Skip to content

Commit 12257e1

Browse files
Steve Riesenbergsjohnr
Steve Riesenberg
authored and
sjohnr
committed
Update integration tests to use in-memory
1 parent fc2b997 commit 12257e1

11 files changed

+363
-344
lines changed

oauth2-authorization-server/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/server/authorization/JwkSetTests.java

Lines changed: 15 additions & 17 deletions
Original file line numberDiff line numberDiff line change
@@ -18,7 +18,6 @@
1818
import com.nimbusds.jose.jwk.JWKSet;
1919
import com.nimbusds.jose.jwk.source.JWKSource;
2020
import com.nimbusds.jose.proc.SecurityContext;
21-
import org.junit.Before;
2221
import org.junit.BeforeClass;
2322
import org.junit.Rule;
2423
import org.junit.Test;
@@ -31,15 +30,17 @@
3130
import org.springframework.security.config.annotation.web.configuration.OAuth2AuthorizationServerConfiguration;
3231
import org.springframework.security.config.test.SpringTestRule;
3332
import org.springframework.security.oauth2.jose.TestJwks;
33+
import org.springframework.security.oauth2.server.authorization.InMemoryOAuth2AuthorizationService;
3434
import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService;
35+
import org.springframework.security.oauth2.server.authorization.client.InMemoryRegisteredClientRepository;
36+
import org.springframework.security.oauth2.server.authorization.client.RegisteredClient;
3537
import org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository;
38+
import org.springframework.security.oauth2.server.authorization.client.TestRegisteredClients;
3639
import org.springframework.security.oauth2.server.authorization.config.ProviderSettings;
3740
import org.springframework.security.oauth2.server.authorization.web.NimbusJwkSetEndpointFilter;
3841
import org.springframework.test.web.servlet.MockMvc;
3942

4043
import static org.hamcrest.CoreMatchers.containsString;
41-
import static org.mockito.Mockito.mock;
42-
import static org.mockito.Mockito.reset;
4344
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
4445
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.header;
4546
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.jsonPath;
@@ -51,8 +52,6 @@
5152
* @author Florian Berthe
5253
*/
5354
public class JwkSetTests {
54-
private static RegisteredClientRepository registeredClientRepository;
55-
private static OAuth2AuthorizationService authorizationService;
5655
private static JWKSource<SecurityContext> jwkSource;
5756
private static ProviderSettings providerSettings;
5857

@@ -64,19 +63,11 @@ public class JwkSetTests {
6463

6564
@BeforeClass
6665
public static void init() {
67-
registeredClientRepository = mock(RegisteredClientRepository.class);
68-
authorizationService = mock(OAuth2AuthorizationService.class);
6966
JWKSet jwkSet = new JWKSet(TestJwks.DEFAULT_RSA_JWK);
7067
jwkSource = (jwkSelector, securityContext) -> jwkSelector.select(jwkSet);
7168
providerSettings = new ProviderSettings().jwkSetEndpoint("/test/jwks");
7269
}
7370

74-
@Before
75-
public void setup() {
76-
reset(registeredClientRepository);
77-
reset(authorizationService);
78-
}
79-
8071
@Test
8172
public void requestWhenJwkSetThenReturnKeys() throws Exception {
8273
this.spring.register(AuthorizationServerConfiguration.class).autowire();
@@ -105,13 +96,20 @@ private void assertJwkSetRequestThenReturnKeys(String jwkSetEndpointUri) throws
10596
static class AuthorizationServerConfiguration {
10697

10798
@Bean
108-
RegisteredClientRepository registeredClientRepository() {
109-
return registeredClientRepository;
99+
OAuth2AuthorizationService authorizationService() {
100+
return new InMemoryOAuth2AuthorizationService();
110101
}
111102

112103
@Bean
113-
OAuth2AuthorizationService authorizationService() {
114-
return authorizationService;
104+
RegisteredClientRepository registeredClientRepository() {
105+
// @formatter:off
106+
RegisteredClient dummyClient = TestRegisteredClients.registeredClient()
107+
.id("dummy-client")
108+
.clientId("dummy-client")
109+
.clientSecret("dummy-secret")
110+
.build();
111+
// @formatter:on
112+
return new InMemoryRegisteredClientRepository(dummyClient);
115113
}
116114

117115
@Bean

oauth2-authorization-server/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/server/authorization/OAuth2AuthorizationCodeGrantTests.java

