GitHub-Spring
/
spring-authorization-server
mirror of https://github.com/spring-projects/spring-authorization-server.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Merge branch '0.4.x' into 1.0.x 

Closes gh-1420
1.0.x
Joe Grandja 2 years ago
parent
43405c6eae 5286affbfe
commit
668ad6ce59
4 changed files with 95 additions and 95 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 92
      oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/OAuth2AuthorizationServerMetadataTests.java
  2. 14
      oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2AuthorizationServerMetadataTests.java
  3. 68
      oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/http/converter/OAuth2AuthorizationServerMetadataHttpMessageConverterTests.java
  4. 16
      oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/web/OAuth2AuthorizationServerMetadataEndpointFilterTests.java

92
oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/OAuth2AuthorizationServerMetadataTests.java
Unescape View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2020-2022 the original author or authors. * Copyright 2020-2023 the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -38,43 +38,43 @@ public class OAuth2AuthorizationServerMetadataTests {
// @formatter:off // @formatter:off
private final Builder minimalBuilder = private final Builder minimalBuilder =
OAuth2AuthorizationServerMetadata.builder() OAuth2AuthorizationServerMetadata.builder()
.issuer("https://example.com/issuer1") .issuer("https://example.com")
.authorizationEndpoint("https://example.com/issuer1/oauth2/authorize") .authorizationEndpoint("https://example.com/oauth2/authorize")
.tokenEndpoint("https://example.com/issuer1/oauth2/token") .tokenEndpoint("https://example.com/oauth2/token")
.responseType("code"); .responseType("code");
// @formatter:on // @formatter:on
@Test @Test
public void buildWhenAllClaimsProvidedThenCreated() { public void buildWhenAllClaimsProvidedThenCreated() {
OAuth2AuthorizationServerMetadata authorizationServerMetadata = OAuth2AuthorizationServerMetadata.builder() OAuth2AuthorizationServerMetadata authorizationServerMetadata = OAuth2AuthorizationServerMetadata.builder()
.issuer("https://example.com/issuer1") .issuer("https://example.com")
.authorizationEndpoint("https://example.com/issuer1/oauth2/authorize") .authorizationEndpoint("https://example.com/oauth2/authorize")
.tokenEndpoint("https://example.com/issuer1/oauth2/token") .tokenEndpoint("https://example.com/oauth2/token")
.tokenEndpointAuthenticationMethod(ClientAuthenticationMethod.CLIENT_SECRET_BASIC.getValue()) .tokenEndpointAuthenticationMethod(ClientAuthenticationMethod.CLIENT_SECRET_BASIC.getValue())
.jwkSetUrl("https://example.com/issuer1/oauth2/jwks") .jwkSetUrl("https://example.com/oauth2/jwks")
.scope("openid") .scope("openid")
.responseType("code") .responseType("code")
.grantType("authorization_code") .grantType("authorization_code")
.grantType("client_credentials") .grantType("client_credentials")
.tokenRevocationEndpoint("https://example.com/issuer1/oauth2/revoke") .tokenRevocationEndpoint("https://example.com/oauth2/revoke")
.tokenRevocationEndpointAuthenticationMethod(ClientAuthenticationMethod.CLIENT_SECRET_BASIC.getValue()) .tokenRevocationEndpointAuthenticationMethod(ClientAuthenticationMethod.CLIENT_SECRET_BASIC.getValue())
.tokenIntrospectionEndpoint("https://example.com/issuer1/oauth2/introspect") .tokenIntrospectionEndpoint("https://example.com/oauth2/introspect")
.tokenIntrospectionEndpointAuthenticationMethod(ClientAuthenticationMethod.CLIENT_SECRET_BASIC.getValue()) .tokenIntrospectionEndpointAuthenticationMethod(ClientAuthenticationMethod.CLIENT_SECRET_BASIC.getValue())
.codeChallengeMethod("S256") .codeChallengeMethod("S256")
.claim("a-claim", "a-value") .claim("a-claim", "a-value")
.build(); .build();
assertThat(authorizationServerMetadata.getIssuer()).isEqualTo(url("https://example.com/issuer1")); assertThat(authorizationServerMetadata.getIssuer()).isEqualTo(url("https://example.com"));
assertThat(authorizationServerMetadata.getAuthorizationEndpoint()).isEqualTo(url("https://example.com/issuer1/oauth2/authorize")); assertThat(authorizationServerMetadata.getAuthorizationEndpoint()).isEqualTo(url("https://example.com/oauth2/authorize"));
assertThat(authorizationServerMetadata.getTokenEndpoint()).isEqualTo(url("https://example.com/issuer1/oauth2/token")); assertThat(authorizationServerMetadata.getTokenEndpoint()).isEqualTo(url("https://example.com/oauth2/token"));
assertThat(authorizationServerMetadata.getTokenEndpointAuthenticationMethods()).containsExactly(ClientAuthenticationMethod.CLIENT_SECRET_BASIC.getValue()); assertThat(authorizationServerMetadata.getTokenEndpointAuthenticationMethods()).containsExactly(ClientAuthenticationMethod.CLIENT_SECRET_BASIC.getValue());
assertThat(authorizationServerMetadata.getJwkSetUrl()).isEqualTo(url("https://example.com/issuer1/oauth2/jwks")); assertThat(authorizationServerMetadata.getJwkSetUrl()).isEqualTo(url("https://example.com/oauth2/jwks"));
assertThat(authorizationServerMetadata.getScopes()).containsExactly("openid"); assertThat(authorizationServerMetadata.getScopes()).containsExactly("openid");
assertThat(authorizationServerMetadata.getResponseTypes()).containsExactly("code"); assertThat(authorizationServerMetadata.getResponseTypes()).containsExactly("code");
