Opaque Token Support

Fixes: gh-5200
This commit is contained in:
Josh Cummings
2018-10-11 15:20:02 -06:00
parent 594a169798
commit ef9c3e4771
9 changed files with 996 additions and 20 deletions

View File

@@ -1,5 +1,5 @@
/*
* Copyright 2002-2018 the original author or authors.
* Copyright 2002-2019 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -1109,7 +1109,7 @@ public class OAuth2ResourceServerConfigurerTests {
assertThatCode(() -> this.spring.register(JwtlessConfig.class).autowire())
.isInstanceOf(BeanCreationException.class)
.hasMessageContaining("no Jwt configuration was found");
.hasMessageContaining("neither was found");
}
@Test
@@ -1120,6 +1120,13 @@ public class OAuth2ResourceServerConfigurerTests {
.hasMessageContaining("No qualifying bean of type");
}
@Test
public void configureWhenUsingBothJwtAndOpaqueThenWiringException() {
assertThatCode(() -> this.spring.register(OpaqueAndJwtConfig.class).autowire())
.isInstanceOf(BeanCreationException.class)
.hasMessageContaining("Spring Security only supports JWTs or Opaque Tokens");
}
// -- support
@EnableWebSecurity
@@ -1623,6 +1630,19 @@ public class OAuth2ResourceServerConfigurerTests {
}
}
@EnableWebSecurity
static class OpaqueAndJwtConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
// @formatter:off
http
.oauth2ResourceServer()
.jwt()
.and()
.opaqueToken();
}
}
@Configuration
static class JwtDecoderConfig {
@Bean