Fix tests for OIDC Provider Configuration Endpoint
Closes gh-1416
This commit is contained in:
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 2020-2022 the original author or authors.
|
||||
* Copyright 2020-2023 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
@@ -63,7 +63,7 @@ import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.
|
||||
@ExtendWith(SpringTestContextExtension.class)
|
||||
public class OidcProviderConfigurationTests {
|
||||
private static final String DEFAULT_OIDC_PROVIDER_CONFIGURATION_ENDPOINT_URI = "/.well-known/openid-configuration";
|
||||
private static final String ISSUER_URL = "https://example.com/issuer1";
|
||||
private static final String ISSUER_URL = "https://example.com";
|
||||
|
||||
public final SpringTestContext spring = new SpringTestContext();
|
||||
|
||||
@@ -77,7 +77,7 @@ public class OidcProviderConfigurationTests {
|
||||
public void requestWhenConfigurationRequestAndIssuerSetThenReturnDefaultConfigurationResponse() throws Exception {
|
||||
this.spring.register(AuthorizationServerConfiguration.class).autowire();
|
||||
|
||||
this.mvc.perform(get(DEFAULT_OIDC_PROVIDER_CONFIGURATION_ENDPOINT_URI))
|
||||
this.mvc.perform(get(ISSUER_URL.concat(DEFAULT_OIDC_PROVIDER_CONFIGURATION_ENDPOINT_URI)))
|
||||
.andExpect(status().is2xxSuccessful())
|
||||
.andExpectAll(defaultConfigurationMatchers());
|
||||
}
|
||||
@@ -87,7 +87,7 @@ public class OidcProviderConfigurationTests {
|
||||
public void requestWhenConfigurationRequestAndUserAuthenticatedThenReturnConfigurationResponse() throws Exception {
|
||||
this.spring.register(AuthorizationServerConfiguration.class).autowire();
|
||||
|
||||
this.mvc.perform(get(DEFAULT_OIDC_PROVIDER_CONFIGURATION_ENDPOINT_URI)
|
||||
this.mvc.perform(get(ISSUER_URL.concat(DEFAULT_OIDC_PROVIDER_CONFIGURATION_ENDPOINT_URI))
|
||||
.with(user("user")))
|
||||
.andExpect(status().is2xxSuccessful())
|
||||
.andExpectAll(defaultConfigurationMatchers());
|
||||
@@ -98,7 +98,7 @@ public class OidcProviderConfigurationTests {
|
||||
public void requestWhenConfigurationRequestAndConfigurationCustomizerSetThenReturnCustomConfigurationResponse() throws Exception {
|
||||
this.spring.register(AuthorizationServerConfigurationWithProviderConfigurationCustomizer.class).autowire();
|
||||
|
||||
this.mvc.perform(get(DEFAULT_OIDC_PROVIDER_CONFIGURATION_ENDPOINT_URI))
|
||||
this.mvc.perform(get(ISSUER_URL.concat(DEFAULT_OIDC_PROVIDER_CONFIGURATION_ENDPOINT_URI)))
|
||||
.andExpect(status().is2xxSuccessful())
|
||||
.andExpect(jsonPath(OAuth2AuthorizationServerMetadataClaimNames.SCOPES_SUPPORTED,
|
||||
hasItems(OidcScopes.OPENID, OidcScopes.PROFILE, OidcScopes.EMAIL)));
|
||||
@@ -108,7 +108,7 @@ public class OidcProviderConfigurationTests {
|
||||
public void requestWhenConfigurationRequestAndClientRegistrationEnabledThenConfigurationResponseIncludesRegistrationEndpoint() throws Exception {
|
||||
this.spring.register(AuthorizationServerConfigurationWithClientRegistrationEnabled.class).autowire();
|
||||
|
||||
this.mvc.perform(get(DEFAULT_OIDC_PROVIDER_CONFIGURATION_ENDPOINT_URI))
|
||||
this.mvc.perform(get(ISSUER_URL.concat(DEFAULT_OIDC_PROVIDER_CONFIGURATION_ENDPOINT_URI)))
|
||||
.andExpect(status().is2xxSuccessful())
|
||||
.andExpectAll(defaultConfigurationMatchers())
|
||||
.andExpect(jsonPath("$.registration_endpoint").value(ISSUER_URL.concat(this.authorizationServerSettings.getOidcClientRegistrationEndpoint())));
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 2020-2022 the original author or authors.