assertThat(authorizationServerMetadata.getGrantTypes()).containsExactlyInAnyOrder("authorization_code", "client_credentials"); assertThat(authorizationServerMetadata.getGrantTypes()).containsExactlyInAnyOrder("authorization_code", "client_credentials");
assertThat(authorizationServerMetadata.getTokenRevocationEndpoint()).isEqualTo(url("https://example.com/issuer1/oauth2/revoke")); assertThat(authorizationServerMetadata.getTokenRevocationEndpoint()).isEqualTo(url("https://example.com/oauth2/revoke"));
assertThat(authorizationServerMetadata.getTokenRevocationEndpointAuthenticationMethods()).containsExactly(ClientAuthenticationMethod.CLIENT_SECRET_BASIC.getValue()); assertThat(authorizationServerMetadata.getTokenRevocationEndpointAuthenticationMethods()).containsExactly(ClientAuthenticationMethod.CLIENT_SECRET_BASIC.getValue());
assertThat(authorizationServerMetadata.getTokenIntrospectionEndpoint()).isEqualTo(url("https://example.com/issuer1/oauth2/introspect")); assertThat(authorizationServerMetadata.getTokenIntrospectionEndpoint()).isEqualTo(url("https://example.com/oauth2/introspect"));
assertThat(authorizationServerMetadata.getTokenIntrospectionEndpointAuthenticationMethods()).containsExactly(ClientAuthenticationMethod.CLIENT_SECRET_BASIC.getValue()); assertThat(authorizationServerMetadata.getTokenIntrospectionEndpointAuthenticationMethods()).containsExactly(ClientAuthenticationMethod.CLIENT_SECRET_BASIC.getValue());
assertThat(authorizationServerMetadata.getCodeChallengeMethods()).containsExactly("S256"); assertThat(authorizationServerMetadata.getCodeChallengeMethods()).containsExactly("S256");
assertThat(authorizationServerMetadata.getClaimAsString("a-claim")).isEqualTo("a-value"); assertThat(authorizationServerMetadata.getClaimAsString("a-claim")).isEqualTo("a-value");
@ -83,15 +83,15 @@ public class OAuth2AuthorizationServerMetadataTests {
@Test @Test
public void buildWhenOnlyRequiredClaimsProvidedThenCreated() { public void buildWhenOnlyRequiredClaimsProvidedThenCreated() {
OAuth2AuthorizationServerMetadata authorizationServerMetadata = OAuth2AuthorizationServerMetadata.builder() OAuth2AuthorizationServerMetadata authorizationServerMetadata = OAuth2AuthorizationServerMetadata.builder()
.issuer("https://example.com/issuer1") .issuer("https://example.com")
.authorizationEndpoint("https://example.com/issuer1/oauth2/authorize") .authorizationEndpoint("https://example.com/oauth2/authorize")
.tokenEndpoint("https://example.com/issuer1/oauth2/token") .tokenEndpoint("https://example.com/oauth2/token")
.responseType("code") .responseType("code")
.build(); .build();
assertThat(authorizationServerMetadata.getIssuer()).isEqualTo(url("https://example.com/issuer1")); assertThat(authorizationServerMetadata.getIssuer()).isEqualTo(url("https://example.com"));
assertThat(authorizationServerMetadata.getAuthorizationEndpoint()).isEqualTo(url("https://example.com/issuer1/oauth2/authorize")); assertThat(authorizationServerMetadata.getAuthorizationEndpoint()).isEqualTo(url("https://example.com/oauth2/authorize"));
assertThat(authorizationServerMetadata.getTokenEndpoint()).isEqualTo(url("https://example.com/issuer1/oauth2/token")); assertThat(authorizationServerMetadata.getTokenEndpoint()).isEqualTo(url("https://example.com/oauth2/token"));
assertThat(authorizationServerMetadata.getTokenEndpointAuthenticationMethods()).isNull(); assertThat(authorizationServerMetadata.getTokenEndpointAuthenticationMethods()).isNull();
assertThat(authorizationServerMetadata.getJwkSetUrl()).isNull(); assertThat(authorizationServerMetadata.getJwkSetUrl()).isNull();
assertThat(authorizationServerMetadata.getScopes()).isNull(); assertThat(authorizationServerMetadata.getScopes()).isNull();
@ -107,29 +107,29 @@ public class OAuth2AuthorizationServerMetadataTests {
@Test @Test
public void withClaimsWhenClaimsProvidedThenCreated() { public void withClaimsWhenClaimsProvidedThenCreated() {
HashMap<String, Object> claims = new HashMap<>(); HashMap<String, Object> claims = new HashMap<>();
claims.put(OAuth2AuthorizationServerMetadataClaimNames.ISSUER, "https://example.com/issuer1"); claims.put(OAuth2AuthorizationServerMetadataClaimNames.ISSUER, "https://example.com");
claims.put(OAuth2AuthorizationServerMetadataClaimNames.AUTHORIZATION_ENDPOINT, "https://example.com/issuer1/oauth2/authorize"); claims.put(OAuth2AuthorizationServerMetadataClaimNames.AUTHORIZATION_ENDPOINT, "https://example.com/oauth2/authorize");
claims.put(OAuth2AuthorizationServerMetadataClaimNames.TOKEN_ENDPOINT, "https://example.com/issuer1/oauth2/token"); claims.put(OAuth2AuthorizationServerMetadataClaimNames.TOKEN_ENDPOINT, "https://example.com/oauth2/token");
claims.put(OAuth2AuthorizationServerMetadataClaimNames.JWKS_URI, "https://example.com/issuer1/oauth2/jwks"); claims.put(OAuth2AuthorizationServerMetadataClaimNames.JWKS_URI, "https://example.com/oauth2/jwks");
claims.put(OAuth2AuthorizationServerMetadataClaimNames.SCOPES_SUPPORTED, Collections.singletonList("openid")); claims.put(OAuth2AuthorizationServerMetadataClaimNames.SCOPES_SUPPORTED, Collections.singletonList("openid"));
claims.put(OAuth2AuthorizationServerMetadataClaimNames.RESPONSE_TYPES_SUPPORTED, Collections.singletonList("code")); claims.put(OAuth2AuthorizationServerMetadataClaimNames.RESPONSE_TYPES_SUPPORTED, Collections.singletonList("code"));
claims.put(OAuth2AuthorizationServerMetadataClaimNames.REVOCATION_ENDPOINT, "https://example.com/issuer1/oauth2/revoke"); claims.put(OAuth2AuthorizationServerMetadataClaimNames.REVOCATION_ENDPOINT, "https://example.com/oauth2/revoke");