Lines changed: 102 additions & 104 deletions
Large diffs are not rendered by default.

oauth2-authorization-server/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/server/authorization/OAuth2AuthorizationServerMetadataTests.java

Lines changed: 5 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -29,12 +29,14 @@
2929
import org.springframework.security.config.annotation.web.configuration.OAuth2AuthorizationServerConfiguration;
3030
import org.springframework.security.config.test.SpringTestRule;
3131
import org.springframework.security.oauth2.jose.TestJwks;
32+
import org.springframework.security.oauth2.server.authorization.client.InMemoryRegisteredClientRepository;
33+
import org.springframework.security.oauth2.server.authorization.client.RegisteredClient;
3234
import org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository;
35+
import org.springframework.security.oauth2.server.authorization.client.TestRegisteredClients;
3336
import org.springframework.security.oauth2.server.authorization.config.ProviderSettings;
3437
import org.springframework.security.oauth2.server.authorization.web.OAuth2AuthorizationServerMetadataEndpointFilter;
3538
import org.springframework.test.web.servlet.MockMvc;
3639

37-
import static org.mockito.Mockito.mock;
3840
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
3941
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.jsonPath;
4042
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
@@ -76,7 +78,8 @@ static class AuthorizationServerConfiguration {
7678

7779
@Bean
7880
RegisteredClientRepository registeredClientRepository() {
79-
return mock(RegisteredClientRepository.class);
81+
RegisteredClient registeredClient = TestRegisteredClients.registeredClient().build();
82+
return new InMemoryRegisteredClientRepository(registeredClient);
8083
}
8184

8285
@Bean

oauth2-authorization-server/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/server/authorization/OAuth2ClientCredentialsGrantTests.java

Lines changed: 26 additions & 24 deletions
Original file line numberDiff line numberDiff line change
@@ -44,12 +44,16 @@
4444
import org.springframework.security.oauth2.core.OAuth2AccessToken;
4545
import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames;
4646
import org.springframework.security.oauth2.jose.TestJwks;
47+
import org.springframework.security.oauth2.server.authorization.InMemoryOAuth2AuthorizationConsentService;
48+
import org.springframework.security.oauth2.server.authorization.InMemoryOAuth2AuthorizationService;
4749
import org.springframework.security.oauth2.server.authorization.JwtEncodingContext;
50+
import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationConsentService;
4851
import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService;
4952
import org.springframework.security.oauth2.server.authorization.OAuth2TokenCustomizer;
5053
import org.springframework.security.oauth2.server.authorization.authentication.OAuth2AccessTokenAuthenticationToken;
5154
import org.springframework.security.oauth2.server.authorization.authentication.OAuth2ClientAuthenticationToken;
5255
import org.springframework.security.oauth2.server.authorization.authentication.OAuth2ClientCredentialsAuthenticationToken;
56+
import org.springframework.security.oauth2.server.authorization.client.InMemoryRegisteredClientRepository;
5357
import org.springframework.security.oauth2.server.authorization.client.RegisteredClient;
5458
import org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository;
5559
import org.springframework.security.oauth2.server.authorization.client.TestRegisteredClients;
@@ -67,7 +71,6 @@
6771
import static org.mockito.Mockito.mock;
6872
import static org.mockito.Mockito.reset;
6973
import static org.mockito.Mockito.verify;
70-
import static org.mockito.Mockito.verifyNoInteractions;
7174
import static org.mockito.Mockito.when;
7275
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post;
7376
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.jsonPath;
@@ -80,8 +83,6 @@
8083
* @author Joe Grandja
8184
*/
8285
public class OAuth2ClientCredentialsGrantTests {
83-
private static RegisteredClientRepository registeredClientRepository;
84-
private static OAuth2AuthorizationService authorizationService;
8586
private static JWKSource<SecurityContext> jwkSource;
8687
private static OAuth2TokenCustomizer<JwtEncodingContext> jwtCustomizer;
8788
private static AuthenticationConverter accessTokenRequestConverter;
@@ -95,10 +96,11 @@ public class OAuth2ClientCredentialsGrantTests {
9596
@Autowired
9697
private MockMvc mvc;
9798