|
||||
* Copyright 2020-2023 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
@@ -37,10 +37,10 @@ import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException
|
||||
public class OidcProviderConfigurationTests {
|
||||
private final OidcProviderConfiguration.Builder minimalConfigurationBuilder =
|
||||
OidcProviderConfiguration.builder()
|
||||
.issuer("https://example.com/issuer1")
|
||||
.authorizationEndpoint("https://example.com/issuer1/oauth2/authorize")
|
||||
.tokenEndpoint("https://example.com/issuer1/oauth2/token")
|
||||
.jwkSetUrl("https://example.com/issuer1/oauth2/jwks")
|
||||
.issuer("https://example.com")
|
||||
.authorizationEndpoint("https://example.com/oauth2/authorize")
|
||||
.tokenEndpoint("https://example.com/oauth2/token")
|
||||
.jwkSetUrl("https://example.com/oauth2/jwks")
|
||||
.scope("openid")
|
||||
.responseType("code")
|
||||
.subjectType("public")
|
||||
@@ -49,54 +49,54 @@ public class OidcProviderConfigurationTests {
|
||||
@Test
|
||||
public void buildWhenAllRequiredClaimsAndAdditionalClaimsThenCreated() {
|
||||
OidcProviderConfiguration providerConfiguration = OidcProviderConfiguration.builder()
|
||||
.issuer("https://example.com/issuer1")
|
||||
.authorizationEndpoint("https://example.com/issuer1/oauth2/authorize")
|
||||
.tokenEndpoint("https://example.com/issuer1/oauth2/token")
|
||||
.jwkSetUrl("https://example.com/issuer1/oauth2/jwks")
|
||||
.issuer("https://example.com")
|
||||
.authorizationEndpoint("https://example.com/oauth2/authorize")
|
||||
.tokenEndpoint("https://example.com/oauth2/token")
|
||||
.jwkSetUrl("https://example.com/oauth2/jwks")
|
||||
.scope("openid")
|
||||
.responseType("code")
|
||||
.grantType("authorization_code")
|
||||
.grantType("client_credentials")
|
||||
.subjectType("public")
|
||||
.idTokenSigningAlgorithm("RS256")
|
||||
.userInfoEndpoint("https://example.com/issuer1/userinfo")
|
||||
.userInfoEndpoint("https://example.com/userinfo")
|
||||
.tokenEndpointAuthenticationMethod(ClientAuthenticationMethod.CLIENT_SECRET_BASIC.getValue())
|
||||
.clientRegistrationEndpoint("https://example.com/issuer1/connect/register")
|
||||
.clientRegistrationEndpoint("https://example.com/connect/register")
|
||||
.claim("a-claim", "a-value")
|
||||
.build();
|
||||
|
||||
assertThat(providerConfiguration.getIssuer()).isEqualTo(url("https://example.com/issuer1"));
|
||||
assertThat(providerConfiguration.getAuthorizationEndpoint()).isEqualTo(url("https://example.com/issuer1/oauth2/authorize"));
|
||||
assertThat(providerConfiguration.getTokenEndpoint()).isEqualTo(url("https://example.com/issuer1/oauth2/token"));
|
||||
assertThat(providerConfiguration.getJwkSetUrl()).isEqualTo(url("https://example.com/issuer1/oauth2/jwks"));
|
||||
assertThat(providerConfiguration.getIssuer()).isEqualTo(url("https://example.com"));
|
||||
assertThat(providerConfiguration.getAuthorizationEndpoint()).isEqualTo(url("https://example.com/oauth2/authorize"));
|
||||
assertThat(providerConfiguration.getTokenEndpoint()).isEqualTo(url("https://example.com/oauth2/token"));
|
||||
assertThat(providerConfiguration.getJwkSetUrl()).isEqualTo(url("https://example.com/oauth2/jwks"));
|
||||
assertThat(providerConfiguration.getScopes()).containsExactly("openid");
|
||||
assertThat(providerConfiguration.getResponseTypes()).containsExactly("code");
|
||||
assertThat(providerConfiguration.getGrantTypes()).containsExactlyInAnyOrder("authorization_code", "client_credentials");
|
||||
assertThat(providerConfiguration.getSubjectTypes()).containsExactly("public");
|
||||
assertThat(providerConfiguration.getIdTokenSigningAlgorithms()).containsExactly("RS256");
