assertThatThrownBy(builder::build).isInstanceOf(IllegalArgumentException.class)
.hasMessage("authorization cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class).isThrownBy(builder::build)
.withMessage("authorization cannot be null");
builder.authorization(this.authorization);
assertThatThrownBy(builder::build).isInstanceOf(IllegalArgumentException.class)
.hasMessage("authorizationRequest cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class).isThrownBy(builder::build)
.withMessage("authorizationRequest cannot be null");
builder.authorizationRequest(this.authorizationRequest);
builder.build();
oauth2/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2AuthorizationConsentAuthenticationProviderTests.java
+51 -53
View File
@@ -47,7 +47,7 @@ import org.springframework.security.oauth2.server.authorization.context.TestAuth
import org.springframework.security.oauth2.server.authorization.settings.AuthorizationServerSettings;
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.assertThatThrownBy;
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
import static org.mockito.ArgumentMatchers.any;
import static org.mockito.ArgumentMatchers.eq;
import static org.mockito.BDDMockito.given;
@@ -97,26 +97,26 @@ public class OAuth2AuthorizationConsentAuthenticationProviderTests {
@Test
public void constructorWhenRegisteredClientRepositoryNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> new OAuth2AuthorizationConsentAuthenticationProvider(null, this.authorizationService,
this.authorizationConsentService))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("registeredClientRepository cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> new OAuth2AuthorizationConsentAuthenticationProvider(null, this.authorizationService,
this.authorizationConsentService))
.withMessage("registeredClientRepository cannot be null");
}
@Test
public void constructorWhenAuthorizationServiceNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> new OAuth2AuthorizationConsentAuthenticationProvider(this.registeredClientRepository,
null, this.authorizationConsentService))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("authorizationService cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> new OAuth2AuthorizationConsentAuthenticationProvider(this.registeredClientRepository,
null, this.authorizationConsentService))
.withMessage("authorizationService cannot be null");
}
@Test
public void constructorWhenAuthorizationConsentServiceNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> new OAuth2AuthorizationConsentAuthenticationProvider(this.registeredClientRepository,
this.authorizationService, null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("authorizationConsentService cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> new OAuth2AuthorizationConsentAuthenticationProvider(this.registeredClientRepository,
this.authorizationService, null))
.withMessage("authorizationConsentService cannot be null");
}
@Test
@@ -126,16 +126,16 @@ public class OAuth2AuthorizationConsentAuthenticationProviderTests {
@Test
public void setAuthorizationCodeGeneratorWhenNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> this.authenticationProvider.setAuthorizationCodeGenerator(null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("authorizationCodeGenerator cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> this.authenticationProvider.setAuthorizationCodeGenerator(null))
.withMessage("authorizationCodeGenerator cannot be null");
}
@Test
public void setAuthorizationConsentCustomizerWhenNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> this.authenticationProvider.setAuthorizationConsentCustomizer(null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("authorizationConsentCustomizer cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> this.authenticationProvider.setAuthorizationConsentCustomizer(null))
.withMessage("authorizationConsentCustomizer cannot be null");
}
@Test
@@ -147,10 +147,10 @@ public class OAuth2AuthorizationConsentAuthenticationProviderTests {
given(this.authorizationService.findByToken(eq(authentication.getState()), eq(STATE_TOKEN_TYPE)))
.willReturn(null);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthorizationCodeRequestAuthenticationException.class)
.satisfies((ex) -> assertAuthenticationException((OAuth2AuthorizationCodeRequestAuthenticationException) ex,
OAuth2ErrorCodes.INVALID_REQUEST, OAuth2ParameterNames.STATE, null));
assertThatExceptionOfType(OAuth2AuthorizationCodeRequestAuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.satisfies((ex) -> assertAuthenticationException(ex, OAuth2ErrorCodes.INVALID_REQUEST,
OAuth2ParameterNames.STATE, null));
}
@Test
@@ -166,10 +166,10 @@ public class OAuth2AuthorizationConsentAuthenticationProviderTests {
.willReturn(authorization);
this.principal.setAuthenticated(false);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthorizationCodeRequestAuthenticationException.class)
.satisfies((ex) -> assertAuthenticationException((OAuth2AuthorizationCodeRequestAuthenticationException) ex,
OAuth2ErrorCodes.INVALID_REQUEST, OAuth2ParameterNames.STATE, null));
assertThatExceptionOfType(OAuth2AuthorizationCodeRequestAuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.satisfies((ex) -> assertAuthenticationException(ex, OAuth2ErrorCodes.INVALID_REQUEST,
OAuth2ParameterNames.STATE, null));
}
@Test
@@ -184,10 +184,10 @@ public class OAuth2AuthorizationConsentAuthenticationProviderTests {
given(this.authorizationService.findByToken(eq(authentication.getState()), eq(STATE_TOKEN_TYPE)))
.willReturn(authorization);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthorizationCodeRequestAuthenticationException.class)
.satisfies((ex) -> assertAuthenticationException((OAuth2AuthorizationCodeRequestAuthenticationException) ex,
OAuth2ErrorCodes.INVALID_REQUEST, OAuth2ParameterNames.STATE, null));
assertThatExceptionOfType(OAuth2AuthorizationCodeRequestAuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.satisfies((ex) -> assertAuthenticationException(ex, OAuth2ErrorCodes.INVALID_REQUEST,
OAuth2ParameterNames.STATE, null));
}
@Test
@@ -202,10 +202,10 @@ public class OAuth2AuthorizationConsentAuthenticationProviderTests {
AUTHORIZATION_URI, otherRegisteredClient.getClientId(), this.principal, STATE,
registeredClient.getScopes(), null);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthorizationCodeRequestAuthenticationException.class)
.satisfies((ex) -> assertAuthenticationException((OAuth2AuthorizationCodeRequestAuthenticationException) ex,
OAuth2ErrorCodes.INVALID_REQUEST, OAuth2ParameterNames.CLIENT_ID, null));
assertThatExceptionOfType(OAuth2AuthorizationCodeRequestAuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.satisfies((ex) -> assertAuthenticationException(ex, OAuth2ErrorCodes.INVALID_REQUEST,
OAuth2ParameterNames.CLIENT_ID, null));
}
@Test
@@ -222,10 +222,10 @@ public class OAuth2AuthorizationConsentAuthenticationProviderTests {
AUTHORIZATION_URI, registeredClient.getClientId(), this.principal, STATE, registeredClient.getScopes(),
null);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthorizationCodeRequestAuthenticationException.class)
.satisfies((ex) -> assertAuthenticationException((OAuth2AuthorizationCodeRequestAuthenticationException) ex,
OAuth2ErrorCodes.INVALID_REQUEST, OAuth2ParameterNames.CLIENT_ID, null));
assertThatExceptionOfType(OAuth2AuthorizationCodeRequestAuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.satisfies((ex) -> assertAuthenticationException(ex, OAuth2ErrorCodes.INVALID_REQUEST,
OAuth2ParameterNames.CLIENT_ID, null));
}
@Test
@@ -245,10 +245,10 @@ public class OAuth2AuthorizationConsentAuthenticationProviderTests {
given(this.authorizationService.findByToken(eq(authentication.getState()), eq(STATE_TOKEN_TYPE)))
.willReturn(authorization);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthorizationCodeRequestAuthenticationException.class)
.satisfies((ex) -> assertAuthenticationException((OAuth2AuthorizationCodeRequestAuthenticationException) ex,
OAuth2ErrorCodes.INVALID_SCOPE, OAuth2ParameterNames.SCOPE, authorizationRequest.getRedirectUri()));
assertThatExceptionOfType(OAuth2AuthorizationCodeRequestAuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.satisfies((ex) -> assertAuthenticationException(ex, OAuth2ErrorCodes.INVALID_SCOPE,
OAuth2ParameterNames.SCOPE, authorizationRequest.getRedirectUri()));
}
@Test
@@ -269,11 +269,10 @@ public class OAuth2AuthorizationConsentAuthenticationProviderTests {
OAuth2AuthorizationRequest authorizationRequest = authorization
.getAttribute(OAuth2AuthorizationRequest.class.getName());
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthorizationCodeRequestAuthenticationException.class)
.satisfies((ex) -> assertAuthenticationException((OAuth2AuthorizationCodeRequestAuthenticationException) ex,
OAuth2ErrorCodes.ACCESS_DENIED, OAuth2ParameterNames.CLIENT_ID,
authorizationRequest.getRedirectUri()));
assertThatExceptionOfType(OAuth2AuthorizationCodeRequestAuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.satisfies((ex) -> assertAuthenticationException(ex, OAuth2ErrorCodes.ACCESS_DENIED,
OAuth2ParameterNames.CLIENT_ID, authorizationRequest.getRedirectUri()));
verify(this.authorizationService).remove(eq(authorization));
}
@@ -423,11 +422,10 @@ public class OAuth2AuthorizationConsentAuthenticationProviderTests {
(authorizationConsentContext) -> authorizationConsentContext.getAuthorizationConsent()
.authorities(Set::clear));
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthorizationCodeRequestAuthenticationException.class)
.satisfies((ex) -> assertAuthenticationException((OAuth2AuthorizationCodeRequestAuthenticationException) ex,
OAuth2ErrorCodes.ACCESS_DENIED, OAuth2ParameterNames.CLIENT_ID,
authorizationRequest.getRedirectUri()));
assertThatExceptionOfType(OAuth2AuthorizationCodeRequestAuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.satisfies((ex) -> assertAuthenticationException(ex, OAuth2ErrorCodes.ACCESS_DENIED,
OAuth2ParameterNames.CLIENT_ID, authorizationRequest.getRedirectUri()));
verify(this.authorizationConsentService).remove(eq(previousAuthorizationConsent));
verify(this.authorizationService).remove(eq(authorization));
oauth2/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2ClientAuthenticationTokenTests.java
+12 -12
View File
@@ -23,7 +23,7 @@ import org.springframework.security.oauth2.server.authorization.client.Registere
import org.springframework.security.oauth2.server.authorization.client.TestRegisteredClients;
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.assertThatThrownBy;
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
/**
* Tests for {@link OAuth2ClientAuthenticationToken}.
@@ -35,25 +35,25 @@ public class OAuth2ClientAuthenticationTokenTests {
@Test
public void constructorWhenClientIdNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> new OAuth2ClientAuthenticationToken(null,
ClientAuthenticationMethod.CLIENT_SECRET_BASIC, "secret", null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("clientId cannot be empty");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> new OAuth2ClientAuthenticationToken(null, ClientAuthenticationMethod.CLIENT_SECRET_BASIC,
"secret", null))
.withMessage("clientId cannot be empty");
}
@Test
public void constructorWhenClientAuthenticationMethodNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> new OAuth2ClientAuthenticationToken("clientId", null, "clientSecret", null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("clientAuthenticationMethod cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> new OAuth2ClientAuthenticationToken("clientId", null, "clientSecret", null))
.withMessage("clientAuthenticationMethod cannot be null");
}
@Test
public void constructorWhenRegisteredClientNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> new OAuth2ClientAuthenticationToken(null,
ClientAuthenticationMethod.CLIENT_SECRET_BASIC, "clientSecret"))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("registeredClient cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> new OAuth2ClientAuthenticationToken(null, ClientAuthenticationMethod.CLIENT_SECRET_BASIC,
"clientSecret"))
.withMessage("registeredClient cannot be null");
}
@Test
oauth2/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2ClientCredentialsAuthenticationProviderTests.java
+25 -25
View File
@@ -70,7 +70,7 @@ import org.springframework.security.oauth2.server.authorization.token.OAuth2Toke
import org.springframework.security.oauth2.server.authorization.token.OAuth2TokenGenerator;
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.assertThatThrownBy;
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
import static org.mockito.ArgumentMatchers.any;
import static org.mockito.BDDMockito.given;
import static org.mockito.Mockito.doReturn;
@@ -137,16 +137,16 @@ public class OAuth2ClientCredentialsAuthenticationProviderTests {
@Test
public void constructorWhenAuthorizationServiceNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> new OAuth2ClientCredentialsAuthenticationProvider(null, this.tokenGenerator))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("authorizationService cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> new OAuth2ClientCredentialsAuthenticationProvider(null, this.tokenGenerator))
.withMessage("authorizationService cannot be null");
}
@Test
public void constructorWhenTokenGeneratorNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> new OAuth2ClientCredentialsAuthenticationProvider(this.authorizationService, null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("tokenGenerator cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> new OAuth2ClientCredentialsAuthenticationProvider(this.authorizationService, null))
.withMessage("tokenGenerator cannot be null");
}
@Test
@@ -161,9 +161,9 @@ public class OAuth2ClientCredentialsAuthenticationProviderTests {
@Test
public void setAuthenticationValidatorWhenNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> this.authenticationProvider.setAuthenticationValidator(null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("authenticationValidator cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> this.authenticationProvider.setAuthenticationValidator(null))
.withMessage("authenticationValidator cannot be null");
}
@Test
@@ -174,9 +174,9 @@ public class OAuth2ClientCredentialsAuthenticationProviderTests {
OAuth2ClientCredentialsAuthenticationToken authentication = new OAuth2ClientCredentialsAuthenticationToken(
clientPrincipal, null, null);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.extracting(OAuth2AuthenticationException::getError)
.extracting("errorCode")
.isEqualTo(OAuth2ErrorCodes.INVALID_CLIENT);
}
@@ -190,9 +190,9 @@ public class OAuth2ClientCredentialsAuthenticationProviderTests {
OAuth2ClientCredentialsAuthenticationToken authentication = new OAuth2ClientCredentialsAuthenticationToken(
clientPrincipal, null, null);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.extracting(OAuth2AuthenticationException::getError)
.extracting("errorCode")
.isEqualTo(OAuth2ErrorCodes.INVALID_CLIENT);
}
@@ -207,9 +207,9 @@ public class OAuth2ClientCredentialsAuthenticationProviderTests {
OAuth2ClientCredentialsAuthenticationToken authentication = new OAuth2ClientCredentialsAuthenticationToken(
clientPrincipal, null, null);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.extracting(OAuth2AuthenticationException::getError)
.extracting("errorCode")
.isEqualTo(OAuth2ErrorCodes.UNAUTHORIZED_CLIENT);
}
@@ -222,9 +222,9 @@ public class OAuth2ClientCredentialsAuthenticationProviderTests {
OAuth2ClientCredentialsAuthenticationToken authentication = new OAuth2ClientCredentialsAuthenticationToken(
clientPrincipal, Collections.singleton("invalid-scope"), null);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.extracting(OAuth2AuthenticationException::getError)
.extracting("errorCode")
.isEqualTo(OAuth2ErrorCodes.INVALID_SCOPE);
}
@@ -270,9 +270,9 @@ public class OAuth2ClientCredentialsAuthenticationProviderTests {
doReturn(null).when(this.tokenGenerator).generate(any());
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.extracting(OAuth2AuthenticationException::getError)
.satisfies((error) -> {
assertThat(error.getErrorCode()).isEqualTo(OAuth2ErrorCodes.SERVER_ERROR);
assertThat(error.getDescription()).contains("The token generator failed to generate the access token.");
oauth2/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2ClientCredentialsAuthenticationTokenTests.java
+5 -5
View File
@@ -28,7 +28,7 @@ import org.springframework.security.oauth2.server.authorization.client.Registere
import org.springframework.security.oauth2.server.authorization.client.TestRegisteredClients;
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.assertThatThrownBy;
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
/**
* Tests for {@link OAuth2ClientCredentialsAuthenticationToken}.
