Skip to content

Commit 3fdaea5

Browse files
Steve Riesenbergsjohnr
Steve Riesenberg
authored and
sjohnr
committed
Update integration tests to use jdbc
1 parent 12257e1 commit 3fdaea5

File tree

9 files changed

+488
-142
lines changed

9 files changed

+488
-142
lines changed

oauth2-authorization-server/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/server/authorization/JwkSetTests.java

Lines changed: 43 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -18,6 +18,8 @@
1818
import com.nimbusds.jose.jwk.JWKSet;
1919
import com.nimbusds.jose.jwk.source.JWKSource;
2020
import com.nimbusds.jose.proc.SecurityContext;
21+
import org.junit.After;
22+
import org.junit.AfterClass;
2123
import org.junit.BeforeClass;
2224
import org.junit.Rule;
2325
import org.junit.Test;
@@ -26,16 +28,19 @@
2628
import org.springframework.context.annotation.Bean;
2729
import org.springframework.context.annotation.Import;
2830
import org.springframework.http.HttpHeaders;
31+
import org.springframework.jdbc.core.JdbcOperations;
32+
import org.springframework.jdbc.core.JdbcTemplate;
33+
import org.springframework.jdbc.datasource.embedded.EmbeddedDatabase;
34+
import org.springframework.jdbc.datasource.embedded.EmbeddedDatabaseBuilder;
35+
import org.springframework.jdbc.datasource.embedded.EmbeddedDatabaseType;
2936
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
3037
import org.springframework.security.config.annotation.web.configuration.OAuth2AuthorizationServerConfiguration;
3138
import org.springframework.security.config.test.SpringTestRule;
3239
import org.springframework.security.oauth2.jose.TestJwks;
33-
import org.springframework.security.oauth2.server.authorization.InMemoryOAuth2AuthorizationService;
40+
import org.springframework.security.oauth2.server.authorization.JdbcOAuth2AuthorizationService;
3441
import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService;
35-
import org.springframework.security.oauth2.server.authorization.client.InMemoryRegisteredClientRepository;
36-
import org.springframework.security.oauth2.server.authorization.client.RegisteredClient;
42+
import org.springframework.security.oauth2.server.authorization.client.JdbcRegisteredClientRepository;
3743
import org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository;
38-
import org.springframework.security.oauth2.server.authorization.client.TestRegisteredClients;
3944
import org.springframework.security.oauth2.server.authorization.config.ProviderSettings;
4045
import org.springframework.security.oauth2.server.authorization.web.NimbusJwkSetEndpointFilter;
4146
import org.springframework.test.web.servlet.MockMvc;
@@ -52,6 +57,7 @@
5257
* @author Florian Berthe
5358
*/
5459
public class JwkSetTests {
60+
private static EmbeddedDatabase db;
5561
private static JWKSource<SecurityContext> jwkSource;
5662
private static ProviderSettings providerSettings;
5763

@@ -61,11 +67,32 @@ public class JwkSetTests {
6167
@Autowired
6268
private MockMvc mvc;
6369

70+
@Autowired
71+
private JdbcOperations jdbcOperations;
72+
6473
@BeforeClass
6574
public static void init() {
6675
JWKSet jwkSet = new JWKSet(TestJwks.DEFAULT_RSA_JWK);
6776
jwkSource = (jwkSelector, securityContext) -> jwkSelector.select(jwkSet);
6877
providerSettings = new ProviderSettings().jwkSetEndpoint("/test/jwks");
78+
db = new EmbeddedDatabaseBuilder()
79+
.generateUniqueName(true)
80+
.setType(EmbeddedDatabaseType.HSQL)
81+
.setScriptEncoding("UTF-8")
82+
.addScript("org/springframework/security/oauth2/server/authorization/oauth2-authorization-schema.sql")
83+
.addScript("org/springframework/security/oauth2/server/authorization/client/oauth2-registered-client-schema.sql")
84+
.build();
85+
}
86+
87+
@After
88+
public void tearDown() {
89+
jdbcOperations.update("truncate table oauth2_authorization");
90+
jdbcOperations.update("truncate table oauth2_registered_client");
91+
}
92+
93+
@AfterClass
94+
public static void destroy() {
95+
db.shutdown();
6996
}
7097

7198
@Test
@@ -96,20 +123,21 @@ private void assertJwkSetRequestThenReturnKeys(String jwkSetEndpointUri) throws
96123
static class AuthorizationServerConfiguration {
97124