99+
@Autowired
100+
private RegisteredClientRepository registeredClientRepository;
101+
98102
@BeforeClass
99103
public static void init() {
100-
registeredClientRepository = mock(RegisteredClientRepository.class);
101-
authorizationService = mock(OAuth2AuthorizationService.class);
102104
JWKSet jwkSet = new JWKSet(TestJwks.DEFAULT_RSA_JWK);
103105
jwkSource = (jwkSelector, securityContext) -> jwkSelector.select(jwkSet);
104106
jwtCustomizer = mock(OAuth2TokenCustomizer.class);
@@ -112,8 +114,6 @@ public static void init() {
112114
@Before
113115
public void setup() {
114116
reset(jwtCustomizer);
115-
reset(registeredClientRepository);
116-
reset(authorizationService);
117117
}
118118

119119
@Test
@@ -123,18 +123,14 @@ public void requestWhenTokenRequestNotAuthenticatedThenUnauthorized() throws Exc
123123
this.mvc.perform(MockMvcRequestBuilders.post(OAuth2TokenEndpointFilter.DEFAULT_TOKEN_ENDPOINT_URI)
124124
.param(OAuth2ParameterNames.GRANT_TYPE, AuthorizationGrantType.CLIENT_CREDENTIALS.getValue()))
125125
.andExpect(status().isUnauthorized());
126-
127-
verifyNoInteractions(registeredClientRepository);
128-
verifyNoInteractions(authorizationService);
129126
}
130127

131128
@Test
132129
public void requestWhenTokenRequestValidThenTokenResponse() throws Exception {
133130
this.spring.register(AuthorizationServerConfiguration.class).autowire();
134131

135132
RegisteredClient registeredClient = TestRegisteredClients.registeredClient2().build();
136-
when(registeredClientRepository.findByClientId(eq(registeredClient.getClientId())))
137-
.thenReturn(registeredClient);
133+
this.registeredClientRepository.save(registeredClient);
138134

139135
this.mvc.perform(post(OAuth2TokenEndpointFilter.DEFAULT_TOKEN_ENDPOINT_URI)
140136
.param(OAuth2ParameterNames.GRANT_TYPE, AuthorizationGrantType.CLIENT_CREDENTIALS.getValue())
@@ -146,17 +142,14 @@ public void requestWhenTokenRequestValidThenTokenResponse() throws Exception {
146142
.andExpect(jsonPath("$.scope").value("scope1 scope2"));
147143

148144
verify(jwtCustomizer).customize(any());
149-
verify(registeredClientRepository).findByClientId(eq(registeredClient.getClientId()));
150-
verify(authorizationService).save(any());
151145
}
152146

153147
@Test
154148
public void requestWhenTokenRequestPostsClientCredentialsThenTokenResponse() throws Exception {
155149
this.spring.register(AuthorizationServerConfiguration.class).autowire();
156150

157151
RegisteredClient registeredClient = TestRegisteredClients.registeredClient2().build();
158-
when(registeredClientRepository.findByClientId(eq(registeredClient.getClientId())))
159-
.thenReturn(registeredClient);
152+
this.registeredClientRepository.save(registeredClient);
160153

161154
this.mvc.perform(post(OAuth2TokenEndpointFilter.DEFAULT_TOKEN_ENDPOINT_URI)
162155
.param(OAuth2ParameterNames.GRANT_TYPE, AuthorizationGrantType.CLIENT_CREDENTIALS.getValue())
@@ -168,17 +161,14 @@ public void requestWhenTokenRequestPostsClientCredentialsThenTokenResponse() thr
168161
.andExpect(jsonPath("$.scope").value("scope1 scope2"));
169162

170163
verify(jwtCustomizer).customize(any());
171-
verify(registeredClientRepository).findByClientId(eq(registeredClient.getClientId()));
172-
verify(authorizationService).save(any());
173164
}
174165

175166
@Test
176167
public void requestWhenTokenEndpointCustomizedThenUsed() throws Exception {
177168
this.spring.register(AuthorizationServerConfigurationCustomTokenEndpoint.class).autowire();
178169

179170
RegisteredClient registeredClient = TestRegisteredClients.registeredClient2().build();
180-
when(registeredClientRepository.findByClientId(eq(registeredClient.getClientId())))
181-
.thenReturn(registeredClient);
171+
this.registeredClientRepository.save(registeredClient);
182172

183173
OAuth2ClientAuthenticationToken clientPrincipal = new OAuth2ClientAuthenticationToken(registeredClient);
184174
OAuth2ClientCredentialsAuthenticationToken clientCredentialsAuthentication =
@@ -217,13 +207,25 @@ private static String encodeBasicAuth(String clientId, String secret) throws Exc
217207
static class AuthorizationServerConfiguration {
218208