@@ -49,10 +49,10 @@ public class OAuth2ClientCredentialsAuthenticationTokenTests {
@Test
public void constructorWhenClientPrincipalNullThenThrowIllegalArgumentException() {
assertThatThrownBy(
() -> new OAuth2ClientCredentialsAuthenticationToken(null, this.scopes, this.additionalParameters))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("clientPrincipal cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(
() -> new OAuth2ClientCredentialsAuthenticationToken(null, this.scopes, this.additionalParameters))
.withMessage("clientPrincipal cannot be null");
}
@Test
oauth2/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2PushedAuthorizationRequestAuthenticationProviderTests.java
+50 -55
View File
@@ -44,7 +44,6 @@ import org.springframework.security.oauth2.server.authorization.settings.ClientS
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
import static org.assertj.core.api.Assertions.assertThatThrownBy;
import static org.mockito.ArgumentMatchers.any;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.verify;
@@ -73,9 +72,9 @@ public class OAuth2PushedAuthorizationRequestAuthenticationProviderTests {
@Test
public void constructorWhenAuthorizationServiceNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> new OAuth2PushedAuthorizationRequestAuthenticationProvider(null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("authorizationService cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> new OAuth2PushedAuthorizationRequestAuthenticationProvider(null))
.withMessage("authorizationService cannot be null");
}
@Test
@@ -86,9 +85,9 @@ public class OAuth2PushedAuthorizationRequestAuthenticationProviderTests {
@Test
public void setAuthenticationValidatorWhenNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> this.authenticationProvider.setAuthenticationValidator(null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("authenticationValidator cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> this.authenticationProvider.setAuthenticationValidator(null))
.withMessage("authenticationValidator cannot be null");
}
@Test
@@ -121,11 +120,10 @@ public class OAuth2PushedAuthorizationRequestAuthenticationProviderTests {
OAuth2PushedAuthorizationRequestAuthenticationToken authentication = new OAuth2PushedAuthorizationRequestAuthenticationToken(
AUTHORIZATION_URI, registeredClient.getClientId(), clientPrincipal, redirectUri, null,
registeredClient.getScopes(), null);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthorizationCodeRequestAuthenticationException.class)
.satisfies((ex) -> assertAuthenticationException((OAuth2AuthorizationCodeRequestAuthenticationException) ex,
OAuth2ErrorCodes.UNAUTHORIZED_CLIENT, OAuth2ParameterNames.CLIENT_ID,
authentication.getRedirectUri()));
assertThatExceptionOfType(OAuth2AuthorizationCodeRequestAuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.satisfies((ex) -> assertAuthenticationException(ex, OAuth2ErrorCodes.UNAUTHORIZED_CLIENT,
OAuth2ParameterNames.CLIENT_ID, authentication.getRedirectUri()));
}
@Test
@@ -136,10 +134,10 @@ public class OAuth2PushedAuthorizationRequestAuthenticationProviderTests {
OAuth2PushedAuthorizationRequestAuthenticationToken authentication = new OAuth2PushedAuthorizationRequestAuthenticationToken(
AUTHORIZATION_URI, registeredClient.getClientId(), clientPrincipal, "https:///invalid", STATE,
registeredClient.getScopes(), null);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthorizationCodeRequestAuthenticationException.class)
.satisfies((ex) -> assertAuthenticationException((OAuth2AuthorizationCodeRequestAuthenticationException) ex,
OAuth2ErrorCodes.INVALID_REQUEST, OAuth2ParameterNames.REDIRECT_URI, null));
assertThatExceptionOfType(OAuth2AuthorizationCodeRequestAuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.satisfies((ex) -> assertAuthenticationException(ex, OAuth2ErrorCodes.INVALID_REQUEST,
OAuth2ParameterNames.REDIRECT_URI, null));
}
@Test
@@ -150,10 +148,10 @@ public class OAuth2PushedAuthorizationRequestAuthenticationProviderTests {
OAuth2PushedAuthorizationRequestAuthenticationToken authentication = new OAuth2PushedAuthorizationRequestAuthenticationToken(
AUTHORIZATION_URI, registeredClient.getClientId(), clientPrincipal, "https://example.com#fragment",
STATE, registeredClient.getScopes(), null);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthorizationCodeRequestAuthenticationException.class)
.satisfies((ex) -> assertAuthenticationException((OAuth2AuthorizationCodeRequestAuthenticationException) ex,
OAuth2ErrorCodes.INVALID_REQUEST, OAuth2ParameterNames.REDIRECT_URI, null));
assertThatExceptionOfType(OAuth2AuthorizationCodeRequestAuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.satisfies((ex) -> assertAuthenticationException(ex, OAuth2ErrorCodes.INVALID_REQUEST,
OAuth2ParameterNames.REDIRECT_URI, null));
}
@Test
@@ -164,10 +162,10 @@ public class OAuth2PushedAuthorizationRequestAuthenticationProviderTests {
OAuth2PushedAuthorizationRequestAuthenticationToken authentication = new OAuth2PushedAuthorizationRequestAuthenticationToken(
AUTHORIZATION_URI, registeredClient.getClientId(), clientPrincipal, "https://invalid-example.com",
STATE, registeredClient.getScopes(), null);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthorizationCodeRequestAuthenticationException.class)
.satisfies((ex) -> assertAuthenticationException((OAuth2AuthorizationCodeRequestAuthenticationException) ex,
OAuth2ErrorCodes.INVALID_REQUEST, OAuth2ParameterNames.REDIRECT_URI, null));
assertThatExceptionOfType(OAuth2AuthorizationCodeRequestAuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.satisfies((ex) -> assertAuthenticationException(ex, OAuth2ErrorCodes.INVALID_REQUEST,
OAuth2ParameterNames.REDIRECT_URI, null));
}
@Test
@@ -210,10 +208,10 @@ public class OAuth2PushedAuthorizationRequestAuthenticationProviderTests {
OAuth2PushedAuthorizationRequestAuthenticationToken authentication = new OAuth2PushedAuthorizationRequestAuthenticationToken(
AUTHORIZATION_URI, registeredClient.getClientId(), clientPrincipal, null, STATE,
registeredClient.getScopes(), null);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthorizationCodeRequestAuthenticationException.class)
.satisfies((ex) -> assertAuthenticationException((OAuth2AuthorizationCodeRequestAuthenticationException) ex,
OAuth2ErrorCodes.INVALID_REQUEST, OAuth2ParameterNames.REDIRECT_URI, null));
assertThatExceptionOfType(OAuth2AuthorizationCodeRequestAuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.satisfies((ex) -> assertAuthenticationException(ex, OAuth2ErrorCodes.INVALID_REQUEST,
OAuth2ParameterNames.REDIRECT_URI, null));
}
@Test
@@ -225,10 +223,10 @@ public class OAuth2PushedAuthorizationRequestAuthenticationProviderTests {
OAuth2PushedAuthorizationRequestAuthenticationToken authentication = new OAuth2PushedAuthorizationRequestAuthenticationToken(
AUTHORIZATION_URI, registeredClient.getClientId(), clientPrincipal, null, STATE,
registeredClient.getScopes(), null);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthorizationCodeRequestAuthenticationException.class)
.satisfies((ex) -> assertAuthenticationException((OAuth2AuthorizationCodeRequestAuthenticationException) ex,
OAuth2ErrorCodes.INVALID_REQUEST, OAuth2ParameterNames.REDIRECT_URI, null));
assertThatExceptionOfType(OAuth2AuthorizationCodeRequestAuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.satisfies((ex) -> assertAuthenticationException(ex, OAuth2ErrorCodes.INVALID_REQUEST,
OAuth2ParameterNames.REDIRECT_URI, null));
}
@Test
@@ -240,10 +238,10 @@ public class OAuth2PushedAuthorizationRequestAuthenticationProviderTests {
OAuth2PushedAuthorizationRequestAuthenticationToken authentication = new OAuth2PushedAuthorizationRequestAuthenticationToken(
AUTHORIZATION_URI, registeredClient.getClientId(), clientPrincipal, redirectUri, STATE,
Collections.singleton("invalid-scope"), null);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthorizationCodeRequestAuthenticationException.class)
.satisfies((ex) -> assertAuthenticationException((OAuth2AuthorizationCodeRequestAuthenticationException) ex,
OAuth2ErrorCodes.INVALID_SCOPE, OAuth2ParameterNames.SCOPE, authentication.getRedirectUri()));
assertThatExceptionOfType(OAuth2AuthorizationCodeRequestAuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.satisfies((ex) -> assertAuthenticationException(ex, OAuth2ErrorCodes.INVALID_SCOPE,
OAuth2ParameterNames.SCOPE, authentication.getRedirectUri()));
}
@Test
@@ -257,11 +255,10 @@ public class OAuth2PushedAuthorizationRequestAuthenticationProviderTests {
OAuth2PushedAuthorizationRequestAuthenticationToken authentication = new OAuth2PushedAuthorizationRequestAuthenticationToken(
AUTHORIZATION_URI, registeredClient.getClientId(), clientPrincipal, redirectUri, STATE,
registeredClient.getScopes(), null);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthorizationCodeRequestAuthenticationException.class)
.satisfies((ex) -> assertAuthenticationException((OAuth2AuthorizationCodeRequestAuthenticationException) ex,
OAuth2ErrorCodes.INVALID_REQUEST, PkceParameterNames.CODE_CHALLENGE,
authentication.getRedirectUri()));
assertThatExceptionOfType(OAuth2AuthorizationCodeRequestAuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.satisfies((ex) -> assertAuthenticationException(ex, OAuth2ErrorCodes.INVALID_REQUEST,
PkceParameterNames.CODE_CHALLENGE, authentication.getRedirectUri()));
}
@Test
@@ -276,11 +273,10 @@ public class OAuth2PushedAuthorizationRequestAuthenticationProviderTests {
OAuth2PushedAuthorizationRequestAuthenticationToken authentication = new OAuth2PushedAuthorizationRequestAuthenticationToken(
AUTHORIZATION_URI, registeredClient.getClientId(), clientPrincipal, redirectUri, STATE,
registeredClient.getScopes(), additionalParameters);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthorizationCodeRequestAuthenticationException.class)
.satisfies((ex) -> assertAuthenticationException((OAuth2AuthorizationCodeRequestAuthenticationException) ex,
OAuth2ErrorCodes.INVALID_REQUEST, PkceParameterNames.CODE_CHALLENGE_METHOD,
authentication.getRedirectUri()));
assertThatExceptionOfType(OAuth2AuthorizationCodeRequestAuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.satisfies((ex) -> assertAuthenticationException(ex, OAuth2ErrorCodes.INVALID_REQUEST,
PkceParameterNames.CODE_CHALLENGE_METHOD, authentication.getRedirectUri()));
}
@Test
@@ -294,11 +290,10 @@ public class OAuth2PushedAuthorizationRequestAuthenticationProviderTests {
OAuth2PushedAuthorizationRequestAuthenticationToken authentication = new OAuth2PushedAuthorizationRequestAuthenticationToken(
AUTHORIZATION_URI, registeredClient.getClientId(), clientPrincipal, redirectUri, STATE,
registeredClient.getScopes(), additionalParameters);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthorizationCodeRequestAuthenticationException.class)
.satisfies((ex) -> assertAuthenticationException((OAuth2AuthorizationCodeRequestAuthenticationException) ex,
OAuth2ErrorCodes.INVALID_REQUEST, PkceParameterNames.CODE_CHALLENGE_METHOD,
authentication.getRedirectUri()));
assertThatExceptionOfType(OAuth2AuthorizationCodeRequestAuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.satisfies((ex) -> assertAuthenticationException(ex, OAuth2ErrorCodes.INVALID_REQUEST,
PkceParameterNames.CODE_CHALLENGE_METHOD, authentication.getRedirectUri()));
}
@Test
@@ -330,10 +325,10 @@ public class OAuth2PushedAuthorizationRequestAuthenticationProviderTests {
OAuth2PushedAuthorizationRequestAuthenticationToken authentication = new OAuth2PushedAuthorizationRequestAuthenticationToken(
AUTHORIZATION_URI, registeredClient.getClientId(), clientPrincipal, redirectUri, STATE,
registeredClient.getScopes(), additionalParameters);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthorizationCodeRequestAuthenticationException.class)
.satisfies((ex) -> assertAuthenticationException((OAuth2AuthorizationCodeRequestAuthenticationException) ex,
OAuth2ErrorCodes.INVALID_REQUEST, "prompt", authentication.getRedirectUri()));
assertThatExceptionOfType(OAuth2AuthorizationCodeRequestAuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.satisfies((ex) -> assertAuthenticationException(ex, OAuth2ErrorCodes.INVALID_REQUEST, "prompt",
authentication.getRedirectUri()));
}
@Test
oauth2/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2RefreshTokenAuthenticationProviderTests.java
+39 -39
View File
@@ -80,7 +80,7 @@ import org.springframework.security.oauth2.server.authorization.token.OAuth2Toke
import org.springframework.security.oauth2.server.authorization.token.OAuth2TokenGenerator;
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.assertThatThrownBy;
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
import static org.assertj.core.api.Assertions.entry;
import static org.mockito.ArgumentMatchers.any;
import static org.mockito.ArgumentMatchers.eq;
@@ -154,17 +154,17 @@ public class OAuth2RefreshTokenAuthenticationProviderTests {
@Test
public void constructorWhenAuthorizationServiceNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> new OAuth2RefreshTokenAuthenticationProvider(null, this.tokenGenerator))
.isInstanceOf(IllegalArgumentException.class)
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> new OAuth2RefreshTokenAuthenticationProvider(null, this.tokenGenerator))
.extracting(Throwable::getMessage)
.isEqualTo("authorizationService cannot be null");
}
@Test
public void constructorWhenTokenGeneratorNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> new OAuth2RefreshTokenAuthenticationProvider(this.authorizationService, null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("tokenGenerator cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> new OAuth2RefreshTokenAuthenticationProvider(this.authorizationService, null))
.withMessage("tokenGenerator cannot be null");
}
@Test
@@ -391,9 +391,9 @@ public class OAuth2RefreshTokenAuthenticationProviderTests {
OAuth2RefreshTokenAuthenticationToken authentication = new OAuth2RefreshTokenAuthenticationToken(
authorization.getRefreshToken().getToken().getTokenValue(), clientPrincipal, requestedScopes, null);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.extracting(OAuth2AuthenticationException::getError)
.extracting("errorCode")
.isEqualTo(OAuth2ErrorCodes.INVALID_SCOPE);
}
@@ -406,9 +406,9 @@ public class OAuth2RefreshTokenAuthenticationProviderTests {
OAuth2RefreshTokenAuthenticationToken authentication = new OAuth2RefreshTokenAuthenticationToken("invalid",
clientPrincipal, null, null);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.extracting(OAuth2AuthenticationException::getError)
.extracting("errorCode")
.isEqualTo(OAuth2ErrorCodes.INVALID_GRANT);
}
@@ -421,9 +421,9 @@ public class OAuth2RefreshTokenAuthenticationProviderTests {
OAuth2RefreshTokenAuthenticationToken authentication = new OAuth2RefreshTokenAuthenticationToken(
"refresh-token", clientPrincipal, null, null);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.extracting(OAuth2AuthenticationException::getError)
.extracting("errorCode")
.isEqualTo(OAuth2ErrorCodes.INVALID_CLIENT);
}
@@ -437,9 +437,9 @@ public class OAuth2RefreshTokenAuthenticationProviderTests {
OAuth2RefreshTokenAuthenticationToken authentication = new OAuth2RefreshTokenAuthenticationToken(
"refresh-token", clientPrincipal, null, null);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.extracting(OAuth2AuthenticationException::getError)
.extracting("errorCode")
.isEqualTo(OAuth2ErrorCodes.INVALID_CLIENT);
}
@@ -458,9 +458,9 @@ public class OAuth2RefreshTokenAuthenticationProviderTests {
OAuth2RefreshTokenAuthenticationToken authentication = new OAuth2RefreshTokenAuthenticationToken(
authorization.getRefreshToken().getToken().getTokenValue(), clientPrincipal, null, null);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.extracting(OAuth2AuthenticationException::getError)
.extracting("errorCode")
.isEqualTo(OAuth2ErrorCodes.INVALID_GRANT);
}
@@ -480,9 +480,9 @@ public class OAuth2RefreshTokenAuthenticationProviderTests {
OAuth2RefreshTokenAuthenticationToken authentication = new OAuth2RefreshTokenAuthenticationToken(
authorization.getRefreshToken().getToken().getTokenValue(), clientPrincipal, null, null);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.extracting(OAuth2AuthenticationException::getError)
.extracting("errorCode")
.isEqualTo(OAuth2ErrorCodes.UNAUTHORIZED_CLIENT);
}
@@ -503,9 +503,9 @@ public class OAuth2RefreshTokenAuthenticationProviderTests {
OAuth2RefreshTokenAuthenticationToken authentication = new OAuth2RefreshTokenAuthenticationToken(
authorization.getRefreshToken().getToken().getTokenValue(), clientPrincipal, null, null);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.extracting(OAuth2AuthenticationException::getError)
.extracting("errorCode")
.isEqualTo(OAuth2ErrorCodes.INVALID_GRANT);
}
@@ -527,9 +527,9 @@ public class OAuth2RefreshTokenAuthenticationProviderTests {
OAuth2RefreshTokenAuthenticationToken authentication = new OAuth2RefreshTokenAuthenticationToken(
authorization.getRefreshToken().getToken().getTokenValue(), clientPrincipal, null, null);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.extracting(OAuth2AuthenticationException::getError)
.extracting("errorCode")
.isEqualTo(OAuth2ErrorCodes.INVALID_GRANT);
}
@@ -557,9 +557,9 @@ public class OAuth2RefreshTokenAuthenticationProviderTests {
}
}).given(this.tokenGenerator).generate(any());
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.extracting(OAuth2AuthenticationException::getError)
.satisfies((error) -> {
assertThat(error.getErrorCode()).isEqualTo(OAuth2ErrorCodes.SERVER_ERROR);
assertThat(error.getDescription()).contains("The token generator failed to generate the access token.");
@@ -591,9 +591,9 @@ public class OAuth2RefreshTokenAuthenticationProviderTests {
}
}).given(this.tokenGenerator).generate(any());
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.extracting(OAuth2AuthenticationException::getError)
.satisfies((error) -> {
assertThat(error.getErrorCode()).isEqualTo(OAuth2ErrorCodes.SERVER_ERROR);
assertThat(error.getDescription())
@@ -624,9 +624,9 @@ public class OAuth2RefreshTokenAuthenticationProviderTests {
}
}).given(this.tokenGenerator).generate(any());
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.extracting(OAuth2AuthenticationException::getError)
.satisfies((error) -> {
assertThat(error.getErrorCode()).isEqualTo(OAuth2ErrorCodes.SERVER_ERROR);
assertThat(error.getDescription()).contains("The token generator failed to generate the ID token.");
oauth2/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2RefreshTokenAuthenticationTokenTests.java
+13 -13
View File
@@ -28,7 +28,7 @@ import org.springframework.security.oauth2.server.authorization.client.Registere
import org.springframework.security.oauth2.server.authorization.client.TestRegisteredClients;
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.assertThatThrownBy;
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
/**
* Tests for {@link OAuth2RefreshTokenAuthenticationToken}.