|
||||
assertThat(providerConfiguration.getUserInfoEndpoint()).isEqualTo(url("https://example.com/issuer1/userinfo"));
|
||||
assertThat(providerConfiguration.getUserInfoEndpoint()).isEqualTo(url("https://example.com/userinfo"));
|
||||
assertThat(providerConfiguration.getTokenEndpointAuthenticationMethods()).containsExactly(ClientAuthenticationMethod.CLIENT_SECRET_BASIC.getValue());
|
||||
assertThat(providerConfiguration.getClientRegistrationEndpoint()).isEqualTo(url("https://example.com/issuer1/connect/register"));
|
||||
assertThat(providerConfiguration.getClientRegistrationEndpoint()).isEqualTo(url("https://example.com/connect/register"));
|
||||
assertThat(providerConfiguration.<String>getClaim("a-claim")).isEqualTo("a-value");
|
||||
}
|
||||
|
||||
@Test
|
||||
public void buildWhenOnlyRequiredClaimsThenCreated() {
|
||||
OidcProviderConfiguration providerConfiguration = OidcProviderConfiguration.builder()
|
||||
.issuer("https://example.com/issuer1")
|
||||
.authorizationEndpoint("https://example.com/issuer1/oauth2/authorize")
|
||||
.tokenEndpoint("https://example.com/issuer1/oauth2/token")
|
||||
.jwkSetUrl("https://example.com/issuer1/oauth2/jwks")
|
||||
.issuer("https://example.com")
|
||||
.authorizationEndpoint("https://example.com/oauth2/authorize")
|
||||
.tokenEndpoint("https://example.com/oauth2/token")
|
||||
.jwkSetUrl("https://example.com/oauth2/jwks")
|
||||
.scope("openid")
|
||||
.responseType("code")
|
||||
.subjectType("public")
|
||||
.idTokenSigningAlgorithm("RS256")
|
||||
.build();
|
||||
|
||||
assertThat(providerConfiguration.getIssuer()).isEqualTo(url("https://example.com/issuer1"));
|
||||
assertThat(providerConfiguration.getAuthorizationEndpoint()).isEqualTo(url("https://example.com/issuer1/oauth2/authorize"));
|
||||
assertThat(providerConfiguration.getTokenEndpoint()).isEqualTo(url("https://example.com/issuer1/oauth2/token"));
|
||||
assertThat(providerConfiguration.getJwkSetUrl()).isEqualTo(url("https://example.com/issuer1/oauth2/jwks"));
|
||||
assertThat(providerConfiguration.getIssuer()).isEqualTo(url("https://example.com"));
|
||||
assertThat(providerConfiguration.getAuthorizationEndpoint()).isEqualTo(url("https://example.com/oauth2/authorize"));
|
||||
assertThat(providerConfiguration.getTokenEndpoint()).isEqualTo(url("https://example.com/oauth2/token"));
|
||||
assertThat(providerConfiguration.getJwkSetUrl()).isEqualTo(url("https://example.com/oauth2/jwks"));
|
||||
assertThat(providerConfiguration.getScopes()).containsExactly("openid");
|
||||
assertThat(providerConfiguration.getResponseTypes()).containsExactly("code");
|
||||
assertThat(providerConfiguration.getGrantTypes()).isNull();
|
||||
@@ -108,64 +108,64 @@ public class OidcProviderConfigurationTests {
|
||||
@Test
|
||||
public void buildWhenClaimsProvidedThenCreated() {
|
||||
Map<String, Object> claims = new HashMap<>();
|
||||
claims.put(OidcProviderMetadataClaimNames.ISSUER, "https://example.com/issuer1");
|
||||
claims.put(OidcProviderMetadataClaimNames.AUTHORIZATION_ENDPOINT, "https://example.com/issuer1/oauth2/authorize");
|
||||
claims.put(OidcProviderMetadataClaimNames.TOKEN_ENDPOINT, "https://example.com/issuer1/oauth2/token");
|
||||
claims.put(OidcProviderMetadataClaimNames.JWKS_URI, "https://example.com/issuer1/oauth2/jwks");
|
||||
claims.put(OidcProviderMetadataClaimNames.ISSUER, "https://example.com");
|
||||
claims.put(OidcProviderMetadataClaimNames.AUTHORIZATION_ENDPOINT, "https://example.com/oauth2/authorize");
|
||||
claims.put(OidcProviderMetadataClaimNames.TOKEN_ENDPOINT, "https://example.com/oauth2/token");
|
||||
claims.put(OidcProviderMetadataClaimNames.JWKS_URI, "https://example.com/oauth2/jwks");