219209
@Bean
220-
RegisteredClientRepository registeredClientRepository() {
221-
return registeredClientRepository;
210+
OAuth2AuthorizationService authorizationService() {
211+
return new InMemoryOAuth2AuthorizationService();
222212
}
223213

224214
@Bean
225-
OAuth2AuthorizationService authorizationService() {
226-
return authorizationService;
215+
OAuth2AuthorizationConsentService authorizationConsentService() {
216+
return new InMemoryOAuth2AuthorizationConsentService();
217+
}
218+
219+
@Bean
220+
RegisteredClientRepository registeredClientRepository() {
221+
// @formatter:off
222+
RegisteredClient dummyClient = TestRegisteredClients.registeredClient()
223+
.id("dummy-client")
224+
.clientId("dummy-client")
225+
.clientSecret("dummy-secret")
226+
.build();
227+
// @formatter:on
228+
return new InMemoryRegisteredClientRepository(dummyClient);
227229
}
228230

229231
@Bean

oauth2-authorization-server/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/server/authorization/OAuth2RefreshTokenGrantTests.java

Lines changed: 28 additions & 34 deletions
Original file line numberDiff line numberDiff line change
@@ -26,7 +26,6 @@
2626
import com.nimbusds.jose.jwk.JWKSet;
2727
import com.nimbusds.jose.jwk.source.JWKSource;
2828
import com.nimbusds.jose.proc.SecurityContext;
29-
import org.junit.Before;
3029
import org.junit.BeforeClass;
3130
import org.junit.Rule;
3231
import org.junit.Test;
@@ -47,19 +46,22 @@
4746
import org.springframework.security.crypto.password.NoOpPasswordEncoder;
4847
import org.springframework.security.crypto.password.PasswordEncoder;
4948
import org.springframework.security.oauth2.core.AuthorizationGrantType;
50-
import org.springframework.security.oauth2.core.OAuth2TokenType;
5149
import org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse;
5250
import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames;
5351
import org.springframework.security.oauth2.core.http.converter.OAuth2AccessTokenResponseHttpMessageConverter;
5452
import org.springframework.security.oauth2.jose.TestJwks;
5553
import org.springframework.security.oauth2.jose.TestKeys;
5654
import org.springframework.security.oauth2.jwt.Jwt;
5755
import org.springframework.security.oauth2.jwt.NimbusJwtDecoder;
56+
import org.springframework.security.oauth2.server.authorization.InMemoryOAuth2AuthorizationConsentService;
57+
import org.springframework.security.oauth2.server.authorization.InMemoryOAuth2AuthorizationService;
5858
import org.springframework.security.oauth2.server.authorization.JwtEncodingContext;
5959
import org.springframework.security.oauth2.server.authorization.OAuth2Authorization;
60+
import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationConsentService;
6061
import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService;
6162
import org.springframework.security.oauth2.server.authorization.OAuth2TokenCustomizer;
6263
import org.springframework.security.oauth2.server.authorization.TestOAuth2Authorizations;
64+
import org.springframework.security.oauth2.server.authorization.client.InMemoryRegisteredClientRepository;
6365
import org.springframework.security.oauth2.server.authorization.client.RegisteredClient;
6466
import org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository;
6567
import org.springframework.security.oauth2.server.authorization.client.TestRegisteredClients;
@@ -71,12 +73,6 @@
7173

7274
import static org.assertj.core.api.Assertions.assertThat;
7375
import static org.hamcrest.CoreMatchers.containsString;
74-
import static org.mockito.ArgumentMatchers.any;
75-
import static org.mockito.ArgumentMatchers.eq;
76-
import static org.mockito.Mockito.mock;
77-
import static org.mockito.Mockito.reset;
78-
import static org.mockito.Mockito.verify;
79-
import static org.mockito.Mockito.when;
8076
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post;
8177
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.header;
8278
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.jsonPath;
@@ -90,8 +86,6 @@
9086
*/
9187
public class OAuth2RefreshTokenGrantTests {
9288
private static final String AUTHORITIES_CLAIM = "authorities";
93-
private static RegisteredClientRepository registeredClientRepository;
94-
private static OAuth2AuthorizationService authorizationService;
9589
private static JWKSource<SecurityContext> jwkSource;
9690
private static NimbusJwtDecoder jwtDecoder;
9791
private static HttpMessageConverter<OAuth2AccessTokenResponse> accessTokenHttpResponseConverter =
@@ -103,34 +97,28 @@ public class OAuth2RefreshTokenGrantTests {
10397
@Autowired
10498
private MockMvc mvc;
10599