@@ -49,22 +49,22 @@ public class OAuth2RefreshTokenAuthenticationTokenTests {
@Test
public void constructorWhenRefreshTokenNullOrEmptyThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> new OAuth2RefreshTokenAuthenticationToken(null, this.clientPrincipal, this.scopes,
this.additionalParameters))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("refreshToken cannot be empty");
assertThatThrownBy(() -> new OAuth2RefreshTokenAuthenticationToken("", this.clientPrincipal, this.scopes,
this.additionalParameters))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("refreshToken cannot be empty");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> new OAuth2RefreshTokenAuthenticationToken(null, this.clientPrincipal, this.scopes,
this.additionalParameters))
.withMessage("refreshToken cannot be empty");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> new OAuth2RefreshTokenAuthenticationToken("", this.clientPrincipal, this.scopes,
this.additionalParameters))
.withMessage("refreshToken cannot be empty");
}
@Test
public void constructorWhenClientPrincipalNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> new OAuth2RefreshTokenAuthenticationToken("refresh-token", null, this.scopes,
this.additionalParameters))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("clientPrincipal cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> new OAuth2RefreshTokenAuthenticationToken("refresh-token", null, this.scopes,
this.additionalParameters))
.withMessage("clientPrincipal cannot be null");
}
@Test
oauth2/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2TokenExchangeAuthenticationTokenTests.java
+15 -22
View File
@@ -28,7 +28,7 @@ import org.springframework.security.oauth2.server.authorization.client.Registere
import org.springframework.security.oauth2.server.authorization.client.TestRegisteredClients;
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.assertThatThrownBy;
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
/**
* Tests for {@link OAuth2TokenExchangeAuthenticationToken}.
@@ -62,45 +62,38 @@ public class OAuth2TokenExchangeAuthenticationTokenTests {
@Test
public void constructorWhenClientPrincipalNullThenThrowIllegalArgumentException() {
// @formatter:off
assertThatThrownBy(() -> new OAuth2TokenExchangeAuthenticationToken(null, null, null, null, null, null, null, null, null, this.additionalParameters))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("clientPrincipal cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class).isThrownBy(() -> new OAuth2TokenExchangeAuthenticationToken(null, null, null, null, null, null, null, null, null, this.additionalParameters))
.withMessage("clientPrincipal cannot be null");
// @formatter:on
}
@Test
public void constructorWhenRequestedTokenTypeNullOrEmptyThenThrowIllegalArgumentException() {
// @formatter:off
assertThatThrownBy(() -> new OAuth2TokenExchangeAuthenticationToken(null, null, null, this.clientPrincipal, null, null, null, null, null, this.additionalParameters))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("requestedTokenType cannot be empty");
assertThatThrownBy(() -> new OAuth2TokenExchangeAuthenticationToken("", null, null, this.clientPrincipal, null, null, null, null, null, this.additionalParameters))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("requestedTokenType cannot be empty");
assertThatExceptionOfType(IllegalArgumentException.class).isThrownBy(() -> new OAuth2TokenExchangeAuthenticationToken(null, null, null, this.clientPrincipal, null, null, null, null, null, this.additionalParameters))
.withMessage("requestedTokenType cannot be empty");
assertThatExceptionOfType(IllegalArgumentException.class).isThrownBy(() -> new OAuth2TokenExchangeAuthenticationToken("", null, null, this.clientPrincipal, null, null, null, null, null, this.additionalParameters))
.withMessage("requestedTokenType cannot be empty");
// @formatter:on
}
@Test
public void constructorWhenSubjectTokenNullOrEmptyThenThrowIllegalArgumentException() {
// @formatter:off
assertThatThrownBy(() -> new OAuth2TokenExchangeAuthenticationToken(JWT_TOKEN_TYPE_VALUE, null, null, this.clientPrincipal, null, null, null, null, this.scopes, this.additionalParameters))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("subjectToken cannot be empty");
assertThatThrownBy(() -> new OAuth2TokenExchangeAuthenticationToken(JWT_TOKEN_TYPE_VALUE, "", null, this.clientPrincipal, null, null, null, null, this.scopes, this.additionalParameters))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("subjectToken cannot be empty");
assertThatExceptionOfType(IllegalArgumentException.class).isThrownBy(() -> new OAuth2TokenExchangeAuthenticationToken(JWT_TOKEN_TYPE_VALUE, null, null, this.clientPrincipal, null, null, null, null, this.scopes, this.additionalParameters))
.withMessage("subjectToken cannot be empty");
assertThatExceptionOfType(IllegalArgumentException.class).isThrownBy(() -> new OAuth2TokenExchangeAuthenticationToken(JWT_TOKEN_TYPE_VALUE, "", null, this.clientPrincipal, null, null, null, null, this.scopes, this.additionalParameters))
.withMessage("subjectToken cannot be empty");
// @formatter:on
}
@Test
public void constructorWhenSubjectTokenTypeNullOrEmptyThenThrowIllegalArgumentException() {
// @formatter:off
assertThatThrownBy(() -> new OAuth2TokenExchangeAuthenticationToken(JWT_TOKEN_TYPE_VALUE, SUBJECT_TOKEN, null, this.clientPrincipal, null, null, null, null, this.scopes, this.additionalParameters))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("subjectTokenType cannot be empty");
assertThatThrownBy(() -> new OAuth2TokenExchangeAuthenticationToken(JWT_TOKEN_TYPE_VALUE, SUBJECT_TOKEN, "", this.clientPrincipal, null, null, null, null, this.scopes, this.additionalParameters))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("subjectTokenType cannot be empty");
assertThatExceptionOfType(IllegalArgumentException.class).isThrownBy(() -> new OAuth2TokenExchangeAuthenticationToken(JWT_TOKEN_TYPE_VALUE, SUBJECT_TOKEN, null, this.clientPrincipal, null, null, null, null, this.scopes, this.additionalParameters))
.withMessage("subjectTokenType cannot be empty");
assertThatExceptionOfType(IllegalArgumentException.class).isThrownBy(() -> new OAuth2TokenExchangeAuthenticationToken(JWT_TOKEN_TYPE_VALUE, SUBJECT_TOKEN, "", this.clientPrincipal, null, null, null, null, this.scopes, this.additionalParameters))
.withMessage("subjectTokenType cannot be empty");
// @formatter:on
}
oauth2/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2TokenIntrospectionAuthenticationProviderTests.java
+13 -14
View File
@@ -44,7 +44,7 @@ import org.springframework.security.oauth2.server.authorization.token.OAuth2Toke
import org.springframework.security.oauth2.server.authorization.token.OAuth2TokenClaimsSet;
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.assertThatThrownBy;
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
import static org.mockito.ArgumentMatchers.eq;
import static org.mockito.ArgumentMatchers.isNull;
import static org.mockito.BDDMockito.given;
@@ -75,17 +75,16 @@ public class OAuth2TokenIntrospectionAuthenticationProviderTests {
@Test
public void constructorWhenRegisteredClientRepositoryNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> new OAuth2TokenIntrospectionAuthenticationProvider(null, this.authorizationService))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("registeredClientRepository cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> new OAuth2TokenIntrospectionAuthenticationProvider(null, this.authorizationService))
.withMessage("registeredClientRepository cannot be null");
}
@Test
public void constructorWhenAuthorizationServiceNullThenThrowIllegalArgumentException() {
assertThatThrownBy(
() -> new OAuth2TokenIntrospectionAuthenticationProvider(this.registeredClientRepository, null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("authorizationService cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> new OAuth2TokenIntrospectionAuthenticationProvider(this.registeredClientRepository, null))
.withMessage("authorizationService cannot be null");
}
@Test
@@ -102,9 +101,9 @@ public class OAuth2TokenIntrospectionAuthenticationProviderTests {
OAuth2TokenIntrospectionAuthenticationToken authentication = new OAuth2TokenIntrospectionAuthenticationToken(
"token", clientPrincipal, null, null);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.extracting(OAuth2AuthenticationException::getError)
.extracting("errorCode")
.isEqualTo(OAuth2ErrorCodes.INVALID_CLIENT);
}
@@ -119,9 +118,9 @@ public class OAuth2TokenIntrospectionAuthenticationProviderTests {
OAuth2TokenIntrospectionAuthenticationToken authentication = new OAuth2TokenIntrospectionAuthenticationToken(
"token", clientPrincipal, null, null);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.extracting(OAuth2AuthenticationException::getError)
.extracting("errorCode")
.isEqualTo(OAuth2ErrorCodes.INVALID_CLIENT);
}
oauth2/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2TokenIntrospectionAuthenticationTokenTests.java
+17 -19
View File
@@ -28,7 +28,7 @@ import org.springframework.security.oauth2.server.authorization.client.Registere
import org.springframework.security.oauth2.server.authorization.client.TestRegisteredClients;
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.assertThatThrownBy;
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
/**
* Tests for {@link OAuth2TokenIntrospectionAuthenticationToken}.
@@ -49,40 +49,38 @@ public class OAuth2TokenIntrospectionAuthenticationTokenTests {
@Test
public void constructorWhenTokenNullThenThrowIllegalArgumentException() {
assertThatThrownBy(
() -> new OAuth2TokenIntrospectionAuthenticationToken(null, this.clientPrincipal, null, null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("token cannot be empty");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> new OAuth2TokenIntrospectionAuthenticationToken(null, this.clientPrincipal, null, null))
.withMessage("token cannot be empty");
}
@Test
public void constructorWhenClientPrincipalNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> new OAuth2TokenIntrospectionAuthenticationToken(this.token, null, null, null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("clientPrincipal cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> new OAuth2TokenIntrospectionAuthenticationToken(this.token, null, null, null))
.withMessage("clientPrincipal cannot be null");
}
@Test
public void constructorWhenAuthenticatedAndTokenNullThenThrowIllegalArgumentException() {
assertThatThrownBy(
() -> new OAuth2TokenIntrospectionAuthenticationToken(null, this.clientPrincipal, this.tokenClaims))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("token cannot be empty");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(
() -> new OAuth2TokenIntrospectionAuthenticationToken(null, this.clientPrincipal, this.tokenClaims))
.withMessage("token cannot be empty");
}
@Test
public void constructorWhenAuthenticatedAndClientPrincipalNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> new OAuth2TokenIntrospectionAuthenticationToken(this.token, null, this.tokenClaims))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("clientPrincipal cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> new OAuth2TokenIntrospectionAuthenticationToken(this.token, null, this.tokenClaims))
.withMessage("clientPrincipal cannot be null");
}
@Test
public void constructorWhenAuthenticatedAndTokenClaimsNullThenThrowIllegalArgumentException() {
assertThatThrownBy(
() -> new OAuth2TokenIntrospectionAuthenticationToken(this.token, this.clientPrincipal, null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("tokenClaims cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> new OAuth2TokenIntrospectionAuthenticationToken(this.token, this.clientPrincipal, null))
.withMessage("tokenClaims cannot be null");
}
@Test
oauth2/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2TokenRevocationAuthenticationProviderTests.java
+13 -13
View File
@@ -34,7 +34,7 @@ import org.springframework.security.oauth2.server.authorization.client.Registere
import org.springframework.security.oauth2.server.authorization.client.TestRegisteredClients;
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.assertThatThrownBy;
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
import static org.mockito.ArgumentMatchers.any;
import static org.mockito.ArgumentMatchers.eq;
import static org.mockito.ArgumentMatchers.isNull;
@@ -63,9 +63,9 @@ public class OAuth2TokenRevocationAuthenticationProviderTests {
@Test
public void constructorWhenAuthorizationServiceNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> new OAuth2TokenRevocationAuthenticationProvider(null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("authorizationService cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> new OAuth2TokenRevocationAuthenticationProvider(null))
.withMessage("authorizationService cannot be null");
}
@Test
@@ -80,9 +80,9 @@ public class OAuth2TokenRevocationAuthenticationProviderTests {
registeredClient.getClientSecret());
OAuth2TokenRevocationAuthenticationToken authentication = new OAuth2TokenRevocationAuthenticationToken("token",
clientPrincipal, OAuth2TokenType.ACCESS_TOKEN.getValue());
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.extracting(OAuth2AuthenticationException::getError)
.extracting("errorCode")
.isEqualTo(OAuth2ErrorCodes.INVALID_CLIENT);
}
@@ -95,9 +95,9 @@ public class OAuth2TokenRevocationAuthenticationProviderTests {
registeredClient.getClientSecret(), null);
OAuth2TokenRevocationAuthenticationToken authentication = new OAuth2TokenRevocationAuthenticationToken("token",
clientPrincipal, OAuth2TokenType.ACCESS_TOKEN.getValue());
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.extracting(OAuth2AuthenticationException::getError)
.extracting("errorCode")
.isEqualTo(OAuth2ErrorCodes.INVALID_CLIENT);
}
@@ -128,9 +128,9 @@ public class OAuth2TokenRevocationAuthenticationProviderTests {
OAuth2TokenRevocationAuthenticationToken authentication = new OAuth2TokenRevocationAuthenticationToken("token",
clientPrincipal, OAuth2TokenType.ACCESS_TOKEN.getValue());
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.extracting(OAuth2AuthenticationException::getError)
.extracting("errorCode")
.isEqualTo(OAuth2ErrorCodes.INVALID_CLIENT);
}
oauth2/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2TokenRevocationAuthenticationTokenTests.java
+14 -14
View File
@@ -28,7 +28,7 @@ import org.springframework.security.oauth2.server.authorization.client.Registere
import org.springframework.security.oauth2.server.authorization.client.TestRegisteredClients;
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.assertThatThrownBy;
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
/**
* Tests for {@link OAuth2TokenRevocationAuthenticationToken}.