98125
@Bean
99-
OAuth2AuthorizationService authorizationService() {
100-
return new InMemoryOAuth2AuthorizationService();
126+
OAuth2AuthorizationService authorizationService(JdbcOperations jdbcOperations, RegisteredClientRepository registeredClientRepository) {
127+
JdbcOAuth2AuthorizationService authorizationService = new JdbcOAuth2AuthorizationService(jdbcOperations, registeredClientRepository);
128+
authorizationService.setAuthorizationRowMapper(new OAuth2ClientCredentialsGrantTests.AuthorizationServerConfiguration.RowMapper(registeredClientRepository));
129+
authorizationService.setAuthorizationParametersMapper(new OAuth2ClientCredentialsGrantTests.AuthorizationServerConfiguration.ParametersMapper());
130+
return authorizationService;
131+
}
132+
133+
@Bean
134+
RegisteredClientRepository registeredClientRepository(JdbcOperations jdbcOperations) {
135+
return new JdbcRegisteredClientRepository(jdbcOperations);
101136
}
102137

103138
@Bean
104-
RegisteredClientRepository registeredClientRepository() {
105-
// @formatter:off
106-
RegisteredClient dummyClient = TestRegisteredClients.registeredClient()
107-
.id("dummy-client")
108-
.clientId("dummy-client")
109-
.clientSecret("dummy-secret")
110-
.build();
111-
// @formatter:on
112-
return new InMemoryRegisteredClientRepository(dummyClient);
139+
JdbcOperations jdbcOperations() {
140+
return new JdbcTemplate(db);
113141
}
114142

115143
@Bean

oauth2-authorization-server/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/server/authorization/OAuth2AuthorizationCodeGrantTests.java

Lines changed: 68 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -29,6 +29,8 @@
2929
import com.nimbusds.jose.jwk.JWKSet;
3030
import com.nimbusds.jose.jwk.source.JWKSource;
3131
import com.nimbusds.jose.proc.SecurityContext;
32+
import org.junit.After;
33+
import org.junit.AfterClass;
3234
import org.junit.BeforeClass;
3335
import org.junit.Rule;
3436
import org.junit.Test;
@@ -39,8 +41,14 @@
3941
import org.springframework.http.HttpHeaders;
4042
import org.springframework.http.HttpStatus;
4143
import org.springframework.http.converter.HttpMessageConverter;
44+
import org.springframework.jdbc.core.JdbcOperations;
45+
import org.springframework.jdbc.core.JdbcTemplate;
46+
import org.springframework.jdbc.datasource.embedded.EmbeddedDatabase;
47+
import org.springframework.jdbc.datasource.embedded.EmbeddedDatabaseBuilder;
48+
import org.springframework.jdbc.datasource.embedded.EmbeddedDatabaseType;
4249
import org.springframework.mock.http.client.MockClientHttpResponse;
4350
import org.springframework.mock.web.MockHttpServletResponse;
51+
import org.springframework.security.authentication.TestingAuthenticationToken;
4452
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
4553
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
4654
import org.springframework.security.config.annotation.web.configuration.OAuth2AuthorizationServerConfiguration;
@@ -61,20 +69,21 @@
6169
import org.springframework.security.oauth2.jwt.JwtDecoder;
6270
import org.springframework.security.oauth2.jwt.JwtEncoder;
6371
import org.springframework.security.oauth2.jwt.NimbusJwsEncoder;
64-
import org.springframework.security.oauth2.server.authorization.InMemoryOAuth2AuthorizationConsentService;
65-
import org.springframework.security.oauth2.server.authorization.InMemoryOAuth2AuthorizationService;
72+
import org.springframework.security.oauth2.server.authorization.JdbcOAuth2AuthorizationConsentService;
73+
import org.springframework.security.oauth2.server.authorization.JdbcOAuth2AuthorizationService;
6674
import org.springframework.security.oauth2.server.authorization.JwtEncodingContext;
6775
import org.springframework.security.oauth2.server.authorization.OAuth2Authorization;
6876
import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationCode;
6977
import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationConsentService;
7078
import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService;
7179
import org.springframework.security.oauth2.server.authorization.OAuth2TokenCustomizer;
7280
import org.springframework.security.oauth2.server.authorization.TestOAuth2Authorizations;
73-
import org.springframework.security.oauth2.server.authorization.client.InMemoryRegisteredClientRepository;
81+
import org.springframework.security.oauth2.server.authorization.client.JdbcRegisteredClientRepository;
7482
import org.springframework.security.oauth2.server.authorization.client.RegisteredClient;
7583
import org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository;
7684
import org.springframework.security.oauth2.server.authorization.client.TestRegisteredClients;
7785
import org.springframework.security.oauth2.server.authorization.config.ProviderSettings;
86+
import org.springframework.security.oauth2.server.authorization.jackson2.TestingAuthenticationTokenMixin;
7887
import org.springframework.security.oauth2.server.authorization.web.OAuth2AuthorizationEndpointFilter;
7988
import org.springframework.security.oauth2.server.authorization.web.OAuth2TokenEndpointFilter;
8089
import org.springframework.security.web.SecurityFilterChain;
@@ -111,6 +120,7 @@ public class OAuth2AuthorizationCodeGrantTests {
111120
private static final OAuth2TokenType AUTHORIZATION_CODE_TOKEN_TYPE = new OAuth2TokenType(OAuth2ParameterNames.CODE);
112121
private static final OAuth2TokenType STATE_TOKEN_TYPE = new OAuth2TokenType(OAuth2ParameterNames.STATE);
113122