claims.put(OAuth2AuthorizationServerMetadataClaimNames.INTROSPECTION_ENDPOINT, "https://example.com/issuer1/oauth2/introspect"); claims.put(OAuth2AuthorizationServerMetadataClaimNames.INTROSPECTION_ENDPOINT, "https://example.com/oauth2/introspect");
claims.put("some-claim", "some-value"); claims.put("some-claim", "some-value");
OAuth2AuthorizationServerMetadata authorizationServerMetadata = OAuth2AuthorizationServerMetadata.withClaims(claims).build(); OAuth2AuthorizationServerMetadata authorizationServerMetadata = OAuth2AuthorizationServerMetadata.withClaims(claims).build();
assertThat(authorizationServerMetadata.getIssuer()).isEqualTo(url("https://example.com/issuer1")); assertThat(authorizationServerMetadata.getIssuer()).isEqualTo(url("https://example.com"));
assertThat(authorizationServerMetadata.getAuthorizationEndpoint()).isEqualTo(url("https://example.com/issuer1/oauth2/authorize")); assertThat(authorizationServerMetadata.getAuthorizationEndpoint()).isEqualTo(url("https://example.com/oauth2/authorize"));
assertThat(authorizationServerMetadata.getTokenEndpoint()).isEqualTo(url("https://example.com/issuer1/oauth2/token")); assertThat(authorizationServerMetadata.getTokenEndpoint()).isEqualTo(url("https://example.com/oauth2/token"));
assertThat(authorizationServerMetadata.getTokenEndpointAuthenticationMethods()).isNull(); assertThat(authorizationServerMetadata.getTokenEndpointAuthenticationMethods()).isNull();
assertThat(authorizationServerMetadata.getJwkSetUrl()).isEqualTo(url("https://example.com/issuer1/oauth2/jwks")); assertThat(authorizationServerMetadata.getJwkSetUrl()).isEqualTo(url("https://example.com/oauth2/jwks"));
assertThat(authorizationServerMetadata.getScopes()).containsExactly("openid"); assertThat(authorizationServerMetadata.getScopes()).containsExactly("openid");
assertThat(authorizationServerMetadata.getResponseTypes()).containsExactly("code"); assertThat(authorizationServerMetadata.getResponseTypes()).containsExactly("code");
assertThat(authorizationServerMetadata.getGrantTypes()).isNull(); assertThat(authorizationServerMetadata.getGrantTypes()).isNull();
assertThat(authorizationServerMetadata.getTokenRevocationEndpoint()).isEqualTo(url("https://example.com/issuer1/oauth2/revoke")); assertThat(authorizationServerMetadata.getTokenRevocationEndpoint()).isEqualTo(url("https://example.com/oauth2/revoke"));
assertThat(authorizationServerMetadata.getTokenRevocationEndpointAuthenticationMethods()).isNull(); assertThat(authorizationServerMetadata.getTokenRevocationEndpointAuthenticationMethods()).isNull();
assertThat(authorizationServerMetadata.getTokenIntrospectionEndpoint()).isEqualTo(url("https://example.com/issuer1/oauth2/introspect")); assertThat(authorizationServerMetadata.getTokenIntrospectionEndpoint()).isEqualTo(url("https://example.com/oauth2/introspect"));
assertThat(authorizationServerMetadata.getTokenIntrospectionEndpointAuthenticationMethods()).isNull(); assertThat(authorizationServerMetadata.getTokenIntrospectionEndpointAuthenticationMethods()).isNull();
assertThat(authorizationServerMetadata.getCodeChallengeMethods()).isNull(); assertThat(authorizationServerMetadata.getCodeChallengeMethods()).isNull();
assertThat(authorizationServerMetadata.getClaimAsString("some-claim")).isEqualTo("some-value"); assertThat(authorizationServerMetadata.getClaimAsString("some-claim")).isEqualTo("some-value");
@ -138,28 +138,28 @@ public class OAuth2AuthorizationServerMetadataTests {
@Test @Test
public void withClaimsWhenClaimsWithUrlsProvidedThenCreated() { public void withClaimsWhenClaimsWithUrlsProvidedThenCreated() {
HashMap<String, Object> claims = new HashMap<>(); HashMap<String, Object> claims = new HashMap<>();
claims.put(OAuth2AuthorizationServerMetadataClaimNames.ISSUER, url("https://example.com/issuer1")); claims.put(OAuth2AuthorizationServerMetadataClaimNames.ISSUER, url("https://example.com"));
claims.put(OAuth2AuthorizationServerMetadataClaimNames.AUTHORIZATION_ENDPOINT, url("https://example.com/issuer1/oauth2/authorize")); claims.put(OAuth2AuthorizationServerMetadataClaimNames.AUTHORIZATION_ENDPOINT, url("https://example.com/oauth2/authorize"));
claims.put(OAuth2AuthorizationServerMetadataClaimNames.TOKEN_ENDPOINT, url("https://example.com/issuer1/oauth2/token")); claims.put(OAuth2AuthorizationServerMetadataClaimNames.TOKEN_ENDPOINT, url("https://example.com/oauth2/token"));
claims.put(OAuth2AuthorizationServerMetadataClaimNames.JWKS_URI, url("https://example.com/issuer1/oauth2/jwks")); claims.put(OAuth2AuthorizationServerMetadataClaimNames.JWKS_URI, url("https://example.com/oauth2/jwks"));
claims.put(OAuth2AuthorizationServerMetadataClaimNames.RESPONSE_TYPES_SUPPORTED, Collections.singletonList("code")); claims.put(OAuth2AuthorizationServerMetadataClaimNames.RESPONSE_TYPES_SUPPORTED, Collections.singletonList("code"));
claims.put(OAuth2AuthorizationServerMetadataClaimNames.REVOCATION_ENDPOINT, url("https://example.com/issuer1/oauth2/revoke")); claims.put(OAuth2AuthorizationServerMetadataClaimNames.REVOCATION_ENDPOINT, url("https://example.com/oauth2/revoke"));
claims.put(OAuth2AuthorizationServerMetadataClaimNames.INTROSPECTION_ENDPOINT, url("https://example.com/issuer1/oauth2/introspect")); claims.put(OAuth2AuthorizationServerMetadataClaimNames.INTROSPECTION_ENDPOINT, url("https://example.com/oauth2/introspect"));
claims.put("some-claim", "some-value"); claims.put("some-claim", "some-value");