@@ -52,31 +52,31 @@ public class OAuth2TokenRevocationAuthenticationTokenTests {
@Test
public void constructorWhenTokenNullThenThrowIllegalArgumentException() {
assertThatThrownBy(
() -> new OAuth2TokenRevocationAuthenticationToken(null, this.clientPrincipal, this.tokenTypeHint))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("token cannot be empty");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(
() -> new OAuth2TokenRevocationAuthenticationToken(null, this.clientPrincipal, this.tokenTypeHint))
.withMessage("token cannot be empty");
}
@Test
public void constructorWhenClientPrincipalNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> new OAuth2TokenRevocationAuthenticationToken(this.token, null, this.tokenTypeHint))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("clientPrincipal cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> new OAuth2TokenRevocationAuthenticationToken(this.token, null, this.tokenTypeHint))
.withMessage("clientPrincipal cannot be null");
}
@Test
public void constructorWhenRevokedTokenNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> new OAuth2TokenRevocationAuthenticationToken(null, this.clientPrincipal))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("revokedToken cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> new OAuth2TokenRevocationAuthenticationToken(null, this.clientPrincipal))
.withMessage("revokedToken cannot be null");
}
@Test
public void constructorWhenRevokedTokenAndClientPrincipalNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> new OAuth2TokenRevocationAuthenticationToken(this.accessToken, null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("clientPrincipal cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> new OAuth2TokenRevocationAuthenticationToken(this.accessToken, null))
.withMessage("clientPrincipal cannot be null");
}
@Test
oauth2/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/authentication/PublicClientAuthenticationProviderTests.java
+28 -28
View File
@@ -37,7 +37,7 @@ import org.springframework.security.oauth2.server.authorization.client.Registere
import org.springframework.security.oauth2.server.authorization.client.TestRegisteredClients;
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.assertThatThrownBy;
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
import static org.mockito.ArgumentMatchers.eq;
import static org.mockito.BDDMockito.given;
import static org.mockito.Mockito.mock;
@@ -76,16 +76,16 @@ public class PublicClientAuthenticationProviderTests {
@Test
public void constructorWhenRegisteredClientRepositoryNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> new PublicClientAuthenticationProvider(null, this.authorizationService))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("registeredClientRepository cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> new PublicClientAuthenticationProvider(null, this.authorizationService))
.withMessage("registeredClientRepository cannot be null");
}
@Test
public void constructorWhenAuthorizationServiceNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> new PublicClientAuthenticationProvider(this.registeredClientRepository, null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("authorizationService cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> new PublicClientAuthenticationProvider(this.registeredClientRepository, null))
.withMessage("authorizationService cannot be null");
}
@Test
@@ -101,9 +101,9 @@ public class PublicClientAuthenticationProviderTests {
OAuth2ClientAuthenticationToken authentication = new OAuth2ClientAuthenticationToken(
registeredClient.getClientId() + "-invalid", ClientAuthenticationMethod.NONE, null, null);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.extracting(OAuth2AuthenticationException::getError)
.satisfies((error) -> {
assertThat(error.getErrorCode()).isEqualTo(OAuth2ErrorCodes.INVALID_CLIENT);
assertThat(error.getDescription()).contains(OAuth2ParameterNames.CLIENT_ID);
@@ -118,9 +118,9 @@ public class PublicClientAuthenticationProviderTests {
OAuth2ClientAuthenticationToken authentication = new OAuth2ClientAuthenticationToken(
registeredClient.getClientId(), ClientAuthenticationMethod.NONE, null, null);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.extracting(OAuth2AuthenticationException::getError)
.satisfies((error) -> {
assertThat(error.getErrorCode()).isEqualTo(OAuth2ErrorCodes.INVALID_CLIENT);
assertThat(error.getDescription()).contains("authentication_method");
@@ -145,9 +145,9 @@ public class PublicClientAuthenticationProviderTests {
OAuth2ClientAuthenticationToken authentication = new OAuth2ClientAuthenticationToken(
registeredClient.getClientId(), ClientAuthenticationMethod.NONE, null, parameters);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.extracting(OAuth2AuthenticationException::getError)
.satisfies((error) -> {
assertThat(error.getErrorCode()).isEqualTo(OAuth2ErrorCodes.INVALID_GRANT);
assertThat(error.getDescription()).contains(OAuth2ParameterNames.CODE);
@@ -169,9 +169,9 @@ public class PublicClientAuthenticationProviderTests {
OAuth2ClientAuthenticationToken authentication = new OAuth2ClientAuthenticationToken(
registeredClient.getClientId(), ClientAuthenticationMethod.NONE, null, parameters);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.extracting(OAuth2AuthenticationException::getError)
.satisfies((error) -> {
assertThat(error.getErrorCode()).isEqualTo(OAuth2ErrorCodes.INVALID_GRANT);
assertThat(error.getDescription()).contains(PkceParameterNames.CODE_CHALLENGE);
@@ -195,9 +195,9 @@ public class PublicClientAuthenticationProviderTests {
OAuth2ClientAuthenticationToken authentication = new OAuth2ClientAuthenticationToken(
registeredClient.getClientId(), ClientAuthenticationMethod.NONE, null, parameters);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.extracting(OAuth2AuthenticationException::getError)
.satisfies((error) -> {
assertThat(error.getErrorCode()).isEqualTo(OAuth2ErrorCodes.INVALID_GRANT);
assertThat(error.getDescription()).contains(PkceParameterNames.CODE_VERIFIER);
@@ -221,9 +221,9 @@ public class PublicClientAuthenticationProviderTests {
OAuth2ClientAuthenticationToken authentication = new OAuth2ClientAuthenticationToken(
registeredClient.getClientId(), ClientAuthenticationMethod.NONE, null, parameters);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.extracting(OAuth2AuthenticationException::getError)
.satisfies((error) -> {
assertThat(error.getErrorCode()).isEqualTo(OAuth2ErrorCodes.INVALID_GRANT);
assertThat(error.getDescription()).contains(PkceParameterNames.CODE_VERIFIER);
@@ -276,9 +276,9 @@ public class PublicClientAuthenticationProviderTests {
OAuth2ClientAuthenticationToken authentication = new OAuth2ClientAuthenticationToken(
registeredClient.getClientId(), ClientAuthenticationMethod.NONE, null, parameters);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.extracting(OAuth2AuthenticationException::getError)
.extracting("errorCode")
.isEqualTo(OAuth2ErrorCodes.INVALID_GRANT);
}
oauth2/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/authentication/X509ClientCertificateAuthenticationProviderTests.java
+34 -34
View File
@@ -54,7 +54,7 @@ import org.springframework.security.oauth2.server.authorization.settings.ClientS
import org.springframework.security.oauth2.server.authorization.util.TestX509Certificates;
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.assertThatThrownBy;
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
import static org.mockito.ArgumentMatchers.eq;
import static org.mockito.BDDMockito.given;
import static org.mockito.Mockito.mock;
@@ -123,23 +123,23 @@ public class X509ClientCertificateAuthenticationProviderTests {
@Test
public void constructorWhenRegisteredClientRepositoryNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> new X509ClientCertificateAuthenticationProvider(null, this.authorizationService))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("registeredClientRepository cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> new X509ClientCertificateAuthenticationProvider(null, this.authorizationService))
.withMessage("registeredClientRepository cannot be null");
}
@Test
public void constructorWhenAuthorizationServiceNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> new X509ClientCertificateAuthenticationProvider(this.registeredClientRepository, null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("authorizationService cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> new X509ClientCertificateAuthenticationProvider(this.registeredClientRepository, null))
.withMessage("authorizationService cannot be null");
}
@Test
public void setCertificateVerifierWhenNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> this.authenticationProvider.setCertificateVerifier(null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("certificateVerifier cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> this.authenticationProvider.setCertificateVerifier(null))
.withMessage("certificateVerifier cannot be null");
}
@Test
@@ -160,9 +160,9 @@ public class X509ClientCertificateAuthenticationProviderTests {
OAuth2ClientAuthenticationToken authentication = new OAuth2ClientAuthenticationToken(
registeredClient.getClientId() + "-invalid", ClientAuthenticationMethod.TLS_CLIENT_AUTH,
TestX509Certificates.DEMO_CLIENT_PKI_CERTIFICATE, null);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.extracting(OAuth2AuthenticationException::getError)
.satisfies((error) -> {
assertThat(error.getErrorCode()).isEqualTo(OAuth2ErrorCodes.INVALID_CLIENT);
assertThat(error.getDescription()).contains(OAuth2ParameterNames.CLIENT_ID);
@@ -178,9 +178,9 @@ public class X509ClientCertificateAuthenticationProviderTests {
OAuth2ClientAuthenticationToken authentication = new OAuth2ClientAuthenticationToken(
registeredClient.getClientId(), ClientAuthenticationMethod.TLS_CLIENT_AUTH,
TestX509Certificates.DEMO_CLIENT_PKI_CERTIFICATE, null);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.extracting(OAuth2AuthenticationException::getError)
.satisfies((error) -> {
assertThat(error.getErrorCode()).isEqualTo(OAuth2ErrorCodes.INVALID_CLIENT);
assertThat(error.getDescription()).contains("authentication_method");
@@ -199,9 +199,9 @@ public class X509ClientCertificateAuthenticationProviderTests {
OAuth2ClientAuthenticationToken authentication = new OAuth2ClientAuthenticationToken(
registeredClient.getClientId(), ClientAuthenticationMethod.TLS_CLIENT_AUTH, null, null);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.extracting(OAuth2AuthenticationException::getError)
.satisfies((error) -> {
assertThat(error.getErrorCode()).isEqualTo(OAuth2ErrorCodes.INVALID_CLIENT);
assertThat(error.getDescription()).contains("credentials");
@@ -226,9 +226,9 @@ public class X509ClientCertificateAuthenticationProviderTests {
OAuth2ClientAuthenticationToken authentication = new OAuth2ClientAuthenticationToken(
registeredClient.getClientId(), ClientAuthenticationMethod.TLS_CLIENT_AUTH,
TestX509Certificates.DEMO_CLIENT_PKI_CERTIFICATE, null);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.extracting(OAuth2AuthenticationException::getError)
.satisfies((error) -> {
assertThat(error.getErrorCode()).isEqualTo(OAuth2ErrorCodes.INVALID_CLIENT);
assertThat(error.getDescription()).contains("x509_certificate_subject_dn");
@@ -284,9 +284,9 @@ public class X509ClientCertificateAuthenticationProviderTests {
OAuth2ClientAuthenticationToken authentication = new OAuth2ClientAuthenticationToken(
registeredClient.getClientId(), ClientAuthenticationMethod.SELF_SIGNED_TLS_CLIENT_AUTH,
TestX509Certificates.DEMO_CLIENT_PKI_CERTIFICATE, null);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.extracting(OAuth2AuthenticationException::getError)
.satisfies((error) -> {
assertThat(error.getErrorCode()).isEqualTo(OAuth2ErrorCodes.INVALID_CLIENT);
assertThat(error.getDescription()).contains("x509_certificate_issuer");
@@ -306,9 +306,9 @@ public class X509ClientCertificateAuthenticationProviderTests {
OAuth2ClientAuthenticationToken authentication = new OAuth2ClientAuthenticationToken(
registeredClient.getClientId(), ClientAuthenticationMethod.SELF_SIGNED_TLS_CLIENT_AUTH,
TestX509Certificates.DEMO_CLIENT_SELF_SIGNED_CERTIFICATE, null);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.extracting(OAuth2AuthenticationException::getError)
.satisfies((error) -> {
assertThat(error.getErrorCode()).isEqualTo(OAuth2ErrorCodes.INVALID_CLIENT);
assertThat(error.getDescription()).contains("client_jwk_set_url");
@@ -333,9 +333,9 @@ public class X509ClientCertificateAuthenticationProviderTests {
OAuth2ClientAuthenticationToken authentication = new OAuth2ClientAuthenticationToken(
registeredClient.getClientId(), ClientAuthenticationMethod.SELF_SIGNED_TLS_CLIENT_AUTH,
TestX509Certificates.DEMO_CLIENT_SELF_SIGNED_CERTIFICATE, null);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.extracting(OAuth2AuthenticationException::getError)
.satisfies((error) -> {
assertThat(error.getErrorCode()).isEqualTo(OAuth2ErrorCodes.INVALID_CLIENT);
assertThat(error.getDescription()).contains("jwk_set_uri");
@@ -414,9 +414,9 @@ public class X509ClientCertificateAuthenticationProviderTests {
OAuth2ClientAuthenticationToken authentication = new OAuth2ClientAuthenticationToken(
registeredClient.getClientId(), ClientAuthenticationMethod.SELF_SIGNED_TLS_CLIENT_AUTH,
TestX509Certificates.DEMO_CLIENT_SELF_SIGNED_CERTIFICATE, null);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.extracting((ex) -> ex.getError())
.satisfies((error) -> {
assertThat(error.getErrorCode()).isEqualTo(OAuth2ErrorCodes.INVALID_CLIENT);
assertThat(error.getDescription()).contains(expectedErrorDescription);
oauth2/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/client/RegisteredClientTests.java
+24 -24
View File
@@ -29,7 +29,7 @@ import org.springframework.security.oauth2.core.AuthorizationGrantType;
import org.springframework.security.oauth2.core.ClientAuthenticationMethod;
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.assertThatThrownBy;
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
/**
* Tests for {@link RegisteredClient}.
@@ -57,13 +57,13 @@ public class RegisteredClientTests {
@Test
public void buildWhenAuthorizationGrantTypesNotSetThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> RegisteredClient.withId(ID)
assertThatExceptionOfType(IllegalArgumentException.class).isThrownBy(() -> RegisteredClient.withId(ID)
.clientId(CLIENT_ID)
.clientSecret(CLIENT_SECRET)
.redirectUris((redirectUris) -> redirectUris.addAll(REDIRECT_URIS))
.scopes((scopes) -> scopes.addAll(SCOPES))
.clientAuthenticationMethod(ClientAuthenticationMethod.CLIENT_SECRET_BASIC)
.build()).isInstanceOf(IllegalArgumentException.class);
.build());
}
@Test
@@ -100,35 +100,35 @@ public class RegisteredClientTests {
@Test
public void buildWhenIdIsNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> RegisteredClient.withId(null)).isInstanceOf(IllegalArgumentException.class);
assertThatExceptionOfType(IllegalArgumentException.class).isThrownBy(() -> RegisteredClient.withId(null));
}
@Test
public void buildWhenClientIdIsNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> RegisteredClient.withId(ID)
assertThatExceptionOfType(IllegalArgumentException.class).isThrownBy(() -> RegisteredClient.withId(ID)
.clientId(null)
.clientSecret(CLIENT_SECRET)
.authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE)
.clientAuthenticationMethod(ClientAuthenticationMethod.CLIENT_SECRET_BASIC)
.redirectUris((redirectUris) -> redirectUris.addAll(REDIRECT_URIS))
.scopes((scopes) -> scopes.addAll(SCOPES))
.build()).isInstanceOf(IllegalArgumentException.class);
.build());
}
@Test
public void buildWhenRedirectUrisNotProvidedThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> RegisteredClient.withId(ID)
assertThatExceptionOfType(IllegalArgumentException.class).isThrownBy(() -> RegisteredClient.withId(ID)
.clientId(CLIENT_ID)
.clientSecret(CLIENT_SECRET)
.authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE)
.clientAuthenticationMethod(ClientAuthenticationMethod.CLIENT_SECRET_BASIC)
.scopes((scopes) -> scopes.addAll(SCOPES))
.build()).isInstanceOf(IllegalArgumentException.class);
.build());
}
@Test
public void buildWhenRedirectUrisConsumerClearsSetThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> RegisteredClient.withId(ID)
assertThatExceptionOfType(IllegalArgumentException.class).isThrownBy(() -> RegisteredClient.withId(ID)
.clientId(CLIENT_ID)
.clientSecret(CLIENT_SECRET)
.authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE)
@@ -136,7 +136,7 @@ public class RegisteredClientTests {
.redirectUri("https://example.com")
.redirectUris(Set::clear)
.scopes((scopes) -> scopes.addAll(SCOPES))
.build()).isInstanceOf(IllegalArgumentException.class);
.build());
}
@Test
@@ -180,66 +180,66 @@ public class RegisteredClientTests {
@Test
public void buildWhenScopeContainsSpaceThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> RegisteredClient.withId(ID)
assertThatExceptionOfType(IllegalArgumentException.class).isThrownBy(() -> RegisteredClient.withId(ID)
.clientId(CLIENT_ID)
.authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE)
.clientAuthenticationMethod(ClientAuthenticationMethod.CLIENT_SECRET_BASIC)
.redirectUris((redirectUris) -> redirectUris.addAll(REDIRECT_URIS))
.scope("openid profile")
.build()).isInstanceOf(IllegalArgumentException.class);
.build());
}
@Test
public void buildWhenScopeContainsInvalidCharacterThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> RegisteredClient.withId(ID)
assertThatExceptionOfType(IllegalArgumentException.class).isThrownBy(() -> RegisteredClient.withId(ID)
.clientId(CLIENT_ID)
.clientSecret(CLIENT_SECRET)
.authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE)
.clientAuthenticationMethod(ClientAuthenticationMethod.CLIENT_SECRET_BASIC)
.redirectUris((redirectUris) -> redirectUris.addAll(REDIRECT_URIS))
.scope("an\"invalid\"scope")
.build()).isInstanceOf(IllegalArgumentException.class);
.build());
}
@Test
public void buildWhenRedirectUriInvalidThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> RegisteredClient.withId(ID)
assertThatExceptionOfType(IllegalArgumentException.class).isThrownBy(() -> RegisteredClient.withId(ID)
.clientId(CLIENT_ID)
.clientSecret(CLIENT_SECRET)
.authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE)
.clientAuthenticationMethod(ClientAuthenticationMethod.CLIENT_SECRET_BASIC)
.redirectUri("invalid URI")
.scopes((scopes) -> scopes.addAll(SCOPES))
.build()).isInstanceOf(IllegalArgumentException.class);
.build());
}
@Test
public void buildWhenRedirectUriContainsFragmentThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> RegisteredClient.withId(ID)
assertThatExceptionOfType(IllegalArgumentException.class).isThrownBy(() -> RegisteredClient.withId(ID)
.clientId(CLIENT_ID)
.clientSecret(CLIENT_SECRET)
.authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE)
.clientAuthenticationMethod(ClientAuthenticationMethod.CLIENT_SECRET_BASIC)
.redirectUri("https://example.com/page#fragment")
.scopes((scopes) -> scopes.addAll(SCOPES))
.build()).isInstanceOf(IllegalArgumentException.class);
.build());
}
@Test
public void buildWhenPostLogoutRedirectUriInvalidThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> RegisteredClient.withId(ID)
assertThatExceptionOfType(IllegalArgumentException.class).isThrownBy(() -> RegisteredClient.withId(ID)
.clientId(CLIENT_ID)
.clientSecret(CLIENT_SECRET)
.authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE)
.clientAuthenticationMethod(ClientAuthenticationMethod.CLIENT_SECRET_BASIC)
.redirectUris((redirectUris) -> redirectUris.addAll(REDIRECT_URIS))