123+
private static EmbeddedDatabase db;
114124
private static JWKSource<SecurityContext> jwkSource;
115125
private static NimbusJwsEncoder jwtEncoder;
116126
private static ProviderSettings providerSettings;
@@ -124,6 +134,9 @@ public class OAuth2AuthorizationCodeGrantTests {
124134
@Autowired
125135
private MockMvc mvc;
126136

137+
@Autowired
138+
private JdbcOperations jdbcOperations;
139+
127140
@Autowired
128141
private RegisteredClientRepository registeredClientRepository;
129142

@@ -141,6 +154,26 @@ public static void init() {
141154
providerSettings = new ProviderSettings()
142155
.authorizationEndpoint("/test/authorize")
143156
.tokenEndpoint("/test/token");
157+
db = new EmbeddedDatabaseBuilder()
158+
.generateUniqueName(true)
159+
.setType(EmbeddedDatabaseType.HSQL)
160+
.setScriptEncoding("UTF-8")
161+
.addScript("org/springframework/security/oauth2/server/authorization/oauth2-authorization-schema.sql")
162+
.addScript("org/springframework/security/oauth2/server/authorization/oauth2-authorization-consent-schema.sql")
163+
.addScript("org/springframework/security/oauth2/server/authorization/client/oauth2-registered-client-schema.sql")
164+
.build();
165+
}
166+
167+
@After
168+
public void tearDown() {
169+
jdbcOperations.update("truncate table oauth2_authorization");
170+
jdbcOperations.update("truncate table oauth2_authorization_consent");
171+
jdbcOperations.update("truncate table oauth2_registered_client");
172+
}
173+
174+
@AfterClass
175+
public static void destroy() {
176+
db.shutdown();
144177
}
145178

146179
@Test
@@ -485,25 +518,26 @@ private String extractParameterFromRedirectUri(String redirectUri, String param)
485518
static class AuthorizationServerConfiguration {
486519

487520
@Bean
488-
OAuth2AuthorizationService authorizationService() {
489-
return new InMemoryOAuth2AuthorizationService();
521+
OAuth2AuthorizationService authorizationService(JdbcOperations jdbcOperations, RegisteredClientRepository registeredClientRepository) {
522+
JdbcOAuth2AuthorizationService authorizationService = new JdbcOAuth2AuthorizationService(jdbcOperations, registeredClientRepository);
523+
authorizationService.setAuthorizationRowMapper(new RowMapper(registeredClientRepository));
524+
authorizationService.setAuthorizationParametersMapper(new ParametersMapper());
525+
return authorizationService;
526+
}
527+
528+
@Bean
529+
OAuth2AuthorizationConsentService authorizationConsentService(JdbcOperations jdbcOperations, RegisteredClientRepository registeredClientRepository) {
530+
return new JdbcOAuth2AuthorizationConsentService(jdbcOperations, registeredClientRepository);
490531
}
491532

492533
@Bean
493-
OAuth2AuthorizationConsentService authorizationConsentService() {
494-
return new InMemoryOAuth2AuthorizationConsentService();
534+
RegisteredClientRepository registeredClientRepository(JdbcOperations jdbcOperations) {
535+
return new JdbcRegisteredClientRepository(jdbcOperations);
495536
}
496537

497538
@Bean
498-
RegisteredClientRepository registeredClientRepository() {
499-
// @formatter:off
500-
RegisteredClient dummyClient = TestRegisteredClients.registeredClient()
501-
.id("dummy-client")
502-
.clientId("dummy-client")
503-
.clientSecret("dummy-secret")
504-
.build();
505-
// @formatter:on
506-
return new InMemoryRegisteredClientRepository(dummyClient);
539+
JdbcOperations jdbcOperations() {
540+
return new JdbcTemplate(db);
507541
}
508542

509543
@Bean
@@ -530,6 +564,24 @@ PasswordEncoder passwordEncoder() {
530564
return NoOpPasswordEncoder.getInstance();
531565
}
532566

567+
static class RowMapper extends JdbcOAuth2AuthorizationService.OAuth2AuthorizationRowMapper {
568+
569+
RowMapper(RegisteredClientRepository registeredClientRepository) {
570+
super(registeredClientRepository);
571+
getObjectMapper().addMixIn(TestingAuthenticationToken.class, TestingAuthenticationTokenMixin.class);
572+
}
573+
574+
}
575+
576+
static class ParametersMapper extends JdbcOAuth2AuthorizationService.OAuth2AuthorizationParametersMapper {
577+
578+
ParametersMapper() {
579+
super();
580+
getObjectMapper().addMixIn(TestingAuthenticationToken.class, TestingAuthenticationTokenMixin.class);
581+
}
582+
583+
}
584+
533585
}
534586