OAuth2AuthorizationServerMetadata authorizationServerMetadata = OAuth2AuthorizationServerMetadata.withClaims(claims).build(); OAuth2AuthorizationServerMetadata authorizationServerMetadata = OAuth2AuthorizationServerMetadata.withClaims(claims).build();
assertThat(authorizationServerMetadata.getIssuer()).isEqualTo(url("https://example.com/issuer1")); assertThat(authorizationServerMetadata.getIssuer()).isEqualTo(url("https://example.com"));
assertThat(authorizationServerMetadata.getAuthorizationEndpoint()).isEqualTo(url("https://example.com/issuer1/oauth2/authorize")); assertThat(authorizationServerMetadata.getAuthorizationEndpoint()).isEqualTo(url("https://example.com/oauth2/authorize"));
assertThat(authorizationServerMetadata.getTokenEndpoint()).isEqualTo(url("https://example.com/issuer1/oauth2/token")); assertThat(authorizationServerMetadata.getTokenEndpoint()).isEqualTo(url("https://example.com/oauth2/token"));
assertThat(authorizationServerMetadata.getTokenEndpointAuthenticationMethods()).isNull(); assertThat(authorizationServerMetadata.getTokenEndpointAuthenticationMethods()).isNull();
assertThat(authorizationServerMetadata.getJwkSetUrl()).isEqualTo(url("https://example.com/issuer1/oauth2/jwks")); assertThat(authorizationServerMetadata.getJwkSetUrl()).isEqualTo(url("https://example.com/oauth2/jwks"));
assertThat(authorizationServerMetadata.getScopes()).isNull(); assertThat(authorizationServerMetadata.getScopes()).isNull();
assertThat(authorizationServerMetadata.getResponseTypes()).containsExactly("code"); assertThat(authorizationServerMetadata.getResponseTypes()).containsExactly("code");
assertThat(authorizationServerMetadata.getGrantTypes()).isNull(); assertThat(authorizationServerMetadata.getGrantTypes()).isNull();
assertThat(authorizationServerMetadata.getTokenRevocationEndpoint()).isEqualTo(url("https://example.com/issuer1/oauth2/revoke")); assertThat(authorizationServerMetadata.getTokenRevocationEndpoint()).isEqualTo(url("https://example.com/oauth2/revoke"));
assertThat(authorizationServerMetadata.getTokenRevocationEndpointAuthenticationMethods()).isNull(); assertThat(authorizationServerMetadata.getTokenRevocationEndpointAuthenticationMethods()).isNull();
assertThat(authorizationServerMetadata.getTokenIntrospectionEndpoint()).isEqualTo(url("https://example.com/issuer1/oauth2/introspect")); assertThat(authorizationServerMetadata.getTokenIntrospectionEndpoint()).isEqualTo(url("https://example.com/oauth2/introspect"));
assertThat(authorizationServerMetadata.getTokenIntrospectionEndpointAuthenticationMethods()).isNull(); assertThat(authorizationServerMetadata.getTokenIntrospectionEndpointAuthenticationMethods()).isNull();
assertThat(authorizationServerMetadata.getCodeChallengeMethods()).isNull(); assertThat(authorizationServerMetadata.getCodeChallengeMethods()).isNull();
assertThat(authorizationServerMetadata.getClaimAsString("some-claim")).isEqualTo("some-value"); assertThat(authorizationServerMetadata.getClaimAsString("some-claim")).isEqualTo("some-value");

14
oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2AuthorizationServerMetadataTests.java
Unescape View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2020-2022 the original author or authors. * Copyright 2020-2023 the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -65,7 +65,7 @@ import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.
@ExtendWith(SpringTestContextExtension.class) @ExtendWith(SpringTestContextExtension.class)
public class OAuth2AuthorizationServerMetadataTests { public class OAuth2AuthorizationServerMetadataTests {
private static final String DEFAULT_OAUTH2_AUTHORIZATION_SERVER_METADATA_ENDPOINT_URI = "/.well-known/oauth-authorization-server"; private static final String DEFAULT_OAUTH2_AUTHORIZATION_SERVER_METADATA_ENDPOINT_URI = "/.well-known/oauth-authorization-server";
private static final String issuerUrl = "https://example.com/issuer1"; private static final String ISSUER_URL = "https://example.com";
private static EmbeddedDatabase db; private static EmbeddedDatabase db;
private static JWKSource<SecurityContext> jwkSource; private static JWKSource<SecurityContext> jwkSource;
@ -105,9 +105,9 @@ public class OAuth2AuthorizationServerMetadataTests {
public void requestWhenAuthorizationServerMetadataRequestAndIssuerSetThenUsed() throws Exception { public void requestWhenAuthorizationServerMetadataRequestAndIssuerSetThenUsed() throws Exception {
this.spring.register(AuthorizationServerConfiguration.class).autowire(); this.spring.register(AuthorizationServerConfiguration.class).autowire();
this.mvc.perform(get(DEFAULT_OAUTH2_AUTHORIZATION_SERVER_METADATA_ENDPOINT_URI)) this.mvc.perform(get(ISSUER_URL.concat(DEFAULT_OAUTH2_AUTHORIZATION_SERVER_METADATA_ENDPOINT_URI)))
.andExpect(status().is2xxSuccessful()) .andExpect(status().is2xxSuccessful())
.andExpect(jsonPath("issuer").value(issuerUrl)) .andExpect(jsonPath("issuer").value(ISSUER_URL))
.andReturn(); .andReturn();
} }
@ -115,7 +115,7 @@ public class OAuth2AuthorizationServerMetadataTests {
public void requestWhenAuthorizationServerMetadataRequestAndIssuerNotSetThenResolveFromRequest() throws Exception { public void requestWhenAuthorizationServerMetadataRequestAndIssuerNotSetThenResolveFromRequest() throws Exception {
this.spring.register(AuthorizationServerConfigurationWithIssuerNotSet.class).autowire(); this.spring.register(AuthorizationServerConfigurationWithIssuerNotSet.class).autowire();
this.mvc.perform(get(DEFAULT_OAUTH2_AUTHORIZATION_SERVER_METADATA_ENDPOINT_URI)) this.mvc.perform(get("http://localhost".concat(DEFAULT_OAUTH2_AUTHORIZATION_SERVER_METADATA_ENDPOINT_URI)))