.postLogoutRedirectUri("invalid URI")
.build()).isInstanceOf(IllegalArgumentException.class);
.build());
}
@Test
public void buildWhenPostLogoutRedirectUriContainsFragmentThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> RegisteredClient.withId(ID)
assertThatExceptionOfType(IllegalArgumentException.class).isThrownBy(() -> RegisteredClient.withId(ID)
.clientId(CLIENT_ID)
.clientSecret(CLIENT_SECRET)
.authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE)
@@ -247,7 +247,7 @@ public class RegisteredClientTests {
.redirectUri("https://example.com")
.postLogoutRedirectUri("https://example.com/index#fragment")
.scopes((scopes) -> scopes.addAll(SCOPES))
.build()).isInstanceOf(IllegalArgumentException.class);
.build());
}
@Test
@@ -286,7 +286,7 @@ public class RegisteredClientTests {
@Test
public void buildWhenAuthorizationGrantTypesConsumerClearsSetThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> RegisteredClient.withId(ID)
assertThatExceptionOfType(IllegalArgumentException.class).isThrownBy(() -> RegisteredClient.withId(ID)
.clientId(CLIENT_ID)
.clientSecret(CLIENT_SECRET)
.authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE)
@@ -294,7 +294,7 @@ public class RegisteredClientTests {
.clientAuthenticationMethod(ClientAuthenticationMethod.CLIENT_SECRET_BASIC)
.redirectUris((redirectUris) -> redirectUris.addAll(REDIRECT_URIS))
.scopes((scopes) -> scopes.addAll(SCOPES))
.build()).isInstanceOf(IllegalArgumentException.class);
.build());
}
@Test
oauth2/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OidcProviderConfigurationTests.java
+12 -10
View File
@@ -25,6 +25,7 @@ import com.nimbusds.jose.proc.SecurityContext;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.extension.ExtendWith;
import org.springframework.beans.factory.BeanCreationException;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
@@ -52,7 +53,7 @@ import org.springframework.security.web.SecurityFilterChain;
import org.springframework.test.web.servlet.MockMvc;
import org.springframework.test.web.servlet.ResultMatcher;
import static org.assertj.core.api.Assertions.assertThatThrownBy;
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
import static org.hamcrest.CoreMatchers.hasItems;
import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.user;
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
@@ -182,43 +183,44 @@ public class OidcProviderConfigurationTests {
@Test
public void loadContextWhenIssuerNotValidUrlThenThrowException() {
assertThatThrownBy(
assertThatExceptionOfType(BeanCreationException.class).isThrownBy(
() -> this.spring.register(AuthorizationServerConfigurationWithInvalidIssuerUrl.class).autowire());
}
@Test
public void loadContextWhenIssuerNotValidUriThenThrowException() {
assertThatThrownBy(
assertThatExceptionOfType(BeanCreationException.class).isThrownBy(
() -> this.spring.register(AuthorizationServerConfigurationWithInvalidIssuerUri.class).autowire());
}
@Test
public void loadContextWhenIssuerWithQueryThenThrowException() {
assertThatThrownBy(
() -> this.spring.register(AuthorizationServerConfigurationWithIssuerQuery.class).autowire());
assertThatExceptionOfType(BeanCreationException.class)
.isThrownBy(() -> this.spring.register(AuthorizationServerConfigurationWithIssuerQuery.class).autowire());
}
@Test
public void loadContextWhenIssuerWithFragmentThenThrowException() {
assertThatThrownBy(
assertThatExceptionOfType(BeanCreationException.class).isThrownBy(
() -> this.spring.register(AuthorizationServerConfigurationWithIssuerFragment.class).autowire());
}
@Test
public void loadContextWhenIssuerWithQueryAndFragmentThenThrowException() {
assertThatThrownBy(() -> this.spring.register(AuthorizationServerConfigurationWithIssuerQueryAndFragment.class)
.autowire());
assertThatExceptionOfType(BeanCreationException.class)
.isThrownBy(() -> this.spring.register(AuthorizationServerConfigurationWithIssuerQueryAndFragment.class)
.autowire());
}
@Test
public void loadContextWhenIssuerWithEmptyQueryThenThrowException() {
assertThatThrownBy(
assertThatExceptionOfType(BeanCreationException.class).isThrownBy(
() -> this.spring.register(AuthorizationServerConfigurationWithIssuerEmptyQuery.class).autowire());
}
@Test
public void loadContextWhenIssuerWithEmptyFragmentThenThrowException() {
assertThatThrownBy(
assertThatExceptionOfType(BeanCreationException.class).isThrownBy(
() -> this.spring.register(AuthorizationServerConfigurationWithIssuerEmptyFragment.class).autowire());
}
oauth2/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/http/converter/OAuth2TokenIntrospectionHttpMessageConverterTests.java
+4 -5
View File
@@ -35,7 +35,6 @@ import org.springframework.security.oauth2.server.authorization.OAuth2TokenIntro
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
import static org.assertj.core.api.Assertions.assertThatThrownBy;
/**
* Tests for {@link OAuth2TokenIntrospectionHttpMessageConverter}
@@ -166,10 +165,10 @@ public class OAuth2TokenIntrospectionHttpMessageConverterTests {
MockHttpOutputMessage outputMessage = new MockHttpOutputMessage();
assertThatThrownBy(() -> this.messageConverter.writeInternal(tokenClaims, outputMessage))
.isInstanceOf(HttpMessageNotWritableException.class)
.hasMessageContaining("An error occurred writing the Token Introspection Response")
.hasMessageContaining(errorMessage);
assertThatExceptionOfType(HttpMessageNotWritableException.class)
.isThrownBy(() -> this.messageConverter.writeInternal(tokenClaims, outputMessage))
.withMessageContaining("An error occurred writing the Token Introspection Response")
.withMessageContaining(errorMessage);
}
}
oauth2/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/oidc/authentication/OidcClientConfigurationAuthenticationProviderTests.java
+25 -25
View File
@@ -58,8 +58,8 @@ import org.springframework.security.oauth2.server.resource.authentication.JwtAut
import org.springframework.web.util.UriComponentsBuilder;
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
import static org.assertj.core.api.Assertions.assertThatThrownBy;
import static org.mockito.ArgumentMatchers.eq;
import static org.mockito.BDDMockito.given;
import static org.mockito.Mockito.mock;
@@ -131,9 +131,9 @@ public class OidcClientConfigurationAuthenticationProviderTests {
OidcClientRegistrationAuthenticationToken authentication = new OidcClientRegistrationAuthenticationToken(
principal, "client-id");
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.extracting(OAuth2AuthenticationException::getError)
.extracting("errorCode")
.isEqualTo(OAuth2ErrorCodes.INVALID_TOKEN);
}
@@ -145,9 +145,9 @@ public class OidcClientConfigurationAuthenticationProviderTests {
OidcClientRegistrationAuthenticationToken authentication = new OidcClientRegistrationAuthenticationToken(
principal, "client-id");
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.extracting(OAuth2AuthenticationException::getError)
.extracting("errorCode")
.isEqualTo(OAuth2ErrorCodes.INVALID_TOKEN);
}
@@ -161,9 +161,9 @@ public class OidcClientConfigurationAuthenticationProviderTests {
OidcClientRegistrationAuthenticationToken authentication = new OidcClientRegistrationAuthenticationToken(
principal, "client-id");
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.extracting(OAuth2AuthenticationException::getError)
.extracting("errorCode")
.isEqualTo(OAuth2ErrorCodes.INVALID_TOKEN);
verify(this.authorizationService).findByToken(eq(jwt.getTokenValue()), eq(OAuth2TokenType.ACCESS_TOKEN));
@@ -189,9 +189,9 @@ public class OidcClientConfigurationAuthenticationProviderTests {
OidcClientRegistrationAuthenticationToken authentication = new OidcClientRegistrationAuthenticationToken(
principal, registeredClient.getClientId());
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.extracting(OAuth2AuthenticationException::getError)
.extracting("errorCode")
.isEqualTo(OAuth2ErrorCodes.INVALID_TOKEN);
verify(this.authorizationService).findByToken(eq(jwtAccessToken.getTokenValue()),
@@ -217,9 +217,9 @@ public class OidcClientConfigurationAuthenticationProviderTests {
OidcClientRegistrationAuthenticationToken authentication = new OidcClientRegistrationAuthenticationToken(
principal, registeredClient.getClientId());
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.extracting((ex) -> ex.getError())
.extracting("errorCode")
.isEqualTo(OAuth2ErrorCodes.INSUFFICIENT_SCOPE);
verify(this.authorizationService).findByToken(eq(jwtAccessToken.getTokenValue()),
@@ -245,9 +245,9 @@ public class OidcClientConfigurationAuthenticationProviderTests {
OidcClientRegistrationAuthenticationToken authentication = new OidcClientRegistrationAuthenticationToken(
principal, registeredClient.getClientId());
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.extracting(OAuth2AuthenticationException::getError)
.extracting("errorCode")
.isEqualTo(OAuth2ErrorCodes.INVALID_TOKEN);
verify(this.authorizationService).findByToken(eq(jwtAccessToken.getTokenValue()),
@@ -273,9 +273,9 @@ public class OidcClientConfigurationAuthenticationProviderTests {
OidcClientRegistrationAuthenticationToken authentication = new OidcClientRegistrationAuthenticationToken(
principal, registeredClient.getClientId());
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.extracting(OAuth2AuthenticationException::getError)
.extracting("errorCode")
.isEqualTo(OAuth2ErrorCodes.INVALID_CLIENT);
verify(this.authorizationService).findByToken(eq(jwtAccessToken.getTokenValue()),
@@ -308,9 +308,9 @@ public class OidcClientConfigurationAuthenticationProviderTests {
OidcClientRegistrationAuthenticationToken authentication = new OidcClientRegistrationAuthenticationToken(
principal, registeredClient.getClientId());
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.extracting(OAuth2AuthenticationException::getError)
.extracting("errorCode")
.isEqualTo(OAuth2ErrorCodes.INVALID_CLIENT);
verify(this.authorizationService).findByToken(eq(jwtAccessToken.getTokenValue()),
oauth2/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/oidc/authentication/OidcClientRegistrationAuthenticationProviderTests.java
+40 -40
View File
@@ -68,8 +68,8 @@ import org.springframework.security.oauth2.server.resource.authentication.JwtAut
import org.springframework.web.util.UriComponentsBuilder;
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
import static org.assertj.core.api.Assertions.assertThatThrownBy;
import static org.mockito.ArgumentMatchers.any;
import static org.mockito.ArgumentMatchers.eq;
import static org.mockito.BDDMockito.given;
@@ -179,9 +179,9 @@ public class OidcClientRegistrationAuthenticationProviderTests {
@Test
public void setPasswordEncoderWhenNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> this.authenticationProvider.setPasswordEncoder(null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("passwordEncoder cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> this.authenticationProvider.setPasswordEncoder(null))
.withMessage("passwordEncoder cannot be null");
}
@Test
@@ -199,9 +199,9 @@ public class OidcClientRegistrationAuthenticationProviderTests {
OidcClientRegistrationAuthenticationToken authentication = new OidcClientRegistrationAuthenticationToken(
principal, clientRegistration);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.extracting(OAuth2AuthenticationException::getError)
.extracting("errorCode")
.isEqualTo(OAuth2ErrorCodes.INVALID_TOKEN);
}
@@ -216,9 +216,9 @@ public class OidcClientRegistrationAuthenticationProviderTests {
OidcClientRegistrationAuthenticationToken authentication = new OidcClientRegistrationAuthenticationToken(
principal, clientRegistration);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.extracting(OAuth2AuthenticationException::getError)
.extracting("errorCode")
.isEqualTo(OAuth2ErrorCodes.INVALID_TOKEN);
}
@@ -235,9 +235,9 @@ public class OidcClientRegistrationAuthenticationProviderTests {
OidcClientRegistrationAuthenticationToken authentication = new OidcClientRegistrationAuthenticationToken(
principal, clientRegistration);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.extracting(OAuth2AuthenticationException::getError)
.extracting("errorCode")
.isEqualTo(OAuth2ErrorCodes.INVALID_TOKEN);
verify(this.authorizationService).findByToken(eq(jwt.getTokenValue()), eq(OAuth2TokenType.ACCESS_TOKEN));
@@ -266,9 +266,9 @@ public class OidcClientRegistrationAuthenticationProviderTests {
OidcClientRegistrationAuthenticationToken authentication = new OidcClientRegistrationAuthenticationToken(
principal, clientRegistration);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.extracting(OAuth2AuthenticationException::getError)
.extracting("errorCode")
.isEqualTo(OAuth2ErrorCodes.INVALID_TOKEN);
verify(this.authorizationService).findByToken(eq(jwtAccessToken.getTokenValue()),
@@ -297,9 +297,9 @@ public class OidcClientRegistrationAuthenticationProviderTests {
OidcClientRegistrationAuthenticationToken authentication = new OidcClientRegistrationAuthenticationToken(
principal, clientRegistration);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.extracting(OAuth2AuthenticationException::getError)
.extracting("errorCode")
.isEqualTo(OAuth2ErrorCodes.INSUFFICIENT_SCOPE);
verify(this.authorizationService).findByToken(eq(jwtAccessToken.getTokenValue()),
@@ -328,9 +328,9 @@ public class OidcClientRegistrationAuthenticationProviderTests {
OidcClientRegistrationAuthenticationToken authentication = new OidcClientRegistrationAuthenticationToken(
principal, clientRegistration);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.extracting(OAuth2AuthenticationException::getError)
.extracting("errorCode")
.isEqualTo(OAuth2ErrorCodes.INVALID_TOKEN);
verify(this.authorizationService).findByToken(eq(jwtAccessToken.getTokenValue()),
@@ -361,9 +361,9 @@ public class OidcClientRegistrationAuthenticationProviderTests {
OidcClientRegistrationAuthenticationToken authentication = new OidcClientRegistrationAuthenticationToken(
principal, clientRegistration);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.extracting(OAuth2AuthenticationException::getError)
.satisfies((error) -> {
assertThat(error.getErrorCode()).isEqualTo(OAuth2ErrorCodes.INVALID_REDIRECT_URI);
assertThat(error.getDescription()).contains(OidcClientMetadataClaimNames.REDIRECT_URIS);
@@ -396,9 +396,9 @@ public class OidcClientRegistrationAuthenticationProviderTests {
OidcClientRegistrationAuthenticationToken authentication = new OidcClientRegistrationAuthenticationToken(
principal, clientRegistration);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.extracting(OAuth2AuthenticationException::getError)
.satisfies((error) -> {
assertThat(error.getErrorCode()).isEqualTo(OAuth2ErrorCodes.INVALID_REDIRECT_URI);
assertThat(error.getDescription()).contains(OidcClientMetadataClaimNames.REDIRECT_URIS);
@@ -432,9 +432,9 @@ public class OidcClientRegistrationAuthenticationProviderTests {
OidcClientRegistrationAuthenticationToken authentication = new OidcClientRegistrationAuthenticationToken(
principal, clientRegistration);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.extracting(OAuth2AuthenticationException::getError)
.satisfies((error) -> {
assertThat(error.getErrorCode()).isEqualTo("invalid_client_metadata");
assertThat(error.getDescription()).contains(OidcClientMetadataClaimNames.POST_LOGOUT_REDIRECT_URIS);
@@ -468,9 +468,9 @@ public class OidcClientRegistrationAuthenticationProviderTests {
OidcClientRegistrationAuthenticationToken authentication = new OidcClientRegistrationAuthenticationToken(
principal, clientRegistration);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.extracting(OAuth2AuthenticationException::getError)
.satisfies((error) -> {
assertThat(error.getErrorCode()).isEqualTo("invalid_client_metadata");
assertThat(error.getDescription()).contains(OidcClientMetadataClaimNames.POST_LOGOUT_REDIRECT_URIS);
@@ -550,9 +550,9 @@ public class OidcClientRegistrationAuthenticationProviderTests {
OidcClientRegistrationAuthenticationToken authentication = new OidcClientRegistrationAuthenticationToken(
principal, clientRegistration);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.extracting(OAuth2AuthenticationException::getError)
.satisfies((error) -> {
assertThat(error.getErrorCode()).isEqualTo(errorCode);
assertThat(error.getDescription()).contains(errorDescription);
@@ -641,9 +641,9 @@ public class OidcClientRegistrationAuthenticationProviderTests {
OidcClientRegistrationAuthenticationToken authentication = new OidcClientRegistrationAuthenticationToken(
principal, clientRegistration);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.extracting(OAuth2AuthenticationException::getError)
.satisfies((error) -> {
assertThat(error.getErrorCode()).isEqualTo(OAuth2ErrorCodes.SERVER_ERROR);
assertThat(error.getDescription())
oauth2/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/oidc/authentication/OidcLogoutAuthenticationProviderTests.java
+34 -34
View File
@@ -53,8 +53,8 @@ import org.springframework.security.oauth2.server.authorization.context.TestAuth
import org.springframework.security.oauth2.server.authorization.settings.AuthorizationServerSettings;
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
import static org.assertj.core.api.Assertions.assertThatThrownBy;
import static org.mockito.ArgumentMatchers.any;
import static org.mockito.ArgumentMatchers.eq;
import static org.mockito.BDDMockito.given;
@@ -133,9 +133,9 @@ public class OidcLogoutAuthenticationProviderTests {
OidcLogoutAuthenticationToken authentication = new OidcLogoutAuthenticationToken("id-token", principal,
"session-1", null, null, null);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.extracting(OAuth2AuthenticationException::getError)
.satisfies((error) -> {
assertThat(error.getErrorCode()).isEqualTo(OAuth2ErrorCodes.INVALID_TOKEN);
assertThat(error.getDescription()).contains("id_token_hint");
@@ -167,9 +167,9 @@ public class OidcLogoutAuthenticationProviderTests {
OidcLogoutAuthenticationToken authentication = new OidcLogoutAuthenticationToken(idToken.getTokenValue(),
principal, "session-1", null, null, null);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.extracting(OAuth2AuthenticationException::getError)
.satisfies((error) -> {
assertThat(error.getErrorCode()).isEqualTo(OAuth2ErrorCodes.INVALID_TOKEN);
assertThat(error.getDescription()).contains("id_token_hint");
@@ -201,9 +201,9 @@ public class OidcLogoutAuthenticationProviderTests {
OidcLogoutAuthenticationToken authentication = new OidcLogoutAuthenticationToken(idToken.getTokenValue(),
principal, "session-1", null, null, null);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.extracting(OAuth2AuthenticationException::getError)
.satisfies((error) -> {
assertThat(error.getErrorCode()).isEqualTo(OAuth2ErrorCodes.INVALID_TOKEN);
assertThat(error.getDescription()).contains(IdTokenClaimNames.AUD);
@@ -236,9 +236,9 @@ public class OidcLogoutAuthenticationProviderTests {
OidcLogoutAuthenticationToken authentication = new OidcLogoutAuthenticationToken(idToken.getTokenValue(),
principal, "session-1", null, null, null);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.extracting(OAuth2AuthenticationException::getError)
.satisfies((error) -> {
assertThat(error.getErrorCode()).isEqualTo(OAuth2ErrorCodes.INVALID_TOKEN);
assertThat(error.getDescription()).contains(IdTokenClaimNames.AUD);
@@ -271,9 +271,9 @@ public class OidcLogoutAuthenticationProviderTests {
OidcLogoutAuthenticationToken authentication = new OidcLogoutAuthenticationToken(idToken.getTokenValue(),
principal, "session-1", registeredClient.getClientId() + "-invalid", null, null);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.extracting(OAuth2AuthenticationException::getError)
.satisfies((error) -> {