|
||||
claims.put(OidcProviderMetadataClaimNames.SCOPES_SUPPORTED, Collections.singletonList("openid"));
|
||||
claims.put(OidcProviderMetadataClaimNames.RESPONSE_TYPES_SUPPORTED, Collections.singletonList("code"));
|
||||
claims.put(OidcProviderMetadataClaimNames.SUBJECT_TYPES_SUPPORTED, Collections.singletonList("public"));
|
||||
claims.put(OidcProviderMetadataClaimNames.ID_TOKEN_SIGNING_ALG_VALUES_SUPPORTED, Collections.singletonList("RS256"));
|
||||
claims.put(OidcProviderMetadataClaimNames.USER_INFO_ENDPOINT, "https://example.com/issuer1/userinfo");
|
||||
claims.put(OidcProviderMetadataClaimNames.REGISTRATION_ENDPOINT, "https://example.com/issuer1/connect/register");
|
||||
claims.put(OidcProviderMetadataClaimNames.USER_INFO_ENDPOINT, "https://example.com/userinfo");
|
||||
claims.put(OidcProviderMetadataClaimNames.REGISTRATION_ENDPOINT, "https://example.com/connect/register");
|
||||
claims.put("some-claim", "some-value");
|
||||
|
||||
OidcProviderConfiguration providerConfiguration = OidcProviderConfiguration.withClaims(claims).build();
|
||||
|
||||
assertThat(providerConfiguration.getIssuer()).isEqualTo(url("https://example.com/issuer1"));
|
||||
assertThat(providerConfiguration.getAuthorizationEndpoint()).isEqualTo(url("https://example.com/issuer1/oauth2/authorize"));
|
||||
assertThat(providerConfiguration.getTokenEndpoint()).isEqualTo(url("https://example.com/issuer1/oauth2/token"));
|
||||
assertThat(providerConfiguration.getJwkSetUrl()).isEqualTo(url("https://example.com/issuer1/oauth2/jwks"));
|
||||
assertThat(providerConfiguration.getIssuer()).isEqualTo(url("https://example.com"));
|
||||
assertThat(providerConfiguration.getAuthorizationEndpoint()).isEqualTo(url("https://example.com/oauth2/authorize"));
|
||||
assertThat(providerConfiguration.getTokenEndpoint()).isEqualTo(url("https://example.com/oauth2/token"));
|
||||
assertThat(providerConfiguration.getJwkSetUrl()).isEqualTo(url("https://example.com/oauth2/jwks"));
|
||||
assertThat(providerConfiguration.getScopes()).containsExactly("openid");
|
||||
assertThat(providerConfiguration.getResponseTypes()).containsExactly("code");
|
||||
assertThat(providerConfiguration.getGrantTypes()).isNull();
|
||||
assertThat(providerConfiguration.getSubjectTypes()).containsExactly("public");
|
||||
assertThat(providerConfiguration.getIdTokenSigningAlgorithms()).containsExactly("RS256");
|
||||
assertThat(providerConfiguration.getUserInfoEndpoint()).isEqualTo(url("https://example.com/issuer1/userinfo"));
|
||||
assertThat(providerConfiguration.getUserInfoEndpoint()).isEqualTo(url("https://example.com/userinfo"));
|
||||
assertThat(providerConfiguration.getTokenEndpointAuthenticationMethods()).isNull();
|
||||
assertThat(providerConfiguration.getClientRegistrationEndpoint()).isEqualTo(url("https://example.com/issuer1/connect/register"));
|
||||
assertThat(providerConfiguration.getClientRegistrationEndpoint()).isEqualTo(url("https://example.com/connect/register"));
|
||||
assertThat(providerConfiguration.<String>getClaim("some-claim")).isEqualTo("some-value");
|
||||
}
|
||||
|
||||
@Test
|
||||
public void buildWhenClaimsProvidedWithUrlsThenCreated() {
|
||||
Map<String, Object> claims = new HashMap<>();
|
||||
claims.put(OidcProviderMetadataClaimNames.ISSUER, url("https://example.com/issuer1"));
|
||||
claims.put(OidcProviderMetadataClaimNames.AUTHORIZATION_ENDPOINT, url("https://example.com/issuer1/oauth2/authorize"));
|
||||
claims.put(OidcProviderMetadataClaimNames.TOKEN_ENDPOINT, url("https://example.com/issuer1/oauth2/token"));
|
||||
claims.put(OidcProviderMetadataClaimNames.JWKS_URI, url("https://example.com/issuer1/oauth2/jwks"));
