Additional HttpSessionOAuth2AuthorizationRequestRepository tests

Issue gh-5145
5 years ago · c9a8419e22
1 changed files with 45 additions and 0 deletions
--- a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/web/HttpSessionOAuth2AuthorizationRequestRepositoryAllowMultipleAuthorizationRequestsTests.java
+++ b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/web/HttpSessionOAuth2AuthorizationRequestRepositoryAllowMultipleAuthorizationRequestsTests.java
@ -73,4 +73,49 @@ public class HttpSessionOAuth2AuthorizationRequestRepositoryAllowMultipleAuthori
				@@ -73,4 +73,49 @@ public class HttpSessionOAuth2AuthorizationRequestRepositoryAllowMultipleAuthori
 		assertThat(loadedAuthorizationRequest3).isEqualTo(authorizationRequest3);
 	}

+	@Test
+	public void loadAuthorizationRequestWhenSavedWithAllowMultipleAuthorizationRequests() {
+		// save 2 requests with legacy (allowMultipleAuthorizationRequests=true) and load
+		// with new
+		HttpSessionOAuth2AuthorizationRequestRepository legacy = new HttpSessionOAuth2AuthorizationRequestRepository();
+		legacy.setAllowMultipleAuthorizationRequests(true);
+		MockHttpServletRequest request = new MockHttpServletRequest();
+		MockHttpServletResponse response = new MockHttpServletResponse();
+		String state1 = "state-1122";
+		OAuth2AuthorizationRequest authorizationRequest1 = createAuthorizationRequest().state(state1).build();
+		legacy.saveAuthorizationRequest(authorizationRequest1, request, response);
+		String state2 = "state-3344";
+		OAuth2AuthorizationRequest authorizationRequest2 = createAuthorizationRequest().state(state2).build();
+		legacy.saveAuthorizationRequest(authorizationRequest2, request, response);
+
+		request.setParameter(OAuth2ParameterNames.STATE, state1);
+		OAuth2AuthorizationRequest loaded = this.authorizationRequestRepository.loadAuthorizationRequest(request);
+
+		assertThat(loaded).isEqualTo(authorizationRequest1);
+	}
+
+	@Test
+	public void saveAuthorizationRequestWhenSavedWithAllowMultipleAuthorizationRequests() {
+		// save 2 requests with legacy (allowMultipleAuthorizationRequests=true), save
+		// with new, and load with new
+		HttpSessionOAuth2AuthorizationRequestRepository legacy = new HttpSessionOAuth2AuthorizationRequestRepository();
+		legacy.setAllowMultipleAuthorizationRequests(true);
+		MockHttpServletRequest request = new MockHttpServletRequest();
+		MockHttpServletResponse response = new MockHttpServletResponse();
+		String state1 = "state-1122";
+		OAuth2AuthorizationRequest authorizationRequest1 = createAuthorizationRequest().state(state1).build();
+		legacy.saveAuthorizationRequest(authorizationRequest1, request, response);
+		String state2 = "state-3344";
+		OAuth2AuthorizationRequest authorizationRequest2 = createAuthorizationRequest().state(state2).build();
+		legacy.saveAuthorizationRequest(authorizationRequest2, request, response);
+		String state3 = "state-5566";
+		OAuth2AuthorizationRequest authorizationRequest3 = createAuthorizationRequest().state(state3).build();
+
+		this.authorizationRequestRepository.saveAuthorizationRequest(authorizationRequest3, request, response);
+		request.setParameter(OAuth2ParameterNames.STATE, state3);
+		OAuth2AuthorizationRequest loaded = this.authorizationRequestRepository.loadAuthorizationRequest(request);
+
+		assertThat(loaded).isEqualTo(authorizationRequest3);
+	}
+
 }