assertThat(error.getErrorCode()).isEqualTo(OAuth2ErrorCodes.INVALID_REQUEST);
assertThat(error.getDescription()).contains(OAuth2ParameterNames.CLIENT_ID);
@@ -306,9 +306,9 @@ public class OidcLogoutAuthenticationProviderTests {
OidcLogoutAuthenticationToken authentication = new OidcLogoutAuthenticationToken(idToken.getTokenValue(),
principal, "session-1", registeredClient.getClientId(), "https://example.com/callback-1-invalid", null);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.extracting(OAuth2AuthenticationException::getError)
.satisfies((error) -> {
assertThat(error.getErrorCode()).isEqualTo(OAuth2ErrorCodes.INVALID_REQUEST);
assertThat(error.getDescription()).contains("post_logout_redirect_uri");
@@ -319,9 +319,9 @@ public class OidcLogoutAuthenticationProviderTests {
@Test
public void setAuthenticationValidatorWhenNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> this.authenticationProvider.setAuthenticationValidator(null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("authenticationValidator cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> this.authenticationProvider.setAuthenticationValidator(null))
.withMessage("authenticationValidator cannot be null");
}
@Test
@@ -371,9 +371,9 @@ public class OidcLogoutAuthenticationProviderTests {
OidcLogoutAuthenticationToken authentication = new OidcLogoutAuthenticationToken(idToken.getTokenValue(),
principal, "session-1", null, null, null);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.extracting(OAuth2AuthenticationException::getError)
.satisfies((error) -> {
assertThat(error.getErrorCode()).isEqualTo(OAuth2ErrorCodes.INVALID_TOKEN);
assertThat(error.getDescription()).contains("sub");
@@ -412,9 +412,9 @@ public class OidcLogoutAuthenticationProviderTests {
OidcLogoutAuthenticationToken authentication = new OidcLogoutAuthenticationToken(idToken.getTokenValue(),
otherPrincipal, "session-1", null, null, null);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.extracting(OAuth2AuthenticationException::getError)
.satisfies((error) -> {
assertThat(error.getErrorCode()).isEqualTo(OAuth2ErrorCodes.INVALID_TOKEN);
assertThat(error.getDescription()).contains("sub");
@@ -454,9 +454,9 @@ public class OidcLogoutAuthenticationProviderTests {
OidcLogoutAuthenticationToken authentication = new OidcLogoutAuthenticationToken(idToken.getTokenValue(),
principal, sessionId, null, null, null);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.extracting(OAuth2AuthenticationException::getError)
.satisfies((error) -> {
assertThat(error.getErrorCode()).isEqualTo(OAuth2ErrorCodes.INVALID_TOKEN);
assertThat(error.getDescription()).contains("sid");
@@ -497,9 +497,9 @@ public class OidcLogoutAuthenticationProviderTests {
OidcLogoutAuthenticationToken authentication = new OidcLogoutAuthenticationToken(idToken.getTokenValue(),
principal, sessionId, null, null, null);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.extracting(OAuth2AuthenticationException::getError)
.satisfies((error) -> {
assertThat(error.getErrorCode()).isEqualTo(OAuth2ErrorCodes.INVALID_TOKEN);
assertThat(error.getDescription()).contains("sid");
oauth2/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/oidc/authentication/OidcUserInfoAuthenticationProviderTests.java
+19 -19
View File
@@ -43,8 +43,8 @@ import org.springframework.security.oauth2.server.authorization.TestOAuth2Author
import org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationToken;
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
import static org.assertj.core.api.Assertions.assertThatThrownBy;
import static org.mockito.ArgumentMatchers.eq;
import static org.mockito.BDDMockito.given;
import static org.mockito.Mockito.mock;
@@ -90,9 +90,9 @@ public class OidcUserInfoAuthenticationProviderTests {
OidcUserInfoAuthenticationToken authentication = new OidcUserInfoAuthenticationToken(
new UsernamePasswordAuthenticationToken(null, null));
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.extracting(OAuth2AuthenticationException::getError)
.extracting("errorCode")
.isEqualTo(OAuth2ErrorCodes.INVALID_TOKEN);
@@ -106,9 +106,9 @@ public class OidcUserInfoAuthenticationProviderTests {
principal.setAuthenticated(false);
OidcUserInfoAuthenticationToken authentication = new OidcUserInfoAuthenticationToken(principal);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.extracting(OAuth2AuthenticationException::getError)
.extracting("errorCode")
.isEqualTo(OAuth2ErrorCodes.INVALID_TOKEN);
@@ -121,9 +121,9 @@ public class OidcUserInfoAuthenticationProviderTests {
JwtAuthenticationToken principal = createJwtAuthenticationToken(tokenValue);
OidcUserInfoAuthenticationToken authentication = new OidcUserInfoAuthenticationToken(principal);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.extracting(OAuth2AuthenticationException::getError)
.extracting("errorCode")
.isEqualTo(OAuth2ErrorCodes.INVALID_TOKEN);
@@ -143,9 +143,9 @@ public class OidcUserInfoAuthenticationProviderTests {
JwtAuthenticationToken principal = createJwtAuthenticationToken(tokenValue);
OidcUserInfoAuthenticationToken authentication = new OidcUserInfoAuthenticationToken(principal);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.extracting(OAuth2AuthenticationException::getError)
.extracting("errorCode")
.isEqualTo(OAuth2ErrorCodes.INVALID_TOKEN);
@@ -161,9 +161,9 @@ public class OidcUserInfoAuthenticationProviderTests {
JwtAuthenticationToken principal = createJwtAuthenticationToken(tokenValue);
OidcUserInfoAuthenticationToken authentication = new OidcUserInfoAuthenticationToken(principal);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.extracting(OAuth2AuthenticationException::getError)
.extracting("errorCode")
.isEqualTo(OAuth2ErrorCodes.INSUFFICIENT_SCOPE);
@@ -182,9 +182,9 @@ public class OidcUserInfoAuthenticationProviderTests {
JwtAuthenticationToken principal = createJwtAuthenticationToken(tokenValue);
OidcUserInfoAuthenticationToken authentication = new OidcUserInfoAuthenticationToken(principal);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
.extracting(OAuth2AuthenticationException::getError)
.extracting("errorCode")
.isEqualTo(OAuth2ErrorCodes.INVALID_TOKEN);
oauth2/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/oidc/http/converter/OidcClientRegistrationHttpMessageConverterTests.java
+3 -5
View File
@@ -38,7 +38,6 @@ import org.springframework.security.oauth2.server.authorization.oidc.OidcClientR
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
import static org.assertj.core.api.Assertions.assertThatThrownBy;
/**
* Tests for {@link OidcClientRegistrationHttpMessageConverter}
@@ -271,9 +270,8 @@ public class OidcClientRegistrationHttpMessageConverterTests {
MockHttpOutputMessage outputMessage = new MockHttpOutputMessage();
assertThatThrownBy(() -> this.messageConverter.writeInternal(clientRegistration, outputMessage))
.isInstanceOf(HttpMessageNotWritableException.class)
.hasMessageContaining("An error occurred writing the OpenID Client Registration")
.hasMessageContaining(errorMessage);
assertThatExceptionOfType(HttpMessageNotWritableException.class).isThrownBy(() -> this.messageConverter.writeInternal(clientRegistration, outputMessage))
.withMessageContaining("An error occurred writing the OpenID Client Registration")
.withMessageContaining(errorMessage);
}
}
oauth2/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/oidc/web/OidcLogoutEndpointFilterTests.java
+15 -15
View File
@@ -48,7 +48,7 @@ import org.springframework.security.web.authentication.AuthenticationFailureHand
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.assertThatThrownBy;
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
import static org.mockito.ArgumentMatchers.any;
import static org.mockito.ArgumentMatchers.same;
import static org.mockito.BDDMockito.given;
@@ -89,36 +89,36 @@ public class OidcLogoutEndpointFilterTests {
@Test
public void constructorWhenAuthenticationManagerNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> new OidcLogoutEndpointFilter(null)).isInstanceOf(IllegalArgumentException.class)
.hasMessage("authenticationManager cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class).isThrownBy(() -> new OidcLogoutEndpointFilter(null))
.withMessage("authenticationManager cannot be null");
}
@Test
public void constructorWhenLogoutEndpointUriNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> new OidcLogoutEndpointFilter(this.authenticationManager, null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("logoutEndpointUri cannot be empty");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> new OidcLogoutEndpointFilter(this.authenticationManager, null))
.withMessage("logoutEndpointUri cannot be empty");
}
@Test
public void setAuthenticationConverterWhenNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> this.filter.setAuthenticationConverter(null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("authenticationConverter cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> this.filter.setAuthenticationConverter(null))
.withMessage("authenticationConverter cannot be null");
}
@Test
public void setAuthenticationSuccessHandlerWhenNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> this.filter.setAuthenticationSuccessHandler(null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("authenticationSuccessHandler cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> this.filter.setAuthenticationSuccessHandler(null))
.withMessage("authenticationSuccessHandler cannot be null");
}
@Test
public void setAuthenticationFailureHandlerWhenNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> this.filter.setAuthenticationFailureHandler(null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("authenticationFailureHandler cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> this.filter.setAuthenticationFailureHandler(null))
.withMessage("authenticationFailureHandler cannot be null");
}
@Test
oauth2/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/oidc/web/OidcProviderConfigurationEndpointFilterTests.java
+6 -6
View File
@@ -31,7 +31,7 @@ import org.springframework.security.oauth2.server.authorization.settings.Authori
import org.springframework.web.util.InvalidUrlException;
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.assertThatThrownBy;
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
import static org.mockito.ArgumentMatchers.any;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.verify;
@@ -56,9 +56,9 @@ public class OidcProviderConfigurationEndpointFilterTests {
@Test
public void setProviderConfigurationCustomizerWhenNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> this.filter.setProviderConfigurationCustomizer(null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("providerConfigurationCustomizer cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> this.filter.setProviderConfigurationCustomizer(null))
.withMessage("providerConfigurationCustomizer cannot be null");
}
@Test
@@ -178,8 +178,8 @@ public class OidcProviderConfigurationEndpointFilterTests {
MockHttpServletResponse response = new MockHttpServletResponse();
FilterChain filterChain = mock(FilterChain.class);
assertThatThrownBy(() -> this.filter.doFilter(request, response, filterChain))
.isInstanceOf(InvalidUrlException.class);
assertThatExceptionOfType(InvalidUrlException.class)
.isThrownBy(() -> this.filter.doFilter(request, response, filterChain));
}
}
oauth2/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/oidc/web/authentication/OidcLogoutAuthenticationSuccessHandlerTests.java
+7 -8
View File
@@ -31,7 +31,7 @@ import org.springframework.security.oauth2.core.OAuth2ErrorCodes;
import org.springframework.security.oauth2.server.authorization.oidc.authentication.OidcLogoutAuthenticationToken;
import org.springframework.security.web.authentication.logout.LogoutHandler;
import static org.assertj.core.api.Assertions.assertThatThrownBy;
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
import static org.mockito.ArgumentMatchers.any;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.verify;
@@ -56,9 +56,8 @@ public class OidcLogoutAuthenticationSuccessHandlerTests {
@Test
public void setLogoutHandlerWhenNullThenThrowIllegalArgumentException() {
// @formatter:off
assertThatThrownBy(() -> this.authenticationSuccessHandler.setLogoutHandler(null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("logoutHandler cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class).isThrownBy(() -> this.authenticationSuccessHandler.setLogoutHandler(null))
.withMessage("logoutHandler cannot be null");
// @formatter:on
}
@@ -67,10 +66,10 @@ public class OidcLogoutAuthenticationSuccessHandlerTests {
MockHttpServletRequest request = new MockHttpServletRequest();
MockHttpServletResponse response = new MockHttpServletResponse();
assertThatThrownBy(
() -> this.authenticationSuccessHandler.onAuthenticationSuccess(request, response, this.principal))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(
() -> this.authenticationSuccessHandler.onAuthenticationSuccess(request, response, this.principal))
.extracting(OAuth2AuthenticationException::getError)
.extracting("errorCode")
.isEqualTo(OAuth2ErrorCodes.SERVER_ERROR);
}
oauth2/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/settings/TokenSettingsTests.java
+21 -21
View File
@@ -23,7 +23,7 @@ import org.junit.jupiter.api.Test;
import org.springframework.security.oauth2.jose.jws.SignatureAlgorithm;
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.assertThatThrownBy;
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
/**
* Tests for {@link TokenSettings}.
@@ -57,18 +57,18 @@ public class TokenSettingsTests {
@Test
public void authorizationCodeTimeToLiveWhenNullOrZeroOrNegativeThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> TokenSettings.builder().authorizationCodeTimeToLive(null))
.isInstanceOf(IllegalArgumentException.class)
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> TokenSettings.builder().authorizationCodeTimeToLive(null))
.extracting(Throwable::getMessage)
.isEqualTo("authorizationCodeTimeToLive cannot be null");
assertThatThrownBy(() -> TokenSettings.builder().authorizationCodeTimeToLive(Duration.ZERO))
.isInstanceOf(IllegalArgumentException.class)
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> TokenSettings.builder().authorizationCodeTimeToLive(Duration.ZERO))
.extracting(Throwable::getMessage)
.isEqualTo("authorizationCodeTimeToLive must be greater than Duration.ZERO");
assertThatThrownBy(() -> TokenSettings.builder().authorizationCodeTimeToLive(Duration.ofSeconds(-10)))
.isInstanceOf(IllegalArgumentException.class)
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> TokenSettings.builder().authorizationCodeTimeToLive(Duration.ofSeconds(-10)))
.extracting(Throwable::getMessage)
.isEqualTo("authorizationCodeTimeToLive must be greater than Duration.ZERO");
}
@@ -82,18 +82,18 @@ public class TokenSettingsTests {
@Test
public void accessTokenTimeToLiveWhenNullOrZeroOrNegativeThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> TokenSettings.builder().accessTokenTimeToLive(null))
.isInstanceOf(IllegalArgumentException.class)
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> TokenSettings.builder().accessTokenTimeToLive(null))
.extracting(Throwable::getMessage)
.isEqualTo("accessTokenTimeToLive cannot be null");
assertThatThrownBy(() -> TokenSettings.builder().accessTokenTimeToLive(Duration.ZERO))
.isInstanceOf(IllegalArgumentException.class)
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> TokenSettings.builder().accessTokenTimeToLive(Duration.ZERO))
.extracting(Throwable::getMessage)
.isEqualTo("accessTokenTimeToLive must be greater than Duration.ZERO");
assertThatThrownBy(() -> TokenSettings.builder().accessTokenTimeToLive(Duration.ofSeconds(-10)))
.isInstanceOf(IllegalArgumentException.class)
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> TokenSettings.builder().accessTokenTimeToLive(Duration.ofSeconds(-10)))
.extracting(Throwable::getMessage)
.isEqualTo("accessTokenTimeToLive must be greater than Duration.ZERO");
}
@@ -106,8 +106,8 @@ public class TokenSettingsTests {
@Test
public void accessTokenFormatWhenNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> TokenSettings.builder().accessTokenFormat(null))
.isInstanceOf(IllegalArgumentException.class)
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> TokenSettings.builder().accessTokenFormat(null))
.extracting(Throwable::getMessage)
.isEqualTo("accessTokenFormat cannot be null");
}
@@ -127,18 +127,18 @@ public class TokenSettingsTests {
@Test
public void refreshTokenTimeToLiveWhenNullOrZeroOrNegativeThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> TokenSettings.builder().refreshTokenTimeToLive(null))
.isInstanceOf(IllegalArgumentException.class)
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> TokenSettings.builder().refreshTokenTimeToLive(null))
.extracting(Throwable::getMessage)
.isEqualTo("refreshTokenTimeToLive cannot be null");
assertThatThrownBy(() -> TokenSettings.builder().refreshTokenTimeToLive(Duration.ZERO))
.isInstanceOf(IllegalArgumentException.class)
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> TokenSettings.builder().refreshTokenTimeToLive(Duration.ZERO))
.extracting(Throwable::getMessage)
.isEqualTo("refreshTokenTimeToLive must be greater than Duration.ZERO");
assertThatThrownBy(() -> TokenSettings.builder().refreshTokenTimeToLive(Duration.ofSeconds(-10)))
.isInstanceOf(IllegalArgumentException.class)
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> TokenSettings.builder().refreshTokenTimeToLive(Duration.ofSeconds(-10)))
.extracting(Throwable::getMessage)
.isEqualTo("refreshTokenTimeToLive must be greater than Duration.ZERO");
}
oauth2/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/token/DelegatingOAuth2TokenGeneratorTests.java
+7 -7
View File
@@ -24,7 +24,7 @@ import org.springframework.security.oauth2.core.OAuth2AccessToken;
import org.springframework.security.oauth2.core.OAuth2Token;
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.assertThatThrownBy;
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
import static org.mockito.ArgumentMatchers.any;
import static org.mockito.BDDMockito.given;
import static org.mockito.Mockito.mock;
@@ -40,16 +40,16 @@ public class DelegatingOAuth2TokenGeneratorTests {
@SuppressWarnings("unchecked")
public void constructorWhenTokenGeneratorsEmptyThenThrowIllegalArgumentException() {
OAuth2TokenGenerator<OAuth2Token>[] tokenGenerators = new OAuth2TokenGenerator[0];
assertThatThrownBy(() -> new DelegatingOAuth2TokenGenerator(tokenGenerators))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("tokenGenerators cannot be empty");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> new DelegatingOAuth2TokenGenerator(tokenGenerators))
.withMessage("tokenGenerators cannot be empty");
}
@Test
public void constructorWhenTokenGeneratorsNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> new DelegatingOAuth2TokenGenerator(null, null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("tokenGenerator cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> new DelegatingOAuth2TokenGenerator(null, null))
.withMessage("tokenGenerator cannot be null");
}
@Test
oauth2/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/token/JwtEncodingContextTests.java
+15 -14
View File
@@ -37,7 +37,7 @@ import org.springframework.security.oauth2.server.authorization.client.Registere
import org.springframework.security.oauth2.server.authorization.client.TestRegisteredClients;
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.assertThatThrownBy;
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
/**
* Tests for {@link JwtEncodingContext}.