.andExpect(status().is2xxSuccessful()) .andExpect(status().is2xxSuccessful())
.andExpect(jsonPath("issuer").value("http://localhost")) .andExpect(jsonPath("issuer").value("http://localhost"))
.andReturn(); .andReturn();
@ -126,7 +126,7 @@ public class OAuth2AuthorizationServerMetadataTests {
public void requestWhenAuthorizationServerMetadataRequestAndMetadataCustomizerSetThenReturnCustomMetadataResponse() throws Exception { public void requestWhenAuthorizationServerMetadataRequestAndMetadataCustomizerSetThenReturnCustomMetadataResponse() throws Exception {
this.spring.register(AuthorizationServerConfigurationWithMetadataCustomizer.class).autowire(); this.spring.register(AuthorizationServerConfigurationWithMetadataCustomizer.class).autowire();
this.mvc.perform(get(DEFAULT_OAUTH2_AUTHORIZATION_SERVER_METADATA_ENDPOINT_URI)) this.mvc.perform(get(ISSUER_URL.concat(DEFAULT_OAUTH2_AUTHORIZATION_SERVER_METADATA_ENDPOINT_URI)))
.andExpect(status().is2xxSuccessful()) .andExpect(status().is2xxSuccessful())
.andExpect(jsonPath(OAuth2AuthorizationServerMetadataClaimNames.SCOPES_SUPPORTED, .andExpect(jsonPath(OAuth2AuthorizationServerMetadataClaimNames.SCOPES_SUPPORTED,
hasItems("scope1", "scope2"))); hasItems("scope1", "scope2")));
@ -156,7 +156,7 @@ public class OAuth2AuthorizationServerMetadataTests {
@Bean @Bean
AuthorizationServerSettings authorizationServerSettings() { AuthorizationServerSettings authorizationServerSettings() {
return AuthorizationServerSettings.builder().issuer(issuerUrl).build(); return AuthorizationServerSettings.builder().issuer(ISSUER_URL).build();
} }
} }

68
oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/http/converter/OAuth2AuthorizationServerMetadataHttpMessageConverterTests.java
Unescape View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2020-2022 the original author or authors. * Copyright 2020-2023 the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -62,9 +62,9 @@ public class OAuth2AuthorizationServerMetadataHttpMessageConverterTests {
public void readInternalWhenRequiredParametersThenSuccess() throws Exception { public void readInternalWhenRequiredParametersThenSuccess() throws Exception {
// @formatter:off // @formatter:off
String authorizationServerMetadataResponse = "{\n" String authorizationServerMetadataResponse = "{\n"
+ " \"issuer\": \"https://example.com/issuer1\",\n" + " \"issuer\": \"https://example.com\",\n"
+ " \"authorization_endpoint\": \"https://example.com/issuer1/oauth2/authorize\",\n" + " \"authorization_endpoint\": \"https://example.com/oauth2/authorize\",\n"
+ " \"token_endpoint\": \"https://example.com/issuer1/oauth2/token\",\n" + " \"token_endpoint\": \"https://example.com/oauth2/token\",\n"
+ " \"response_types_supported\": [\"code\"]\n" + " \"response_types_supported\": [\"code\"]\n"
+ "}\n"; + "}\n";
// @formatter:on // @formatter:on
@ -72,9 +72,9 @@ public class OAuth2AuthorizationServerMetadataHttpMessageConverterTests {
OAuth2AuthorizationServerMetadata authorizationServerMetadata = this.messageConverter OAuth2AuthorizationServerMetadata authorizationServerMetadata = this.messageConverter
.readInternal(OAuth2AuthorizationServerMetadata.class, response); .readInternal(OAuth2AuthorizationServerMetadata.class, response);
assertThat(authorizationServerMetadata.getIssuer()).isEqualTo(new URL("https://example.com/issuer1")); assertThat(authorizationServerMetadata.getIssuer()).isEqualTo(new URL("https://example.com"));
assertThat(authorizationServerMetadata.getAuthorizationEndpoint()).isEqualTo(new URL("https://example.com/issuer1/oauth2/authorize")); assertThat(authorizationServerMetadata.getAuthorizationEndpoint()).isEqualTo(new URL("https://example.com/oauth2/authorize"));
assertThat(authorizationServerMetadata.getTokenEndpoint()).isEqualTo(new URL("https://example.com/issuer1/oauth2/token")); assertThat(authorizationServerMetadata.getTokenEndpoint()).isEqualTo(new URL("https://example.com/oauth2/token"));
assertThat(authorizationServerMetadata.getTokenEndpointAuthenticationMethods()).isNull(); assertThat(authorizationServerMetadata.getTokenEndpointAuthenticationMethods()).isNull();
assertThat(authorizationServerMetadata.getJwkSetUrl()).isNull(); assertThat(authorizationServerMetadata.getJwkSetUrl()).isNull();
assertThat(authorizationServerMetadata.getResponseTypes()).containsExactly("code"); assertThat(authorizationServerMetadata.getResponseTypes()).containsExactly("code");
@ -91,17 +91,17 @@ public class OAuth2AuthorizationServerMetadataHttpMessageConverterTests {
public void readInternalWhenValidParametersThenSuccess() throws Exception { public void readInternalWhenValidParametersThenSuccess() throws Exception {
// @formatter:off // @formatter:off
String authorizationServerMetadataResponse = "{\n" String authorizationServerMetadataResponse = "{\n"
+ " \"issuer\": \"https://example.com/issuer1\",\n" + " \"issuer\": \"https://example.com\",\n"
+ " \"authorization_endpoint\": \"https://example.com/issuer1/oauth2/authorize\",\n" + " \"authorization_endpoint\": \"https://example.com/oauth2/authorize\",\n"
+ " \"token_endpoint\": \"https://example.com/issuer1/oauth2/token\",\n" + " \"token_endpoint\": \"https://example.com/oauth2/token\",\n"
+ " \"token_endpoint_auth_methods_supported\": [\"client_secret_basic\"],\n" + " \"token_endpoint_auth_methods_supported\": [\"client_secret_basic\"],\n"
+ " \"jwks_uri\": \"https://example.com/issuer1/oauth2/jwks\",\n" + " \"jwks_uri\": \"https://example.com/oauth2/jwks\",\n"