|
||||
claims.put(OidcProviderMetadataClaimNames.ISSUER, url("https://example.com"));
|
||||
claims.put(OidcProviderMetadataClaimNames.AUTHORIZATION_ENDPOINT, url("https://example.com/oauth2/authorize"));
|
||||
claims.put(OidcProviderMetadataClaimNames.TOKEN_ENDPOINT, url("https://example.com/oauth2/token"));
|
||||
claims.put(OidcProviderMetadataClaimNames.JWKS_URI, url("https://example.com/oauth2/jwks"));
|
||||
claims.put(OidcProviderMetadataClaimNames.SCOPES_SUPPORTED, Collections.singletonList("openid"));
|
||||
claims.put(OidcProviderMetadataClaimNames.RESPONSE_TYPES_SUPPORTED, Collections.singletonList("code"));
|
||||
claims.put(OidcProviderMetadataClaimNames.SUBJECT_TYPES_SUPPORTED, Collections.singletonList("public"));
|
||||
claims.put(OidcProviderMetadataClaimNames.ID_TOKEN_SIGNING_ALG_VALUES_SUPPORTED, Collections.singletonList("RS256"));
|
||||
claims.put(OidcProviderMetadataClaimNames.USER_INFO_ENDPOINT, url("https://example.com/issuer1/userinfo"));
|
||||
claims.put(OidcProviderMetadataClaimNames.REGISTRATION_ENDPOINT, url("https://example.com/issuer1/connect/register"));
|
||||
claims.put(OidcProviderMetadataClaimNames.USER_INFO_ENDPOINT, url("https://example.com/userinfo"));
|
||||
claims.put(OidcProviderMetadataClaimNames.REGISTRATION_ENDPOINT, url("https://example.com/connect/register"));
|
||||
claims.put("some-claim", "some-value");
|
||||
|
||||
OidcProviderConfiguration providerConfiguration = OidcProviderConfiguration.withClaims(claims).build();
|
||||
|
||||
assertThat(providerConfiguration.getIssuer()).isEqualTo(url("https://example.com/issuer1"));
|
||||
assertThat(providerConfiguration.getAuthorizationEndpoint()).isEqualTo(url("https://example.com/issuer1/oauth2/authorize"));
|
||||
assertThat(providerConfiguration.getTokenEndpoint()).isEqualTo(url("https://example.com/issuer1/oauth2/token"));
|
||||
assertThat(providerConfiguration.getJwkSetUrl()).isEqualTo(url("https://example.com/issuer1/oauth2/jwks"));
|
||||
assertThat(providerConfiguration.getIssuer()).isEqualTo(url("https://example.com"));
|
||||
assertThat(providerConfiguration.getAuthorizationEndpoint()).isEqualTo(url("https://example.com/oauth2/authorize"));
|
||||
assertThat(providerConfiguration.getTokenEndpoint()).isEqualTo(url("https://example.com/oauth2/token"));
|
||||
assertThat(providerConfiguration.getJwkSetUrl()).isEqualTo(url("https://example.com/oauth2/jwks"));
|
||||
assertThat(providerConfiguration.getScopes()).containsExactly("openid");
|
||||
assertThat(providerConfiguration.getResponseTypes()).containsExactly("code");
|
||||
assertThat(providerConfiguration.getGrantTypes()).isNull();
|
||||
assertThat(providerConfiguration.getSubjectTypes()).containsExactly("public");
|
||||
assertThat(providerConfiguration.getIdTokenSigningAlgorithms()).containsExactly("RS256");
|
||||
assertThat(providerConfiguration.getUserInfoEndpoint()).isEqualTo(url("https://example.com/issuer1/userinfo"));
|
||||
assertThat(providerConfiguration.getUserInfoEndpoint()).isEqualTo(url("https://example.com/userinfo"));
|
||||
assertThat(providerConfiguration.getTokenEndpointAuthenticationMethods()).isNull();
|
||||
assertThat(providerConfiguration.getClientRegistrationEndpoint()).isEqualTo(url("https://example.com/issuer1/connect/register"));
|
||||
assertThat(providerConfiguration.getClientRegistrationEndpoint()).isEqualTo(url("https://example.com/connect/register"));
|
||||
assertThat(providerConfiguration.<String>getClaim("some-claim")).isEqualTo("some-value");
|
||||
}
|
||||
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 2020-2022 the original author or authors.