@@ -48,29 +48,30 @@ public class JwtEncodingContextTests {
@Test
public void withWhenJwsHeaderNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> JwtEncodingContext.with(null, TestJwtClaimsSets.jwtClaimsSet()))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("jwsHeaderBuilder cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> JwtEncodingContext.with(null, TestJwtClaimsSets.jwtClaimsSet()))
.withMessage("jwsHeaderBuilder cannot be null");
}
@Test
public void withWhenClaimsNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> JwtEncodingContext.with(TestJwsHeaders.jwsHeader(), null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("claimsBuilder cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> JwtEncodingContext.with(TestJwsHeaders.jwsHeader(), null))
.withMessage("claimsBuilder cannot be null");
}
@Test
public void setWhenValueNullThenThrowIllegalArgumentException() {
JwtEncodingContext.Builder builder = JwtEncodingContext.with(TestJwsHeaders.jwsHeader(),
TestJwtClaimsSets.jwtClaimsSet());
assertThatThrownBy(() -> builder.registeredClient(null)).isInstanceOf(IllegalArgumentException.class);
assertThatThrownBy(() -> builder.principal(null)).isInstanceOf(IllegalArgumentException.class);
assertThatThrownBy(() -> builder.authorization(null)).isInstanceOf(IllegalArgumentException.class);
assertThatThrownBy(() -> builder.tokenType(null)).isInstanceOf(IllegalArgumentException.class);
assertThatThrownBy(() -> builder.authorizationGrantType(null)).isInstanceOf(IllegalArgumentException.class);
assertThatThrownBy(() -> builder.authorizationGrant(null)).isInstanceOf(IllegalArgumentException.class);
assertThatThrownBy(() -> builder.put(null, "")).isInstanceOf(IllegalArgumentException.class);
assertThatExceptionOfType(IllegalArgumentException.class).isThrownBy(() -> builder.registeredClient(null));
assertThatExceptionOfType(IllegalArgumentException.class).isThrownBy(() -> builder.principal(null));
assertThatExceptionOfType(IllegalArgumentException.class).isThrownBy(() -> builder.authorization(null));
assertThatExceptionOfType(IllegalArgumentException.class).isThrownBy(() -> builder.tokenType(null));
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> builder.authorizationGrantType(null));
assertThatExceptionOfType(IllegalArgumentException.class).isThrownBy(() -> builder.authorizationGrant(null));
assertThatExceptionOfType(IllegalArgumentException.class).isThrownBy(() -> builder.put(null, ""));
}
@Test
oauth2/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/token/JwtGeneratorTests.java
+6 -5
View File
@@ -58,7 +58,7 @@ import org.springframework.security.oauth2.server.authorization.settings.OAuth2T
import org.springframework.security.oauth2.server.authorization.settings.TokenSettings;
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.assertThatThrownBy;
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.verify;
@@ -93,14 +93,15 @@ public class JwtGeneratorTests {
@Test
public void constructorWhenJwtEncoderNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> new JwtGenerator(null)).isInstanceOf(IllegalArgumentException.class)
.hasMessage("jwtEncoder cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class).isThrownBy(() -> new JwtGenerator(null))
.withMessage("jwtEncoder cannot be null");
}
@Test
public void setJwtCustomizerWhenNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> this.jwtGenerator.setJwtCustomizer(null)).isInstanceOf(IllegalArgumentException.class)
.hasMessage("jwtCustomizer cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> this.jwtGenerator.setJwtCustomizer(null))
.withMessage("jwtCustomizer cannot be null");
}
@Test
oauth2/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/token/OAuth2AccessTokenGeneratorTests.java
+4 -4
View File
@@ -46,7 +46,7 @@ import org.springframework.security.oauth2.server.authorization.settings.OAuth2T
import org.springframework.security.oauth2.server.authorization.settings.TokenSettings;
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.assertThatThrownBy;
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.verify;
@@ -76,9 +76,9 @@ public class OAuth2AccessTokenGeneratorTests {
@Test
public void setAccessTokenCustomizerWhenNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> this.accessTokenGenerator.setAccessTokenCustomizer(null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("accessTokenCustomizer cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> this.accessTokenGenerator.setAccessTokenCustomizer(null))
.withMessage("accessTokenCustomizer cannot be null");
}
@Test
oauth2/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/token/OAuth2TokenClaimsContextTests.java
+3 -3
View File
@@ -40,7 +40,7 @@ import org.springframework.security.oauth2.server.authorization.context.TestAuth
import org.springframework.security.oauth2.server.authorization.settings.AuthorizationServerSettings;
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.assertThatThrownBy;
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
/**
* Tests for {@link OAuth2TokenClaimsContext}.
@@ -51,8 +51,8 @@ public class OAuth2TokenClaimsContextTests {
@Test
public void withWhenClaimsNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> OAuth2TokenClaimsContext.with(null)).isInstanceOf(IllegalArgumentException.class)
.hasMessage("claimsBuilder cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class).isThrownBy(() -> OAuth2TokenClaimsContext.with(null))
.withMessage("claimsBuilder cannot be null");
}
@Test
oauth2/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/token/OAuth2TokenClaimsSetTests.java
+10 -9
View File
@@ -23,7 +23,7 @@ import java.util.Collections;
import org.junit.jupiter.api.Test;
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.assertThatThrownBy;
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
/**
* Tests for {@link OAuth2TokenClaimsSet}.
@@ -34,8 +34,9 @@ public class OAuth2TokenClaimsSetTests {
@Test
public void buildWhenClaimsEmptyThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> OAuth2TokenClaimsSet.builder().build()).isInstanceOf(IllegalArgumentException.class)
.hasMessage("claims cannot be empty");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> OAuth2TokenClaimsSet.builder().build())
.withMessage("claims cannot be empty");
}
@Test
@@ -82,16 +83,16 @@ public class OAuth2TokenClaimsSetTests {
@Test
public void claimWhenNameNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> OAuth2TokenClaimsSet.builder().claim(null, "value"))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("name cannot be empty");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> OAuth2TokenClaimsSet.builder().claim(null, "value"))
.withMessage("name cannot be empty");
}
@Test
public void claimWhenValueNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> OAuth2TokenClaimsSet.builder().claim("name", null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("value cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> OAuth2TokenClaimsSet.builder().claim("name", null))
.withMessage("value cannot be null");
}
}
oauth2/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/web/NimbusJwkSetEndpointFilterTests.java
+6 -6
View File
@@ -39,7 +39,7 @@ import org.springframework.mock.web.MockHttpServletResponse;
import org.springframework.security.oauth2.jose.TestJwks;
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.assertThatThrownBy;
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
import static org.mockito.ArgumentMatchers.any;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.verify;
@@ -69,15 +69,15 @@ public class NimbusJwkSetEndpointFilterTests {
@Test
public void constructorWhenJwkSourceNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> new NimbusJwkSetEndpointFilter(null)).isInstanceOf(IllegalArgumentException.class)
.hasMessage("jwkSource cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class).isThrownBy(() -> new NimbusJwkSetEndpointFilter(null))
.withMessage("jwkSource cannot be null");
}
@Test
public void constructorWhenJwkSetEndpointUriNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> new NimbusJwkSetEndpointFilter(this.jwkSource, null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("jwkSetEndpointUri cannot be empty");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> new NimbusJwkSetEndpointFilter(this.jwkSource, null))
.withMessage("jwkSetEndpointUri cannot be empty");
}
@Test
oauth2/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/web/OAuth2AuthorizationEndpointFilterTests.java
+22 -22
View File
@@ -67,7 +67,7 @@ import org.springframework.util.StringUtils;
import org.springframework.web.util.UriComponentsBuilder;
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.assertThatThrownBy;
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
import static org.mockito.ArgumentMatchers.any;
import static org.mockito.ArgumentMatchers.same;
import static org.mockito.BDDMockito.given;
@@ -128,51 +128,51 @@ public class OAuth2AuthorizationEndpointFilterTests {
@Test
public void constructorWhenAuthenticationManagerNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> new OAuth2AuthorizationEndpointFilter(null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("authenticationManager cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> new OAuth2AuthorizationEndpointFilter(null))
.withMessage("authenticationManager cannot be null");
}
@Test
public void constructorWhenAuthorizationEndpointUriNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> new OAuth2AuthorizationEndpointFilter(this.authenticationManager, null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("authorizationEndpointUri cannot be empty");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> new OAuth2AuthorizationEndpointFilter(this.authenticationManager, null))
.withMessage("authorizationEndpointUri cannot be empty");
}
@Test
public void setAuthenticationDetailsSourceWhenNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> this.filter.setAuthenticationDetailsSource(null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("authenticationDetailsSource cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> this.filter.setAuthenticationDetailsSource(null))
.withMessage("authenticationDetailsSource cannot be null");
}
@Test
public void setAuthenticationConverterWhenNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> this.filter.setAuthenticationConverter(null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("authenticationConverter cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> this.filter.setAuthenticationConverter(null))
.withMessage("authenticationConverter cannot be null");
}
@Test
public void setAuthenticationSuccessHandlerWhenNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> this.filter.setAuthenticationSuccessHandler(null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("authenticationSuccessHandler cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> this.filter.setAuthenticationSuccessHandler(null))
.withMessage("authenticationSuccessHandler cannot be null");
}
@Test
public void setAuthenticationFailureHandlerWhenNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> this.filter.setAuthenticationFailureHandler(null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("authenticationFailureHandler cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> this.filter.setAuthenticationFailureHandler(null))
.withMessage("authenticationFailureHandler cannot be null");
}
@Test
public void setSessionAuthenticationStrategyWhenNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> this.filter.setSessionAuthenticationStrategy(null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("sessionAuthenticationStrategy cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> this.filter.setSessionAuthenticationStrategy(null))
.withMessage("sessionAuthenticationStrategy cannot be null");
}
@Test
oauth2/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/web/OAuth2AuthorizationServerMetadataEndpointFilterTests.java
+6 -6
View File
@@ -31,7 +31,7 @@ import org.springframework.security.oauth2.server.authorization.settings.Authori
import org.springframework.web.util.InvalidUrlException;
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.assertThatThrownBy;
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
import static org.mockito.ArgumentMatchers.any;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.verify;
@@ -56,9 +56,9 @@ public class OAuth2AuthorizationServerMetadataEndpointFilterTests {
@Test
public void setAuthorizationServerMetadataCustomizerWhenNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> this.filter.setAuthorizationServerMetadataCustomizer(null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("authorizationServerMetadataCustomizer cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> this.filter.setAuthorizationServerMetadataCustomizer(null))
.withMessage("authorizationServerMetadataCustomizer cannot be null");
}
@Test
@@ -168,8 +168,8 @@ public class OAuth2AuthorizationServerMetadataEndpointFilterTests {
MockHttpServletResponse response = new MockHttpServletResponse();
FilterChain filterChain = mock(FilterChain.class);
assertThatThrownBy(() -> this.filter.doFilter(request, response, filterChain))
.isInstanceOf(InvalidUrlException.class);
assertThatExceptionOfType(InvalidUrlException.class)
.isThrownBy(() -> this.filter.doFilter(request, response, filterChain));
}
}
oauth2/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/web/OAuth2ClientAuthenticationFilterTests.java
+16 -16
View File
@@ -51,7 +51,7 @@ import org.springframework.security.web.servlet.util.matcher.PathPatternRequestM
import org.springframework.security.web.util.matcher.RequestMatcher;
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.assertThatThrownBy;
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
import static org.mockito.ArgumentMatchers.any;
import static org.mockito.BDDMockito.given;
import static org.mockito.Mockito.mock;
@@ -95,37 +95,37 @@ public class OAuth2ClientAuthenticationFilterTests {
@Test
public void constructorWhenAuthenticationManagerNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> new OAuth2ClientAuthenticationFilter(null, this.requestMatcher))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("authenticationManager cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> new OAuth2ClientAuthenticationFilter(null, this.requestMatcher))
.withMessage("authenticationManager cannot be null");
}
@Test
public void constructorWhenRequestMatcherNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> new OAuth2ClientAuthenticationFilter(this.authenticationManager, null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("requestMatcher cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> new OAuth2ClientAuthenticationFilter(this.authenticationManager, null))
.withMessage("requestMatcher cannot be null");
}
@Test
public void setAuthenticationConverterWhenNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> this.filter.setAuthenticationConverter(null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("authenticationConverter cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> this.filter.setAuthenticationConverter(null))
.withMessage("authenticationConverter cannot be null");
}
@Test
public void setAuthenticationSuccessHandlerWhenNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> this.filter.setAuthenticationSuccessHandler(null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("authenticationSuccessHandler cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> this.filter.setAuthenticationSuccessHandler(null))
.withMessage("authenticationSuccessHandler cannot be null");
}
@Test
public void setAuthenticationFailureHandlerWhenNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> this.filter.setAuthenticationFailureHandler(null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("authenticationFailureHandler cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> this.filter.setAuthenticationFailureHandler(null))
.withMessage("authenticationFailureHandler cannot be null");
}
@Test
oauth2/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/web/OAuth2PushedAuthorizationRequestEndpointFilterTests.java
+19 -19
View File
@@ -62,7 +62,7 @@ import org.springframework.security.web.authentication.WebAuthenticationDetails;
import org.springframework.util.StringUtils;
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.assertThatThrownBy;
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
import static org.mockito.ArgumentMatchers.any;
import static org.mockito.ArgumentMatchers.same;
import static org.mockito.BDDMockito.given;
@@ -115,44 +115,44 @@ public class OAuth2PushedAuthorizationRequestEndpointFilterTests {
@Test
public void constructorWhenAuthenticationManagerNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> new OAuth2PushedAuthorizationRequestEndpointFilter(null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("authenticationManager cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> new OAuth2PushedAuthorizationRequestEndpointFilter(null))
.withMessage("authenticationManager cannot be null");
}
@Test
public void constructorWhenPushedAuthorizationRequestEndpointUriNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> new OAuth2PushedAuthorizationRequestEndpointFilter(this.authenticationManager, null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("pushedAuthorizationRequestEndpointUri cannot be empty");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> new OAuth2PushedAuthorizationRequestEndpointFilter(this.authenticationManager, null))
.withMessage("pushedAuthorizationRequestEndpointUri cannot be empty");
}
@Test
public void setAuthenticationDetailsSourceWhenNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> this.filter.setAuthenticationDetailsSource(null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("authenticationDetailsSource cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> this.filter.setAuthenticationDetailsSource(null))
.withMessage("authenticationDetailsSource cannot be null");
}
@Test
public void setAuthenticationConverterWhenNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> this.filter.setAuthenticationConverter(null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("authenticationConverter cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> this.filter.setAuthenticationConverter(null))
.withMessage("authenticationConverter cannot be null");
}
@Test
public void setAuthenticationSuccessHandlerWhenNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> this.filter.setAuthenticationSuccessHandler(null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("authenticationSuccessHandler cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> this.filter.setAuthenticationSuccessHandler(null))
.withMessage("authenticationSuccessHandler cannot be null");
}
@Test
public void setAuthenticationFailureHandlerWhenNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> this.filter.setAuthenticationFailureHandler(null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("authenticationFailureHandler cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> this.filter.setAuthenticationFailureHandler(null))
.withMessage("authenticationFailureHandler cannot be null");
}
@Test
oauth2/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/web/OAuth2TokenEndpointFilterTests.java
+19 -19
View File
@@ -68,7 +68,7 @@ import org.springframework.security.web.authentication.WebAuthenticationDetails;
import org.springframework.util.StringUtils;
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.assertThatThrownBy;
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
import static org.mockito.ArgumentMatchers.any;