+ " \"scopes_supported\": [\"openid\"],\n" + " \"scopes_supported\": [\"openid\"],\n"
+ " \"response_types_supported\": [\"code\"],\n" + " \"response_types_supported\": [\"code\"],\n"
+ " \"grant_types_supported\": [\"authorization_code\", \"client_credentials\"],\n" + " \"grant_types_supported\": [\"authorization_code\", \"client_credentials\"],\n"
+ " \"revocation_endpoint\": \"https://example.com/issuer1/oauth2/revoke\",\n" + " \"revocation_endpoint\": \"https://example.com/oauth2/revoke\",\n"
+ " \"revocation_endpoint_auth_methods_supported\": [\"client_secret_basic\"],\n" + " \"revocation_endpoint_auth_methods_supported\": [\"client_secret_basic\"],\n"
+ " \"introspection_endpoint\": \"https://example.com/issuer1/oauth2/introspect\",\n" + " \"introspection_endpoint\": \"https://example.com/oauth2/introspect\",\n"
+ " \"introspection_endpoint_auth_methods_supported\": [\"client_secret_basic\"],\n" + " \"introspection_endpoint_auth_methods_supported\": [\"client_secret_basic\"],\n"
+ " \"code_challenge_methods_supported\": [\"S256\"],\n" + " \"code_challenge_methods_supported\": [\"S256\"],\n"
+ " \"custom_claim\": \"value\",\n" + " \"custom_claim\": \"value\",\n"
@ -113,17 +113,17 @@ public class OAuth2AuthorizationServerMetadataHttpMessageConverterTests {
.readInternal(OAuth2AuthorizationServerMetadata.class, response); .readInternal(OAuth2AuthorizationServerMetadata.class, response);
assertThat(authorizationServerMetadata.getClaims()).hasSize(15); assertThat(authorizationServerMetadata.getClaims()).hasSize(15);
assertThat(authorizationServerMetadata.getIssuer()).isEqualTo(new URL("https://example.com/issuer1")); assertThat(authorizationServerMetadata.getIssuer()).isEqualTo(new URL("https://example.com"));
assertThat(authorizationServerMetadata.getAuthorizationEndpoint()).isEqualTo(new URL("https://example.com/issuer1/oauth2/authorize")); assertThat(authorizationServerMetadata.getAuthorizationEndpoint()).isEqualTo(new URL("https://example.com/oauth2/authorize"));
assertThat(authorizationServerMetadata.getTokenEndpoint()).isEqualTo(new URL("https://example.com/issuer1/oauth2/token")); assertThat(authorizationServerMetadata.getTokenEndpoint()).isEqualTo(new URL("https://example.com/oauth2/token"));
assertThat(authorizationServerMetadata.getTokenEndpointAuthenticationMethods()).containsExactly(ClientAuthenticationMethod.CLIENT_SECRET_BASIC.getValue()); assertThat(authorizationServerMetadata.getTokenEndpointAuthenticationMethods()).containsExactly(ClientAuthenticationMethod.CLIENT_SECRET_BASIC.getValue());
assertThat(authorizationServerMetadata.getJwkSetUrl()).isEqualTo(new URL("https://example.com/issuer1/oauth2/jwks")); assertThat(authorizationServerMetadata.getJwkSetUrl()).isEqualTo(new URL("https://example.com/oauth2/jwks"));
assertThat(authorizationServerMetadata.getScopes()).containsExactly("openid"); assertThat(authorizationServerMetadata.getScopes()).containsExactly("openid");
assertThat(authorizationServerMetadata.getResponseTypes()).containsExactly("code"); assertThat(authorizationServerMetadata.getResponseTypes()).containsExactly("code");
assertThat(authorizationServerMetadata.getGrantTypes()).containsExactlyInAnyOrder("authorization_code", "client_credentials"); assertThat(authorizationServerMetadata.getGrantTypes()).containsExactlyInAnyOrder("authorization_code", "client_credentials");
assertThat(authorizationServerMetadata.getTokenRevocationEndpoint()).isEqualTo(new URL("https://example.com/issuer1/oauth2/revoke")); assertThat(authorizationServerMetadata.getTokenRevocationEndpoint()).isEqualTo(new URL("https://example.com/oauth2/revoke"));
assertThat(authorizationServerMetadata.getTokenRevocationEndpointAuthenticationMethods()).containsExactly(ClientAuthenticationMethod.CLIENT_SECRET_BASIC.getValue()); assertThat(authorizationServerMetadata.getTokenRevocationEndpointAuthenticationMethods()).containsExactly(ClientAuthenticationMethod.CLIENT_SECRET_BASIC.getValue());
assertThat(authorizationServerMetadata.getTokenIntrospectionEndpoint()).isEqualTo(new URL("https://example.com/issuer1/oauth2/introspect")); assertThat(authorizationServerMetadata.getTokenIntrospectionEndpoint()).isEqualTo(new URL("https://example.com/oauth2/introspect"));
assertThat(authorizationServerMetadata.getTokenIntrospectionEndpointAuthenticationMethods()).containsExactly(ClientAuthenticationMethod.CLIENT_SECRET_BASIC.getValue()); assertThat(authorizationServerMetadata.getTokenIntrospectionEndpointAuthenticationMethods()).containsExactly(ClientAuthenticationMethod.CLIENT_SECRET_BASIC.getValue());
assertThat(authorizationServerMetadata.getCodeChallengeMethods()).containsExactly("S256"); assertThat(authorizationServerMetadata.getCodeChallengeMethods()).containsExactly("S256");
assertThat(authorizationServerMetadata.getClaimAsString("custom_claim")).isEqualTo("value"); assertThat(authorizationServerMetadata.getClaimAsString("custom_claim")).isEqualTo("value");
@ -159,18 +159,18 @@ public class OAuth2AuthorizationServerMetadataHttpMessageConverterTests {
public void writeInternalWhenOAuth2AuthorizationServerMetadataThenSuccess() { public void writeInternalWhenOAuth2AuthorizationServerMetadataThenSuccess() {
OAuth2AuthorizationServerMetadata authorizationServerMetadata = OAuth2AuthorizationServerMetadata authorizationServerMetadata =
OAuth2AuthorizationServerMetadata.builder() OAuth2AuthorizationServerMetadata.builder()
.issuer("https://example.com/issuer1") .issuer("https://example.com")