|
||||
* Copyright 2020-2023 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
@@ -61,10 +61,10 @@ public class OidcProviderConfigurationHttpMessageConverterTests {
|
||||
public void readInternalWhenRequiredParametersThenSuccess() throws Exception {
|
||||
// @formatter:off
|
||||
String providerConfigurationResponse = "{\n"
|
||||
+ " \"issuer\": \"https://example.com/issuer1\",\n"
|
||||
+ " \"authorization_endpoint\": \"https://example.com/issuer1/oauth2/authorize\",\n"
|
||||
+ " \"token_endpoint\": \"https://example.com/issuer1/oauth2/token\",\n"
|
||||
+ " \"jwks_uri\": \"https://example.com/issuer1/oauth2/jwks\",\n"
|
||||
+ " \"issuer\": \"https://example.com\",\n"
|
||||
+ " \"authorization_endpoint\": \"https://example.com/oauth2/authorize\",\n"
|
||||
+ " \"token_endpoint\": \"https://example.com/oauth2/token\",\n"
|
||||
+ " \"jwks_uri\": \"https://example.com/oauth2/jwks\",\n"
|
||||
+ " \"response_types_supported\": [\"code\"],\n"
|
||||
+ " \"subject_types_supported\": [\"public\"],\n"
|
||||
+ " \"id_token_signing_alg_values_supported\": [\"RS256\"]\n"
|
||||
@@ -74,10 +74,10 @@ public class OidcProviderConfigurationHttpMessageConverterTests {
|
||||
OidcProviderConfiguration providerConfiguration = this.messageConverter
|
||||
.readInternal(OidcProviderConfiguration.class, response);
|
||||
|
||||
assertThat(providerConfiguration.getIssuer()).isEqualTo(new URL("https://example.com/issuer1"));
|
||||
assertThat(providerConfiguration.getAuthorizationEndpoint()).isEqualTo(new URL("https://example.com/issuer1/oauth2/authorize"));
|
||||
assertThat(providerConfiguration.getTokenEndpoint()).isEqualTo(new URL("https://example.com/issuer1/oauth2/token"));
|
||||
assertThat(providerConfiguration.getJwkSetUrl()).isEqualTo(new URL("https://example.com/issuer1/oauth2/jwks"));
|
||||
assertThat(providerConfiguration.getIssuer()).isEqualTo(new URL("https://example.com"));
|
||||
assertThat(providerConfiguration.getAuthorizationEndpoint()).isEqualTo(new URL("https://example.com/oauth2/authorize"));
|
||||
assertThat(providerConfiguration.getTokenEndpoint()).isEqualTo(new URL("https://example.com/oauth2/token"));
|
||||
assertThat(providerConfiguration.getJwkSetUrl()).isEqualTo(new URL("https://example.com/oauth2/jwks"));
|
||||
assertThat(providerConfiguration.getResponseTypes()).containsExactly("code");
|
||||
assertThat(providerConfiguration.getSubjectTypes()).containsExactly("public");
|
||||
assertThat(providerConfiguration.getIdTokenSigningAlgorithms()).containsExactly("RS256");
|
||||
@@ -90,11 +90,11 @@ public class OidcProviderConfigurationHttpMessageConverterTests {
|
||||
public void readInternalWhenValidParametersThenSuccess() throws Exception {
|
||||
// @formatter:off
|
||||
String providerConfigurationResponse = "{\n"
|
||||
+ " \"issuer\": \"https://example.com/issuer1\",\n"
|
||||
+ " \"authorization_endpoint\": \"https://example.com/issuer1/oauth2/authorize\",\n"
|
||||
+ " \"token_endpoint\": \"https://example.com/issuer1/oauth2/token\",\n"
|
||||
+ " \"jwks_uri\": \"https://example.com/issuer1/oauth2/jwks\",\n"
|
||||
+ " \"userinfo_endpoint\": \"https://example.com/issuer1/userinfo\",\n"
|
||||
+ " \"issuer\": \"https://example.com\",\n"
|
||||
+ " \"authorization_endpoint\": \"https://example.com/oauth2/authorize\",\n"
|
||||
+ " \"token_endpoint\": \"https://example.com/oauth2/token\",\n"
|
||||
+ " \"jwks_uri\": \"https://example.com/oauth2/jwks\",\n"
|
||||
+ " \"userinfo_endpoint\": \"https://example.com/userinfo\",\n"
|
||||
+ " \"scopes_supported\": [\"openid\"],\n"
|
||||
+ " \"response_types_supported\": [\"code\"],\n"
|
||||
+ " \"grant_types_supported\": [\"authorization_code\", \"client_credentials\"],\n"
|
||||
@@ -109,11 +109,11 @@ public class OidcProviderConfigurationHttpMessageConverterTests {
|
||||
OidcProviderConfiguration providerConfiguration = this.messageConverter
|
||||
.readInternal(OidcProviderConfiguration.class, response);
|
||||
|
||||
assertThat(providerConfiguration.getIssuer()).isEqualTo(new URL("https://example.com/issuer1"));
|
||||
assertThat(providerConfiguration.getAuthorizationEndpoint()).isEqualTo(new URL("https://example.com/issuer1/oauth2/authorize"));
|
||||
assertThat(providerConfiguration.getTokenEndpoint()).isEqualTo(new URL("https://example.com/issuer1/oauth2/token"));
|
||||
assertThat(providerConfiguration.getJwkSetUrl()).isEqualTo(new URL("https://example.com/issuer1/oauth2/jwks"));
|
||||
assertThat(providerConfiguration.getUserInfoEndpoint()).isEqualTo(new URL("https://example.com/issuer1/userinfo"));
