org.springframework.security.oauth2.server.resource.web.BearerTokenResolver Java Examples

The following examples show how to use org.springframework.security.oauth2.server.resource.web.BearerTokenResolver. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: IapAuthenticationAutoConfigurationTests.java    From spring-cloud-gcp with Apache License 2.0 6 votes vote down vote up 
@Test
public void testUserBeansReturnedUserConfigPresent() {
	this.contextRunner
			.withUserConfiguration(UserConfiguration.class)
			.withPropertyValues("spring.cloud.gcp.security.iap.audience=unused")
			.run((context) -> {
				JwtDecoder jwtDecoder =  context.getBean(JwtDecoder.class);
				assertThat(jwtDecoder).isNotNull();
				assertThat(jwtDecoder).isNotInstanceOf(NimbusJwtDecoderJwkSupport.class);
				assertThat(jwtDecoder.decode("Ceci n'est pas un Jwt")).isSameAs(mockJwt);

				BearerTokenResolver resolver = context.getBean(BearerTokenResolver.class);
				assertThat(resolver).isNotNull();
				assertThat(resolver.resolve(this.mockIapRequest)).isEqualTo(FAKE_USER_TOKEN);
				assertThat(resolver.resolve(this.mockNonIapRequest)).isEqualTo(FAKE_USER_TOKEN);
			});
}
Example #2
Source File: SecurityConfiguration.java    From cloud-security-xsuaa-integration with Apache License 2.0 5 votes vote down vote up 
BearerTokenResolver getTokenBrokerResolver() {
	Cache cache = new CaffeineCache("token",
			Caffeine.newBuilder()
					.expireAfterWrite(15, TimeUnit.MINUTES)
					.maximumSize(100).build(), false);

	return new TokenBrokerResolver(xsuaaServiceConfiguration, cache, AuthenticationMethod.BASIC);
}
Example #3
Source File: IapAuthenticationAutoConfigurationTests.java    From spring-cloud-gcp with Apache License 2.0 5 votes vote down vote up 
@Test
public void testCustomPropertyOverridesDefault() {
	this.contextRunner
			.withPropertyValues("spring.cloud.gcp.security.iap.header=some-other-header")
			.withPropertyValues("spring.cloud.gcp.security.iap.audience=unused")
			.run((context) -> {
				when(this.mockNonIapRequest.getHeader("some-other-header")).thenReturn("other header jwt");

				BearerTokenResolver resolver = context.getBean(BearerTokenResolver.class);
				assertThat(resolver).isNotNull();
				assertThat(resolver.resolve(this.mockIapRequest)).isEqualTo(null);
				assertThat(resolver.resolve(this.mockNonIapRequest)).isEqualTo("other header jwt");
			});
}
Example #4
Source File: IapAuthenticationAutoConfigurationTests.java    From spring-cloud-gcp with Apache License 2.0 5 votes vote down vote up 
private void verifyJwtBeans(AssertableApplicationContext context) {
	JwtDecoder jwtDecoder =  context.getBean(JwtDecoder.class);
	assertThat(jwtDecoder).isNotNull();
	assertThat(jwtDecoder).isInstanceOf(NimbusJwtDecoderJwkSupport.class);

	BearerTokenResolver resolver = context.getBean(BearerTokenResolver.class);
	assertThat(resolver).isNotNull();
	assertThat(resolver.resolve(this.mockIapRequest)).isEqualTo("very fake jwt");

	assertThat(resolver.resolve(this.mockNonIapRequest)).isNull();
}
Example #5
Source File: IapAuthenticationAutoConfiguration.java    From spring-cloud-gcp with Apache License 2.0 4 votes vote down vote up 
@Bean
@ConditionalOnMissingBean
public BearerTokenResolver iatTokenResolver(IapAuthenticationProperties properties) {
	return (r) -> r.getHeader(properties.getHeader());
}
Example #6
Source File: IapAuthenticationAutoConfigurationTests.java    From spring-cloud-gcp with Apache License 2.0 4 votes vote down vote up 
@Bean
public BearerTokenResolver bearerTokenResolver() {
	return (httpServletRequest) -> FAKE_USER_TOKEN;
}