.authorizationEndpoint("https://example.com/issuer1/oauth2/authorize") .authorizationEndpoint("https://example.com/oauth2/authorize")
.tokenEndpoint("https://example.com/issuer1/oauth2/token") .tokenEndpoint("https://example.com/oauth2/token")
.tokenEndpointAuthenticationMethod(ClientAuthenticationMethod.CLIENT_SECRET_BASIC.getValue()) .tokenEndpointAuthenticationMethod(ClientAuthenticationMethod.CLIENT_SECRET_BASIC.getValue())
.jwkSetUrl("https://example.com/issuer1/oauth2/jwks") .jwkSetUrl("https://example.com/oauth2/jwks")
.scope("openid") .scope("openid")
.responseType("code") .responseType("code")
.grantType("authorization_code") .grantType("authorization_code")
.grantType("client_credentials") .grantType("client_credentials")
.tokenRevocationEndpoint("https://example.com/issuer1/oauth2/revoke") .tokenRevocationEndpoint("https://example.com/oauth2/revoke")
.tokenRevocationEndpointAuthenticationMethod(ClientAuthenticationMethod.CLIENT_SECRET_BASIC.getValue()) .tokenRevocationEndpointAuthenticationMethod(ClientAuthenticationMethod.CLIENT_SECRET_BASIC.getValue())
.tokenIntrospectionEndpoint("https://example.com/issuer1/oauth2/introspect") .tokenIntrospectionEndpoint("https://example.com/oauth2/introspect")
.tokenIntrospectionEndpointAuthenticationMethod(ClientAuthenticationMethod.CLIENT_SECRET_BASIC.getValue()) .tokenIntrospectionEndpointAuthenticationMethod(ClientAuthenticationMethod.CLIENT_SECRET_BASIC.getValue())
.codeChallengeMethod("S256") .codeChallengeMethod("S256")
.claim("custom_claim", "value") .claim("custom_claim", "value")
@ -181,17 +181,17 @@ public class OAuth2AuthorizationServerMetadataHttpMessageConverterTests {
this.messageConverter.writeInternal(authorizationServerMetadata, outputMessage); this.messageConverter.writeInternal(authorizationServerMetadata, outputMessage);
String authorizationServerMetadataResponse = outputMessage.getBodyAsString(); String authorizationServerMetadataResponse = outputMessage.getBodyAsString();
assertThat(authorizationServerMetadataResponse).contains("\"issuer\":\"https://example.com/issuer1\""); assertThat(authorizationServerMetadataResponse).contains("\"issuer\":\"https://example.com\"");
assertThat(authorizationServerMetadataResponse).contains("\"authorization_endpoint\":\"https://example.com/issuer1/oauth2/authorize\""); assertThat(authorizationServerMetadataResponse).contains("\"authorization_endpoint\":\"https://example.com/oauth2/authorize\"");
assertThat(authorizationServerMetadataResponse).contains("\"token_endpoint\":\"https://example.com/issuer1/oauth2/token\""); assertThat(authorizationServerMetadataResponse).contains("\"token_endpoint\":\"https://example.com/oauth2/token\"");
assertThat(authorizationServerMetadataResponse).contains("\"token_endpoint_auth_methods_supported\":[\"client_secret_basic\"]"); assertThat(authorizationServerMetadataResponse).contains("\"token_endpoint_auth_methods_supported\":[\"client_secret_basic\"]");
assertThat(authorizationServerMetadataResponse).contains("\"jwks_uri\":\"https://example.com/issuer1/oauth2/jwks\""); assertThat(authorizationServerMetadataResponse).contains("\"jwks_uri\":\"https://example.com/oauth2/jwks\"");
assertThat(authorizationServerMetadataResponse).contains("\"scopes_supported\":[\"openid\"]"); assertThat(authorizationServerMetadataResponse).contains("\"scopes_supported\":[\"openid\"]");
assertThat(authorizationServerMetadataResponse).contains("\"response_types_supported\":[\"code\"]"); assertThat(authorizationServerMetadataResponse).contains("\"response_types_supported\":[\"code\"]");
assertThat(authorizationServerMetadataResponse).contains("\"grant_types_supported\":[\"authorization_code\",\"client_credentials\"]"); assertThat(authorizationServerMetadataResponse).contains("\"grant_types_supported\":[\"authorization_code\",\"client_credentials\"]");
assertThat(authorizationServerMetadataResponse).contains("\"revocation_endpoint\":\"https://example.com/issuer1/oauth2/revoke\""); assertThat(authorizationServerMetadataResponse).contains("\"revocation_endpoint\":\"https://example.com/oauth2/revoke\"");
assertThat(authorizationServerMetadataResponse).contains("\"revocation_endpoint_auth_methods_supported\":[\"client_secret_basic\"]"); assertThat(authorizationServerMetadataResponse).contains("\"revocation_endpoint_auth_methods_supported\":[\"client_secret_basic\"]");
assertThat(authorizationServerMetadataResponse).contains("\"introspection_endpoint\":\"https://example.com/issuer1/oauth2/introspect\""); assertThat(authorizationServerMetadataResponse).contains("\"introspection_endpoint\":\"https://example.com/oauth2/introspect\"");
assertThat(authorizationServerMetadataResponse).contains("\"introspection_endpoint_auth_methods_supported\":[\"client_secret_basic\"]"); assertThat(authorizationServerMetadataResponse).contains("\"introspection_endpoint_auth_methods_supported\":[\"client_secret_basic\"]");
assertThat(authorizationServerMetadataResponse).contains("\"code_challenge_methods_supported\":[\"S256\"]"); assertThat(authorizationServerMetadataResponse).contains("\"code_challenge_methods_supported\":[\"S256\"]");
assertThat(authorizationServerMetadataResponse).contains("\"custom_claim\":\"value\""); assertThat(authorizationServerMetadataResponse).contains("\"custom_claim\":\"value\"");
@ -210,9 +210,9 @@ public class OAuth2AuthorizationServerMetadataHttpMessageConverterTests {