|
||||
assertThat(providerConfiguration.getIssuer()).isEqualTo(new URL("https://example.com"));
|
||||
assertThat(providerConfiguration.getAuthorizationEndpoint()).isEqualTo(new URL("https://example.com/oauth2/authorize"));
|
||||
assertThat(providerConfiguration.getTokenEndpoint()).isEqualTo(new URL("https://example.com/oauth2/token"));
|
||||
assertThat(providerConfiguration.getJwkSetUrl()).isEqualTo(new URL("https://example.com/oauth2/jwks"));
|
||||
assertThat(providerConfiguration.getUserInfoEndpoint()).isEqualTo(new URL("https://example.com/userinfo"));
|
||||
assertThat(providerConfiguration.getScopes()).containsExactly("openid");
|
||||
assertThat(providerConfiguration.getResponseTypes()).containsExactly("code");
|
||||
assertThat(providerConfiguration.getGrantTypes()).containsExactlyInAnyOrder("authorization_code", "client_credentials");
|
||||
@@ -153,11 +153,11 @@ public class OidcProviderConfigurationHttpMessageConverterTests {
|
||||
public void writeInternalWhenProviderConfigurationThenSuccess() {
|
||||
OidcProviderConfiguration providerConfiguration =
|
||||
OidcProviderConfiguration.builder()
|
||||
.issuer("https://example.com/issuer1")
|
||||
.authorizationEndpoint("https://example.com/issuer1/oauth2/authorize")
|
||||
.tokenEndpoint("https://example.com/issuer1/oauth2/token")
|
||||
.jwkSetUrl("https://example.com/issuer1/oauth2/jwks")
|
||||
.userInfoEndpoint("https://example.com/issuer1/userinfo")
|
||||
.issuer("https://example.com")
|
||||
.authorizationEndpoint("https://example.com/oauth2/authorize")
|
||||
.tokenEndpoint("https://example.com/oauth2/token")
|
||||
.jwkSetUrl("https://example.com/oauth2/jwks")
|
||||
.userInfoEndpoint("https://example.com/userinfo")
|
||||
.scope("openid")
|
||||
.responseType("code")
|
||||
.grantType("authorization_code")
|
||||
@@ -173,11 +173,11 @@ public class OidcProviderConfigurationHttpMessageConverterTests {
|
||||
this.messageConverter.writeInternal(providerConfiguration, outputMessage);
|
||||
|
||||
String providerConfigurationResponse = outputMessage.getBodyAsString();
|
||||
assertThat(providerConfigurationResponse).contains("\"issuer\":\"https://example.com/issuer1\"");
|
||||
assertThat(providerConfigurationResponse).contains("\"authorization_endpoint\":\"https://example.com/issuer1/oauth2/authorize\"");
|
||||
assertThat(providerConfigurationResponse).contains("\"token_endpoint\":\"https://example.com/issuer1/oauth2/token\"");
|
||||
assertThat(providerConfigurationResponse).contains("\"jwks_uri\":\"https://example.com/issuer1/oauth2/jwks\"");
|
||||
assertThat(providerConfigurationResponse).contains("\"userinfo_endpoint\":\"https://example.com/issuer1/userinfo\"");
|
||||
assertThat(providerConfigurationResponse).contains("\"issuer\":\"https://example.com\"");
|
||||
assertThat(providerConfigurationResponse).contains("\"authorization_endpoint\":\"https://example.com/oauth2/authorize\"");
|
||||
assertThat(providerConfigurationResponse).contains("\"token_endpoint\":\"https://example.com/oauth2/token\"");
|
||||
assertThat(providerConfigurationResponse).contains("\"jwks_uri\":\"https://example.com/oauth2/jwks\"");
|
||||
assertThat(providerConfigurationResponse).contains("\"userinfo_endpoint\":\"https://example.com/userinfo\"");
|
||||
assertThat(providerConfigurationResponse).contains("\"scopes_supported\":[\"openid\"]");
|
||||
assertThat(providerConfigurationResponse).contains("\"response_types_supported\":[\"code\"]");
|
||||
assertThat(providerConfigurationResponse).contains("\"grant_types_supported\":[\"authorization_code\",\"client_credentials\"]");
|
||||
@@ -199,10 +199,10 @@ public class OidcProviderConfigurationHttpMessageConverterTests {
|
||||
|
||||
OidcProviderConfiguration providerConfiguration =
|
||||
OidcProviderConfiguration.builder()
|
||||
.issuer("https://example.com/issuer1")
|
||||
.authorizationEndpoint("https://example.com/issuer1/oauth2/authorize")
|
||||
.tokenEndpoint("https://example.com/issuer1/oauth2/token")
|
||||
.jwkSetUrl("https://example.com/issuer1/oauth2/jwks")
|
||||
.issuer("https://example.com")
|
||||
.authorizationEndpoint("https://example.com/oauth2/authorize")
|
||||
.tokenEndpoint("https://example.com/oauth2/token")
|
||||
.jwkSetUrl("https://example.com/oauth2/jwks")
|
||||
.responseType("code")
|
||||
.subjectType("public")
|
||||
.idTokenSigningAlgorithm("RS256")
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 2020-2022 the original author or authors.