100+
@Autowired
101+
private RegisteredClientRepository registeredClientRepository;
102+
103+
@Autowired
104+
private OAuth2AuthorizationService authorizationService;
105+
106106
@BeforeClass
107107
public static void init() {
108-
registeredClientRepository = mock(RegisteredClientRepository.class);
109-
authorizationService = mock(OAuth2AuthorizationService.class);
110108
JWKSet jwkSet = new JWKSet(TestJwks.DEFAULT_RSA_JWK);
111109
jwkSource = (jwkSelector, securityContext) -> jwkSelector.select(jwkSet);
112110
jwtDecoder = NimbusJwtDecoder.withPublicKey(TestKeys.DEFAULT_PUBLIC_KEY).build();
113111
}
114112

115-
@Before
116-
public void setup() {
117-
reset(registeredClientRepository);
118-
reset(authorizationService);
119-
}
120-
121113
@Test
122114
public void requestWhenRefreshTokenRequestValidThenReturnAccessTokenResponse() throws Exception {
123115
this.spring.register(AuthorizationServerConfiguration.class).autowire();
124116

125117
RegisteredClient registeredClient = TestRegisteredClients.registeredClient().build();
126-
when(registeredClientRepository.findByClientId(eq(registeredClient.getClientId())))
127-
.thenReturn(registeredClient);
118+
this.registeredClientRepository.save(registeredClient);
128119

129120
OAuth2Authorization authorization = TestOAuth2Authorizations.authorization(registeredClient).build();
130-
when(authorizationService.findByToken(
131-
eq(authorization.getRefreshToken().getToken().getTokenValue()),
132-
eq(OAuth2TokenType.REFRESH_TOKEN)))
133-
.thenReturn(authorization);
121+
this.authorizationService.save(authorization);
134122

135123
MvcResult mvcResult = this.mvc.perform(post(OAuth2TokenEndpointFilter.DEFAULT_TOKEN_ENDPOINT_URI)
136124
.params(getRefreshTokenRequestParameters(authorization))
@@ -146,12 +134,6 @@ public void requestWhenRefreshTokenRequestValidThenReturnAccessTokenResponse() t
146134
.andExpect(jsonPath("$.scope").isNotEmpty())
147135
.andReturn();
148136

149-
verify(registeredClientRepository).findByClientId(eq(registeredClient.getClientId()));
150-
verify(authorizationService).findByToken(
151-
eq(authorization.getRefreshToken().getToken().getTokenValue()),
152-
eq(OAuth2TokenType.REFRESH_TOKEN));
153-
verify(authorizationService).save(any());
154-
155137
MockHttpServletResponse servletResponse = mvcResult.getResponse();
156138
MockClientHttpResponse httpResponse = new MockClientHttpResponse(
157139
servletResponse.getContentAsByteArray(), HttpStatus.valueOf(servletResponse.getStatus()));
@@ -188,13 +170,25 @@ private static String encodeBasicAuth(String clientId, String secret) throws Exc
188170
static class AuthorizationServerConfiguration {
189171

190172
@Bean
191-
RegisteredClientRepository registeredClientRepository() {
192-
return registeredClientRepository;
173+
OAuth2AuthorizationService authorizationService() {
174+
return new InMemoryOAuth2AuthorizationService();
193175
}
194176

195177
@Bean
196-
OAuth2AuthorizationService authorizationService() {
197-
return authorizationService;
178+
OAuth2AuthorizationConsentService authorizationConsentService() {
179+
return new InMemoryOAuth2AuthorizationConsentService();
180+
}
181+
182+
@Bean
183+
RegisteredClientRepository registeredClientRepository() {
184+
// @formatter:off
185+
RegisteredClient dummyClient = TestRegisteredClients.registeredClient()
186+
.id("dummy-client")
187+
.clientId("dummy-client")
188+
.clientSecret("dummy-secret")
189+
.build();
190+
// @formatter:on
191+
return new InMemoryRegisteredClientRepository(dummyClient);
198192
}
199193

200194
@Bean

0 commit comments

Comments
 (0)