Enabling OAuth2 Credentials AT

Including clients.write as an authority to the ATs client
This commit is contained in:
Alberto Rios
2019-05-15 10:35:11 +02:00
committed by Alberto Ríos
parent 283819aeec
commit 84fad7e3ec
3 changed files with 3 additions and 24 deletions

View File

@@ -68,9 +68,6 @@ import org.springframework.web.client.RestTemplate;
import org.springframework.web.reactive.function.client.WebClient;
import static org.assertj.core.api.Assertions.assertThat;
import static org.springframework.cloud.appbroker.acceptance.fixtures.cf.CloudFoundryClientConfiguration.ACCEPTANCE_TEST_OAUTH_CLIENT_AUTHORITIES;
import static org.springframework.cloud.appbroker.acceptance.fixtures.cf.CloudFoundryClientConfiguration.ACCEPTANCE_TEST_OAUTH_CLIENT_ID;
import static org.springframework.cloud.appbroker.acceptance.fixtures.cf.CloudFoundryClientConfiguration.ACCEPTANCE_TEST_OAUTH_CLIENT_SECRET;
import static org.springframework.cloud.appbroker.acceptance.fixtures.cf.CloudFoundryClientConfiguration.APP_BROKER_CLIENT_AUTHORITIES;
import static org.springframework.cloud.appbroker.acceptance.fixtures.cf.CloudFoundryClientConfiguration.APP_BROKER_CLIENT_SECRET;
@@ -186,10 +183,6 @@ abstract class CloudFoundryAcceptanceTest {
.getOrCreateDefaultSpace()
.map(SpaceSummary::getId)
.flatMap(spaceId -> cleanup(orgId, spaceId)
.then(uaaService.createClient(
ACCEPTANCE_TEST_OAUTH_CLIENT_ID,
ACCEPTANCE_TEST_OAUTH_CLIENT_SECRET,
ACCEPTANCE_TEST_OAUTH_CLIENT_AUTHORITIES))
.then(uaaService.createClient(
brokerClientId(),
APP_BROKER_CLIENT_SECRET,

View File

@@ -22,13 +22,10 @@ import com.jayway.jsonpath.DocumentContext;
import org.cloudfoundry.operations.applications.ApplicationSummary;
import org.cloudfoundry.uaa.clients.GetClientResponse;
import org.cloudfoundry.uaa.tokens.GrantType;
import org.junit.jupiter.api.Disabled;
import org.junit.jupiter.api.Test;
import static org.assertj.core.api.Assertions.assertThat;
@Disabled("This test can only be run with a Cloud Foundry user or client that has 'client.write' authority, " +
"so it should not be run in CI")
class CreateInstanceWithOAuth2CredentialsAcceptanceTest extends CloudFoundryAcceptanceTest {
private static final String APP_NAME = "app-create-oauth2";
@@ -84,9 +81,9 @@ class CreateInstanceWithOAuth2CredentialsAcceptanceTest extends CloudFoundryAcce
// and has the environment variables
DocumentContext json = getSpringAppJson(APP_NAME);
assertThat(json.read("$.spring.security.oauth2.client.registration.sample-app-client.client-id").toString())
assertThat(json.read("$.['spring.security.oauth2.client.registration.sample-app-client.client-id']").toString())
.isEqualTo(uaaClientId(serviceInstanceGuid));
assertThat(json.read("$.spring.security.oauth2.client.registration.sample-app-client.client-secret").toString())
assertThat(json.read("$.['spring.security.oauth2.client.registration.sample-app-client.client-secret']").toString())
.matches("[a-zA-Z]{12}");
// and a UAA client is created

View File

@@ -42,20 +42,9 @@ import org.springframework.context.annotation.Configuration;
@EnableConfigurationProperties(CloudFoundryProperties.class)
public class CloudFoundryClientConfiguration {
public static final String ACCEPTANCE_TEST_OAUTH_CLIENT_ID = "acceptance-test-client";
public static final String ACCEPTANCE_TEST_OAUTH_CLIENT_SECRET = "acceptance-test-client-secret";
public static final String[] ACCEPTANCE_TEST_OAUTH_CLIENT_AUTHORITIES = {
"openid",
"cloud_controller.admin",
"cloud_controller.read",
"cloud_controller.write",
"clients.read",
"clients.write"
};
public static final String APP_BROKER_CLIENT_SECRET = "app-broker-client-secret";
public static final String[] APP_BROKER_CLIENT_AUTHORITIES = {
"cloud_controller.read", "cloud_controller.write"
"cloud_controller.read", "cloud_controller.write", "clients.write"
};
@Bean