|
||||
* Copyright 2020-2023 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
@@ -87,7 +87,7 @@ public class OidcProviderConfigurationEndpointFilterTests {
|
||||
|
||||
@Test
|
||||
public void doFilterWhenConfigurationRequestThenConfigurationResponse() throws Exception {
|
||||
String issuer = "https://example.com/issuer1";
|
||||
String issuer = "https://example.com";
|
||||
String authorizationEndpoint = "/oauth2/v1/authorize";
|
||||
String tokenEndpoint = "/oauth2/v1/token";
|
||||
String jwkSetEndpoint = "/oauth2/v1/jwks";
|
||||
@@ -118,20 +118,20 @@ public class OidcProviderConfigurationEndpointFilterTests {
|
||||
|
||||
assertThat(response.getContentType()).isEqualTo(MediaType.APPLICATION_JSON_VALUE);
|
||||
String providerConfigurationResponse = response.getContentAsString();
|
||||
assertThat(providerConfigurationResponse).contains("\"issuer\":\"https://example.com/issuer1\"");
|
||||
assertThat(providerConfigurationResponse).contains("\"authorization_endpoint\":\"https://example.com/issuer1/oauth2/v1/authorize\"");
|
||||
assertThat(providerConfigurationResponse).contains("\"token_endpoint\":\"https://example.com/issuer1/oauth2/v1/token\"");
|
||||
assertThat(providerConfigurationResponse).contains("\"jwks_uri\":\"https://example.com/issuer1/oauth2/v1/jwks\"");
|
||||
assertThat(providerConfigurationResponse).contains("\"issuer\":\"https://example.com\"");
|
||||
assertThat(providerConfigurationResponse).contains("\"authorization_endpoint\":\"https://example.com/oauth2/v1/authorize\"");
|
||||
assertThat(providerConfigurationResponse).contains("\"token_endpoint\":\"https://example.com/oauth2/v1/token\"");
|
||||
assertThat(providerConfigurationResponse).contains("\"jwks_uri\":\"https://example.com/oauth2/v1/jwks\"");
|
||||
assertThat(providerConfigurationResponse).contains("\"scopes_supported\":[\"openid\"]");
|
||||
assertThat(providerConfigurationResponse).contains("\"response_types_supported\":[\"code\"]");
|
||||
assertThat(providerConfigurationResponse).contains("\"grant_types_supported\":[\"authorization_code\",\"client_credentials\",\"refresh_token\"]");
|
||||
assertThat(providerConfigurationResponse).contains("\"revocation_endpoint\":\"https://example.com/issuer1/oauth2/v1/revoke\"");
|
||||
assertThat(providerConfigurationResponse).contains("\"revocation_endpoint\":\"https://example.com/oauth2/v1/revoke\"");
|
||||
assertThat(providerConfigurationResponse).contains("\"revocation_endpoint_auth_methods_supported\":[\"client_secret_basic\",\"client_secret_post\",\"client_secret_jwt\",\"private_key_jwt\"]");
|
||||
assertThat(providerConfigurationResponse).contains("\"introspection_endpoint\":\"https://example.com/issuer1/oauth2/v1/introspect\"");
|
||||
assertThat(providerConfigurationResponse).contains("\"introspection_endpoint\":\"https://example.com/oauth2/v1/introspect\"");
|
||||
assertThat(providerConfigurationResponse).contains("\"introspection_endpoint_auth_methods_supported\":[\"client_secret_basic\",\"client_secret_post\",\"client_secret_jwt\",\"private_key_jwt\"]");
|
||||
assertThat(providerConfigurationResponse).contains("\"subject_types_supported\":[\"public\"]");
|
||||
assertThat(providerConfigurationResponse).contains("\"id_token_signing_alg_values_supported\":[\"RS256\"]");
|
||||
assertThat(providerConfigurationResponse).contains("\"userinfo_endpoint\":\"https://example.com/issuer1/userinfo\"");
|
||||
assertThat(providerConfigurationResponse).contains("\"userinfo_endpoint\":\"https://example.com/userinfo\"");
|
||||
assertThat(providerConfigurationResponse).contains("\"token_endpoint_auth_methods_supported\":[\"client_secret_basic\",\"client_secret_post\",\"client_secret_jwt\",\"private_key_jwt\"]");
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user