import static org.mockito.BDDMockito.given;
import static org.mockito.Mockito.mock;
@@ -111,44 +111,44 @@ public class OAuth2TokenEndpointFilterTests {
@Test
public void constructorWhenAuthenticationManagerNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> new OAuth2TokenEndpointFilter(null, "tokenEndpointUri"))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("authenticationManager cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> new OAuth2TokenEndpointFilter(null, "tokenEndpointUri"))
.withMessage("authenticationManager cannot be null");
}
@Test
public void constructorWhenTokenEndpointUriNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> new OAuth2TokenEndpointFilter(this.authenticationManager, null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("tokenEndpointUri cannot be empty");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> new OAuth2TokenEndpointFilter(this.authenticationManager, null))
.withMessage("tokenEndpointUri cannot be empty");
}
@Test
public void setAuthenticationDetailsSourceWhenNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> this.filter.setAuthenticationDetailsSource(null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("authenticationDetailsSource cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> this.filter.setAuthenticationDetailsSource(null))
.withMessage("authenticationDetailsSource cannot be null");
}
@Test
public void setAuthenticationConverterWhenNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> this.filter.setAuthenticationConverter(null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("authenticationConverter cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> this.filter.setAuthenticationConverter(null))
.withMessage("authenticationConverter cannot be null");
}
@Test
public void setAuthenticationSuccessHandlerWhenNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> this.filter.setAuthenticationSuccessHandler(null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("authenticationSuccessHandler cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> this.filter.setAuthenticationSuccessHandler(null))
.withMessage("authenticationSuccessHandler cannot be null");
}
@Test
public void setAuthenticationFailureHandlerWhenNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> this.filter.setAuthenticationFailureHandler(null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("authenticationFailureHandler cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> this.filter.setAuthenticationFailureHandler(null))
.withMessage("authenticationFailureHandler cannot be null");
}
@Test
oauth2/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/web/OAuth2TokenIntrospectionEndpointFilterTests.java
+16 -16
View File
@@ -57,7 +57,7 @@ import org.springframework.security.web.authentication.AuthenticationFailureHand
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.assertThatThrownBy;
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
import static org.assertj.core.api.Assertions.entry;
import static org.mockito.ArgumentMatchers.any;
import static org.mockito.BDDMockito.given;
@@ -96,37 +96,37 @@ public class OAuth2TokenIntrospectionEndpointFilterTests {
@Test
public void constructorWhenAuthenticationManagerNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> new OAuth2TokenIntrospectionEndpointFilter(null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("authenticationManager cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> new OAuth2TokenIntrospectionEndpointFilter(null))
.withMessage("authenticationManager cannot be null");
}
@Test
public void constructorWhenTokenIntrospectionEndpointUriNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> new OAuth2TokenIntrospectionEndpointFilter(this.authenticationManager, null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("tokenIntrospectionEndpointUri cannot be empty");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> new OAuth2TokenIntrospectionEndpointFilter(this.authenticationManager, null))
.withMessage("tokenIntrospectionEndpointUri cannot be empty");
}
@Test
public void setAuthenticationConverterWhenNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> this.filter.setAuthenticationConverter(null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("authenticationConverter cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> this.filter.setAuthenticationConverter(null))
.withMessage("authenticationConverter cannot be null");
}
@Test
public void setAuthenticationSuccessHandlerWhenNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> this.filter.setAuthenticationSuccessHandler(null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("authenticationSuccessHandler cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> this.filter.setAuthenticationSuccessHandler(null))
.withMessage("authenticationSuccessHandler cannot be null");
}
@Test
public void setAuthenticationFailureHandlerWhenNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> this.filter.setAuthenticationFailureHandler(null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("authenticationFailureHandler cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> this.filter.setAuthenticationFailureHandler(null))
.withMessage("authenticationFailureHandler cannot be null");
}
@Test
oauth2/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/web/OAuth2TokenRevocationEndpointFilterTests.java
+19 -19
View File
@@ -57,7 +57,7 @@ import org.springframework.security.web.authentication.AuthenticationSuccessHand
import org.springframework.security.web.authentication.WebAuthenticationDetails;
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.assertThatThrownBy;
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
import static org.mockito.ArgumentMatchers.any;
import static org.mockito.BDDMockito.given;
import static org.mockito.Mockito.mock;
@@ -93,44 +93,44 @@ public class OAuth2TokenRevocationEndpointFilterTests {
@Test
public void constructorWhenAuthenticationManagerNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> new OAuth2TokenRevocationEndpointFilter(null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("authenticationManager cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> new OAuth2TokenRevocationEndpointFilter(null))
.withMessage("authenticationManager cannot be null");
}
@Test
public void constructorWhenTokenRevocationEndpointUriNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> new OAuth2TokenRevocationEndpointFilter(this.authenticationManager, null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("tokenRevocationEndpointUri cannot be empty");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> new OAuth2TokenRevocationEndpointFilter(this.authenticationManager, null))
.withMessage("tokenRevocationEndpointUri cannot be empty");
}
@Test
public void setAuthenticationDetailsSourceWhenNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> this.filter.setAuthenticationDetailsSource(null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("authenticationDetailsSource cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> this.filter.setAuthenticationDetailsSource(null))
.withMessage("authenticationDetailsSource cannot be null");
}
@Test
public void setAuthenticationConverterWhenNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> this.filter.setAuthenticationConverter(null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("authenticationConverter cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> this.filter.setAuthenticationConverter(null))
.withMessage("authenticationConverter cannot be null");
}
@Test
public void setAuthenticationSuccessHandlerWhenNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> this.filter.setAuthenticationSuccessHandler(null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("authenticationSuccessHandler cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> this.filter.setAuthenticationSuccessHandler(null))
.withMessage("authenticationSuccessHandler cannot be null");
}
@Test
public void setAuthenticationFailureHandlerWhenNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> this.filter.setAuthenticationFailureHandler(null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("authenticationFailureHandler cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> this.filter.setAuthenticationFailureHandler(null))
.withMessage("authenticationFailureHandler cannot be null");
}
@Test
oauth2/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/web/authentication/ClientSecretBasicAuthenticationConverterTests.java
+7 -7
View File
@@ -34,7 +34,7 @@ import org.springframework.security.oauth2.core.endpoint.PkceParameterNames;
import org.springframework.security.oauth2.server.authorization.authentication.OAuth2ClientAuthenticationToken;
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.assertThatThrownBy;
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
import static org.assertj.core.api.Assertions.entry;
/**
@@ -66,8 +66,8 @@ public class ClientSecretBasicAuthenticationConverterTests {
public void convertWhenAuthorizationHeaderBasicWithMissingCredentialsThenThrowOAuth2AuthenticationException() {
MockHttpServletRequest request = new MockHttpServletRequest();
request.addHeader(HttpHeaders.AUTHORIZATION, "Basic ");
assertThatThrownBy(() -> this.converter.convert(request)).isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class).isThrownBy(() -> this.converter.convert(request))
.extracting(OAuth2AuthenticationException::getError)
.extracting("errorCode")
.isEqualTo(OAuth2ErrorCodes.INVALID_REQUEST);
}
@@ -76,8 +76,8 @@ public class ClientSecretBasicAuthenticationConverterTests {
public void convertWhenAuthorizationHeaderBasicWithInvalidBase64ThenThrowOAuth2AuthenticationException() {
MockHttpServletRequest request = new MockHttpServletRequest();
request.addHeader(HttpHeaders.AUTHORIZATION, "Basic clientId:secret");
assertThatThrownBy(() -> this.converter.convert(request)).isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class).isThrownBy(() -> this.converter.convert(request))
.extracting(OAuth2AuthenticationException::getError)
.extracting("errorCode")
.isEqualTo(OAuth2ErrorCodes.INVALID_REQUEST);
}
@@ -87,8 +87,8 @@ public class ClientSecretBasicAuthenticationConverterTests {
throws Exception {
MockHttpServletRequest request = new MockHttpServletRequest();
request.addHeader(HttpHeaders.AUTHORIZATION, "Basic " + encodeBasicAuth("clientId", ""));
assertThatThrownBy(() -> this.converter.convert(request)).isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class).isThrownBy(() -> this.converter.convert(request))
.extracting(OAuth2AuthenticationException::getError)
.extracting("errorCode")
.isEqualTo(OAuth2ErrorCodes.INVALID_REQUEST);
}
oauth2/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/web/authentication/ClientSecretPostAuthenticationConverterTests.java
+5 -5
View File
@@ -29,7 +29,7 @@ import org.springframework.security.oauth2.core.endpoint.PkceParameterNames;
import org.springframework.security.oauth2.server.authorization.authentication.OAuth2ClientAuthenticationToken;
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.assertThatThrownBy;
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
import static org.assertj.core.api.Assertions.entry;
/**
@@ -53,8 +53,8 @@ public class ClientSecretPostAuthenticationConverterTests {
MockHttpServletRequest request = new MockHttpServletRequest();
request.addParameter(OAuth2ParameterNames.CLIENT_ID, "client-1");
request.addParameter(OAuth2ParameterNames.CLIENT_ID, "client-2");
assertThatThrownBy(() -> this.converter.convert(request)).isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class).isThrownBy(() -> this.converter.convert(request))
.extracting(OAuth2AuthenticationException::getError)
.extracting("errorCode")
.isEqualTo(OAuth2ErrorCodes.INVALID_REQUEST);
}
@@ -73,8 +73,8 @@ public class ClientSecretPostAuthenticationConverterTests {
request.addParameter(OAuth2ParameterNames.CLIENT_ID, "client-1");
request.addParameter(OAuth2ParameterNames.CLIENT_SECRET, "client-secret-1");
request.addParameter(OAuth2ParameterNames.CLIENT_SECRET, "client-secret-2");
assertThatThrownBy(() -> this.converter.convert(request)).isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class).isThrownBy(() -> this.converter.convert(request))
.extracting(OAuth2AuthenticationException::getError)
.extracting("errorCode")
.isEqualTo(OAuth2ErrorCodes.INVALID_REQUEST);
}
oauth2/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/web/authentication/JwtClientAssertionAuthenticationConverterTests.java
+3 -3
View File
@@ -27,7 +27,7 @@ import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames;
import org.springframework.security.oauth2.server.authorization.authentication.OAuth2ClientAuthenticationToken;
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.assertThatThrownBy;
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
import static org.assertj.core.api.Assertions.entry;
/**
@@ -124,8 +124,8 @@ public class JwtClientAssertionAuthenticationConverterTests {
}
private void assertThrown(MockHttpServletRequest request, String errorCode) {
assertThatThrownBy(() -> this.converter.convert(request)).isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class).isThrownBy(() -> this.converter.convert(request))
.extracting(OAuth2AuthenticationException::getError)
.extracting("errorCode")
.isEqualTo(errorCode);
}
oauth2/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/web/authentication/OAuth2AccessTokenResponseAuthenticationSuccessHandlerTests.java
+7 -8
View File
@@ -46,7 +46,7 @@ import org.springframework.security.oauth2.server.authorization.client.Registere
import org.springframework.security.oauth2.server.authorization.client.TestRegisteredClients;
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.assertThatThrownBy;
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
/**
* Tests for {@link OAuth2AccessTokenResponseAuthenticationSuccessHandler}.
@@ -68,9 +68,8 @@ public class OAuth2AccessTokenResponseAuthenticationSuccessHandlerTests {
@Test
public void setAccessTokenResponseCustomizerWhenNullThenThrowIllegalArgumentException() {
// @formatter:off
assertThatThrownBy(() -> this.authenticationSuccessHandler.setAccessTokenResponseCustomizer(null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("accessTokenResponseCustomizer cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class).isThrownBy(() -> this.authenticationSuccessHandler.setAccessTokenResponseCustomizer(null))
.withMessage("accessTokenResponseCustomizer cannot be null");
// @formatter:on
}
@@ -106,10 +105,10 @@ public class OAuth2AccessTokenResponseAuthenticationSuccessHandlerTests {
MockHttpServletRequest request = new MockHttpServletRequest();
MockHttpServletResponse response = new MockHttpServletResponse();
assertThatThrownBy(() -> this.authenticationSuccessHandler.onAuthenticationSuccess(request, response,
new TestingAuthenticationToken(this.clientPrincipal, null)))
.isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class)
.isThrownBy(() -> this.authenticationSuccessHandler.onAuthenticationSuccess(request, response,
new TestingAuthenticationToken(this.clientPrincipal, null)))
.extracting(OAuth2AuthenticationException::getError)
.extracting("errorCode")
.isEqualTo(OAuth2ErrorCodes.SERVER_ERROR);
}
oauth2/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/web/authentication/OAuth2ErrorAuthenticationFailureHandlerTests.java
+3 -4
View File
@@ -30,7 +30,7 @@ import org.springframework.security.oauth2.core.OAuth2ErrorCodes;
import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames;
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.assertThatThrownBy;
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.verifyNoInteractions;
@@ -46,9 +46,8 @@ public class OAuth2ErrorAuthenticationFailureHandlerTests {
@Test
public void setErrorResponseConverterWhenNullThenThrowIllegalArgumentException() {
// @formatter:off
assertThatThrownBy(() -> this.authenticationFailureHandler.setErrorResponseConverter(null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("errorResponseConverter cannot be null");
assertThatExceptionOfType(IllegalArgumentException.class).isThrownBy(() -> this.authenticationFailureHandler.setErrorResponseConverter(null))
.withMessage("errorResponseConverter cannot be null");
// @formatter:on
}
oauth2/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/web/authentication/PublicClientAuthenticationConverterTests.java
+7 -7
View File
@@ -29,7 +29,7 @@ import org.springframework.security.oauth2.core.endpoint.PkceParameterNames;
import org.springframework.security.oauth2.server.authorization.authentication.OAuth2ClientAuthenticationToken;
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.assertThatThrownBy;
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
import static org.assertj.core.api.Assertions.entry;
/**
@@ -52,8 +52,8 @@ public class PublicClientAuthenticationConverterTests {
public void convertWhenMissingClientIdThenInvalidRequestError() {
MockHttpServletRequest request = createPkceTokenRequest();
request.removeParameter(OAuth2ParameterNames.CLIENT_ID);
assertThatThrownBy(() -> this.converter.convert(request)).isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class).isThrownBy(() -> this.converter.convert(request))
.extracting(OAuth2AuthenticationException::getError)
.extracting("errorCode")
.isEqualTo(OAuth2ErrorCodes.INVALID_REQUEST);
}
@@ -62,8 +62,8 @@ public class PublicClientAuthenticationConverterTests {
public void convertWhenMultipleClientIdThenInvalidRequestError() {
MockHttpServletRequest request = createPkceTokenRequest();
request.addParameter(OAuth2ParameterNames.CLIENT_ID, "client-2");
assertThatThrownBy(() -> this.converter.convert(request)).isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class).isThrownBy(() -> this.converter.convert(request))
.extracting(OAuth2AuthenticationException::getError)
.extracting("errorCode")
.isEqualTo(OAuth2ErrorCodes.INVALID_REQUEST);
}
@@ -72,8 +72,8 @@ public class PublicClientAuthenticationConverterTests {
public void convertWhenMultipleCodeVerifierThenInvalidRequestError() {
MockHttpServletRequest request = createPkceTokenRequest();
request.addParameter(PkceParameterNames.CODE_VERIFIER, "code-verifier-2");
assertThatThrownBy(() -> this.converter.convert(request)).isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class).isThrownBy(() -> this.converter.convert(request))
.extracting(OAuth2AuthenticationException::getError)
.extracting("errorCode")
.isEqualTo(OAuth2ErrorCodes.INVALID_REQUEST);
}
oauth2/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/web/authentication/X509ClientCertificateAuthenticationConverterTests.java
+3 -3
View File
@@ -31,7 +31,7 @@ import org.springframework.security.oauth2.server.authorization.authentication.O
import org.springframework.security.oauth2.server.authorization.util.TestX509Certificates;
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.assertThatThrownBy;
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
import static org.assertj.core.api.Assertions.entry;
/**
@@ -74,8 +74,8 @@ public class X509ClientCertificateAuthenticationConverterTests {
TestX509Certificates.DEMO_CLIENT_PKI_CERTIFICATE);
request.addParameter(OAuth2ParameterNames.CLIENT_ID, "client-1");
request.addParameter(OAuth2ParameterNames.CLIENT_ID, "client-2");
assertThatThrownBy(() -> this.converter.convert(request)).isInstanceOf(OAuth2AuthenticationException.class)
.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
assertThatExceptionOfType(OAuth2AuthenticationException.class).isThrownBy(() -> this.converter.convert(request))
.extracting(OAuth2AuthenticationException::getError)
.extracting("errorCode")
.isEqualTo(OAuth2ErrorCodes.INVALID_REQUEST);
}