535587
@EnableWebSecurity

oauth2-authorization-server/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/server/authorization/OAuth2AuthorizationServerMetadataTests.java

Lines changed: 39 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -18,18 +18,25 @@
1818
import com.nimbusds.jose.jwk.JWKSet;
1919
import com.nimbusds.jose.jwk.source.JWKSource;
2020
import com.nimbusds.jose.proc.SecurityContext;
21+
import org.junit.After;
22+
import org.junit.AfterClass;
2123
import org.junit.BeforeClass;
2224
import org.junit.Rule;
2325
import org.junit.Test;
2426

2527
import org.springframework.beans.factory.annotation.Autowired;
2628
import org.springframework.context.annotation.Bean;
2729
import org.springframework.context.annotation.Import;
30+
import org.springframework.jdbc.core.JdbcOperations;
31+
import org.springframework.jdbc.core.JdbcTemplate;
32+
import org.springframework.jdbc.datasource.embedded.EmbeddedDatabase;
33+
import org.springframework.jdbc.datasource.embedded.EmbeddedDatabaseBuilder;
34+
import org.springframework.jdbc.datasource.embedded.EmbeddedDatabaseType;
2835
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
2936
import org.springframework.security.config.annotation.web.configuration.OAuth2AuthorizationServerConfiguration;
3037
import org.springframework.security.config.test.SpringTestRule;
3138
import org.springframework.security.oauth2.jose.TestJwks;
32-
import org.springframework.security.oauth2.server.authorization.client.InMemoryRegisteredClientRepository;
39+
import org.springframework.security.oauth2.server.authorization.client.JdbcRegisteredClientRepository;
3340
import org.springframework.security.oauth2.server.authorization.client.RegisteredClient;
3441
import org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository;
3542
import org.springframework.security.oauth2.server.authorization.client.TestRegisteredClients;
@@ -48,6 +55,7 @@
4855
*/
4956
public class OAuth2AuthorizationServerMetadataTests {
5057
private static final String issuerUrl = "https://example.com/issuer1";
58+
private static EmbeddedDatabase db;
5159
private static JWKSource<SecurityContext> jwkSource;
5260

5361
@Rule
@@ -56,10 +64,31 @@ public class OAuth2AuthorizationServerMetadataTests {
5664
@Autowired
5765
private MockMvc mvc;
5866

67+
@Autowired
68+
private JdbcOperations jdbcOperations;
69+
5970
@BeforeClass
6071
public static void setupClass() {
6172
JWKSet jwkSet = new JWKSet(TestJwks.DEFAULT_RSA_JWK);
6273
jwkSource = (jwkSelector, securityContext) -> jwkSelector.select(jwkSet);
74+
db = new EmbeddedDatabaseBuilder()
75+
.generateUniqueName(true)
76+
.setType(EmbeddedDatabaseType.HSQL)
77+
.setScriptEncoding("UTF-8")
78+
.addScript("org/springframework/security/oauth2/server/authorization/oauth2-authorization-schema.sql")
79+
.addScript("org/springframework/security/oauth2/server/authorization/client/oauth2-registered-client-schema.sql")
80+
.build();
81+
}
82+
83+
@After
84+
public void tearDown() {
85+
jdbcOperations.update("truncate table oauth2_authorization");
86+
jdbcOperations.update("truncate table oauth2_registered_client");
87+
}
88+
89+
@AfterClass
90+
public static void destroy() {
91+
db.shutdown();
6392
}
6493

6594
@Test
@@ -77,9 +106,16 @@ public void requestWhenAuthorizationServerMetadataRequestAndIssuerSetThenReturnM
77106
static class AuthorizationServerConfiguration {
78107

79108
@Bean
80-
RegisteredClientRepository registeredClientRepository() {
109+
RegisteredClientRepository registeredClientRepository(JdbcOperations jdbcOperations) {
81110
RegisteredClient registeredClient = TestRegisteredClients.registeredClient().build();
82-
return new InMemoryRegisteredClientRepository(registeredClient);
111+
JdbcRegisteredClientRepository registeredClientRepository = new JdbcRegisteredClientRepository(jdbcOperations);
112+
registeredClientRepository.save(registeredClient);
113+
return registeredClientRepository;
114+
}
115+
116+
@Bean
117+
JdbcOperations jdbcOperations() {
118+
return new JdbcTemplate(db);
83119
}
84120

85121
@Bean

0 commit comments

Comments
 (0)