Add Support for JWK Signature Algorithm Discovery

Issue gh-7160
This commit is contained in:
Nick Hitchan
2020-06-23 20:11:10 -04:00
committed by Josh Cummings
parent 4ffc3d6ceb
commit 290786438c
13 changed files with 229 additions and 12 deletions

View File

@@ -223,6 +223,7 @@ public class OAuth2ResourceServerConfigurerTests {
public void getWhenUsingJwkSetUriThenAcceptsRequest() throws Exception {
this.spring.register(WebServerConfig.class, JwkSetUriConfig.class, BasicController.class).autowire();
mockWebServer(jwks("Default"));
mockWebServer(jwks("Default"));
String token = this.token("ValidNoScopes");
// @formatter:off
this.mvc.perform(get("/").with(bearerToken(token)))
@@ -235,6 +236,7 @@ public class OAuth2ResourceServerConfigurerTests {
public void getWhenUsingJwkSetUriInLambdaThenAcceptsRequest() throws Exception {
this.spring.register(WebServerConfig.class, JwkSetUriInLambdaConfig.class, BasicController.class).autowire();
mockWebServer(jwks("Default"));
mockWebServer(jwks("Default"));
String token = this.token("ValidNoScopes");
// @formatter:off
this.mvc.perform(get("/").with(bearerToken(token)))
@@ -1185,6 +1187,7 @@ public class OAuth2ResourceServerConfigurerTests {
String jwtThree = jwtFromIssuer(issuerThree);
mockWebServer(String.format(metadata, issuerOne, issuerOne));
mockWebServer(jwkSet);
mockWebServer(jwkSet);
// @formatter:off
this.mvc.perform(get("/authenticated").with(bearerToken(jwtOne)))
.andExpect(status().isOk())
@@ -1192,6 +1195,7 @@ public class OAuth2ResourceServerConfigurerTests {
// @formatter:on
mockWebServer(String.format(metadata, issuerTwo, issuerTwo));
mockWebServer(jwkSet);
mockWebServer(jwkSet);
// @formatter:off
this.mvc.perform(get("/authenticated").with(bearerToken(jwtTwo)))
.andExpect(status().isOk())

View File

@@ -148,6 +148,7 @@ public class OAuth2ResourceServerBeanDefinitionParserTests {
public void getWhenUsingJwkSetUriThenAcceptsRequest() throws Exception {
this.spring.configLocations(xml("WebServer"), xml("JwkSetUri")).autowire();
mockWebServer(jwks("Default"));
mockWebServer(jwks("Default"));
String token = this.token("ValidNoScopes");
// @formatter:off
this.mvc.perform(get("/").header("Authorization", "Bearer " + token))
@@ -709,18 +710,21 @@ public class OAuth2ResourceServerBeanDefinitionParserTests {
String jwtThree = jwtFromIssuer(issuerThree);
mockWebServer(String.format(metadata, issuerOne, issuerOne));
mockWebServer(jwkSet);
mockWebServer(jwkSet);
// @formatter:off
this.mvc.perform(get("/authenticated").header("Authorization", "Bearer " + jwtOne))
.andExpect(status().isNotFound());
// @formatter:on
mockWebServer(String.format(metadata, issuerTwo, issuerTwo));
mockWebServer(jwkSet);
mockWebServer(jwkSet);
// @formatter:off
this.mvc.perform(get("/authenticated").header("Authorization", "Bearer " + jwtTwo))
.andExpect(status().isNotFound());
// @formatter:on
mockWebServer(String.format(metadata, issuerThree, issuerThree));
mockWebServer(jwkSet);
mockWebServer(jwkSet);
// @formatter:off
this.mvc.perform(get("/authenticated").header("Authorization", "Bearer " + jwtThree))
.andExpect(status().isUnauthorized())

View File

@@ -261,6 +261,7 @@ public class OAuth2ResourceServerSpecTests {
this.spring.register(JwkSetUriConfig.class, RootController.class).autowire();
MockWebServer mockWebServer = this.spring.getContext().getBean(MockWebServer.class);
mockWebServer.enqueue(new MockResponse().setBody(this.jwkSet));
mockWebServer.enqueue(new MockResponse().setBody(this.jwkSet));
// @formatter:off
this.client.get()
.headers((headers) -> headers
@@ -276,6 +277,7 @@ public class OAuth2ResourceServerSpecTests {
this.spring.register(JwkSetUriInLambdaConfig.class, RootController.class).autowire();
MockWebServer mockWebServer = this.spring.getContext().getBean(MockWebServer.class);
mockWebServer.enqueue(new MockResponse().setBody(this.jwkSet));
mockWebServer.enqueue(new MockResponse().setBody(this.jwkSet));
// @formatter:off
this.client.get()
.headers((headers) -> headers