MockHttpOutputMessage outputMessage = new MockHttpOutputMessage(); MockHttpOutputMessage outputMessage = new MockHttpOutputMessage();
OAuth2AuthorizationServerMetadata authorizationServerMetadata = OAuth2AuthorizationServerMetadata authorizationServerMetadata =
OAuth2AuthorizationServerMetadata.builder() OAuth2AuthorizationServerMetadata.builder()
.issuer("https://example.com/issuer1") .issuer("https://example.com")
.authorizationEndpoint("https://example.com/issuer1/oauth2/authorize") .authorizationEndpoint("https://example.com/oauth2/authorize")
.tokenEndpoint("https://example.com/issuer1/oauth2/token") .tokenEndpoint("https://example.com/oauth2/token")
.responseType("code") .responseType("code")
.build(); .build();

16
oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/web/OAuth2AuthorizationServerMetadataEndpointFilterTests.java
Unescape View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2020-2022 the original author or authors. * Copyright 2020-2023 the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -87,7 +87,7 @@ public class OAuth2AuthorizationServerMetadataEndpointFilterTests {
@Test @Test
public void doFilterWhenAuthorizationServerMetadataRequestThenMetadataResponse() throws Exception { public void doFilterWhenAuthorizationServerMetadataRequestThenMetadataResponse() throws Exception {
String issuer = "https://example.com/issuer1"; String issuer = "https://example.com";
String authorizationEndpoint = "/oauth2/v1/authorize"; String authorizationEndpoint = "/oauth2/v1/authorize";
String tokenEndpoint = "/oauth2/v1/token"; String tokenEndpoint = "/oauth2/v1/token";
String jwkSetEndpoint = "/oauth2/v1/jwks"; String jwkSetEndpoint = "/oauth2/v1/jwks";
@ -116,16 +116,16 @@ public class OAuth2AuthorizationServerMetadataEndpointFilterTests {
assertThat(response.getContentType()).isEqualTo(MediaType.APPLICATION_JSON_VALUE); assertThat(response.getContentType()).isEqualTo(MediaType.APPLICATION_JSON_VALUE);
String authorizationServerMetadataResponse = response.getContentAsString(); String authorizationServerMetadataResponse = response.getContentAsString();
assertThat(authorizationServerMetadataResponse).contains("\"issuer\":\"https://example.com/issuer1\""); assertThat(authorizationServerMetadataResponse).contains("\"issuer\":\"https://example.com\"");
assertThat(authorizationServerMetadataResponse).contains("\"authorization_endpoint\":\"https://example.com/issuer1/oauth2/v1/authorize\""); assertThat(authorizationServerMetadataResponse).contains("\"authorization_endpoint\":\"https://example.com/oauth2/v1/authorize\"");
assertThat(authorizationServerMetadataResponse).contains("\"token_endpoint\":\"https://example.com/issuer1/oauth2/v1/token\""); assertThat(authorizationServerMetadataResponse).contains("\"token_endpoint\":\"https://example.com/oauth2/v1/token\"");
assertThat(authorizationServerMetadataResponse).contains("\"token_endpoint_auth_methods_supported\":[\"client_secret_basic\",\"client_secret_post\",\"client_secret_jwt\",\"private_key_jwt\"]"); assertThat(authorizationServerMetadataResponse).contains("\"token_endpoint_auth_methods_supported\":[\"client_secret_basic\",\"client_secret_post\",\"client_secret_jwt\",\"private_key_jwt\"]");
assertThat(authorizationServerMetadataResponse).contains("\"jwks_uri\":\"https://example.com/issuer1/oauth2/v1/jwks\""); assertThat(authorizationServerMetadataResponse).contains("\"jwks_uri\":\"https://example.com/oauth2/v1/jwks\"");
assertThat(authorizationServerMetadataResponse).contains("\"response_types_supported\":[\"code\"]"); assertThat(authorizationServerMetadataResponse).contains("\"response_types_supported\":[\"code\"]");
assertThat(authorizationServerMetadataResponse).contains("\"grant_types_supported\":[\"authorization_code\",\"client_credentials\",\"refresh_token\"]"); assertThat(authorizationServerMetadataResponse).contains("\"grant_types_supported\":[\"authorization_code\",\"client_credentials\",\"refresh_token\"]");
assertThat(authorizationServerMetadataResponse).contains("\"revocation_endpoint\":\"https://example.com/issuer1/oauth2/v1/revoke\""); assertThat(authorizationServerMetadataResponse).contains("\"revocation_endpoint\":\"https://example.com/oauth2/v1/revoke\"");
assertThat(authorizationServerMetadataResponse).contains("\"revocation_endpoint_auth_methods_supported\":[\"client_secret_basic\",\"client_secret_post\",\"client_secret_jwt\",\"private_key_jwt\"]"); assertThat(authorizationServerMetadataResponse).contains("\"revocation_endpoint_auth_methods_supported\":[\"client_secret_basic\",\"client_secret_post\",\"client_secret_jwt\",\"private_key_jwt\"]");
assertThat(authorizationServerMetadataResponse).contains("\"introspection_endpoint\":\"https://example.com/issuer1/oauth2/v1/introspect\""); assertThat(authorizationServerMetadataResponse).contains("\"introspection_endpoint\":\"https://example.com/oauth2/v1/introspect\"");
assertThat(authorizationServerMetadataResponse).contains("\"introspection_endpoint_auth_methods_supported\":[\"client_secret_basic\",\"client_secret_post\",\"client_secret_jwt\",\"private_key_jwt\"]"); assertThat(authorizationServerMetadataResponse).contains("\"introspection_endpoint_auth_methods_supported\":[\"client_secret_basic\",\"client_secret_post\",\"client_secret_jwt\",\"private_key_jwt\"]");
assertThat(authorizationServerMetadataResponse).contains("\"code_challenge_methods_supported\":[\"S256\"]"); assertThat(authorizationServerMetadataResponse).contains("\"code_challenge_methods_supported\":[\"S256\"]");
} }

Write Preview
Loading…
Cancel
Save