List of usage examples for org.springframework.boot.actuate.autoconfigure.cloudfoundry Token Token
public Token(String encoded)
From source file:org.springframework.boot.actuate.autoconfigure.cloudfoundry.CloudFoundrySecurityInterceptor.java
private Token getToken(HttpServletRequest request) { String authorization = request.getHeader("Authorization"); String bearerPrefix = "bearer "; if (authorization == null || !authorization.toLowerCase().startsWith(bearerPrefix)) { throw new CloudFoundryAuthorizationException( CloudFoundryAuthorizationException.Reason.MISSING_AUTHORIZATION, "Authorization header is missing or invalid"); }/* w ww.j a v a2s .c o m*/ return new Token(authorization.substring(bearerPrefix.length())); }
From source file:org.springframework.boot.actuate.autoconfigure.cloudfoundry.reactive.CloudFoundrySecurityInterceptor.java
private Token getToken(ServerHttpRequest request) { String authorization = request.getHeaders().getFirst("Authorization"); String bearerPrefix = "bearer "; if (authorization == null || !authorization.toLowerCase(Locale.ENGLISH).startsWith(bearerPrefix)) { throw new CloudFoundryAuthorizationException(Reason.MISSING_AUTHORIZATION, "Authorization header is missing or invalid"); }// w w w. ja v a2 s . c om return new Token(authorization.substring(bearerPrefix.length())); }
From source file:org.springframework.boot.actuate.autoconfigure.cloudfoundry.reactive.ReactiveCloudFoundrySecurityInterceptor.java
private Token getToken(ServerHttpRequest request) { String authorization = request.getHeaders().getFirst("Authorization"); String bearerPrefix = "bearer "; if (authorization == null || !authorization.toLowerCase().startsWith(bearerPrefix)) { throw new CloudFoundryAuthorizationException(Reason.MISSING_AUTHORIZATION, "Authorization header is missing or invalid"); }/*from www .jav a 2s .c o m*/ return new Token(authorization.substring(bearerPrefix.length())); }
From source file:org.springframework.boot.actuate.autoconfigure.cloudfoundry.reactive.ReactiveTokenValidatorTests.java
@Test public void validateTokenWhenKidValidationFailsTwiceShouldThrowException() throws Exception { PublisherProbe<Map<String, String>> fetchTokenKeys = PublisherProbe.of(Mono.just(VALID_KEYS)); ReflectionTestUtils.setField(this.tokenValidator, "cachedTokenKeys", VALID_KEYS); given(this.securityService.fetchTokenKeys()).willReturn(fetchTokenKeys.mono()); given(this.securityService.getUaaUrl()).willReturn(Mono.just("http://localhost:8080/uaa")); String header = "{\"alg\": \"RS256\", \"kid\": \"invalid-key\",\"typ\": \"JWT\"}"; String claims = "{\"exp\": 2147483647, \"iss\": \"http://localhost:8080/uaa/oauth/token\", \"scope\": [\"actuator.read\"]}"; StepVerifier//www. j a v a2s .c o m .create(this.tokenValidator .validate(new Token(getSignedToken(header.getBytes(), claims.getBytes())))) .consumeErrorWith((ex) -> { assertThat(ex).isExactlyInstanceOf(CloudFoundryAuthorizationException.class); assertThat(((CloudFoundryAuthorizationException) ex).getReason()) .isEqualTo(Reason.INVALID_KEY_ID); }).verify(); Object cachedTokenKeys = ReflectionTestUtils.getField(this.tokenValidator, "cachedTokenKeys"); assertThat(cachedTokenKeys).isEqualTo(VALID_KEYS); fetchTokenKeys.assertWasSubscribed(); }
From source file:org.springframework.boot.actuate.autoconfigure.cloudfoundry.reactive.ReactiveTokenValidatorTests.java
@Test public void validateTokenWhenKidValidationSucceedsInTheSecondAttempt() throws Exception { PublisherProbe<Map<String, String>> fetchTokenKeys = PublisherProbe.of(Mono.just(VALID_KEYS)); ReflectionTestUtils.setField(this.tokenValidator, "cachedTokenKeys", INVALID_KEYS); given(this.securityService.fetchTokenKeys()).willReturn(fetchTokenKeys.mono()); given(this.securityService.getUaaUrl()).willReturn(Mono.just("http://localhost:8080/uaa")); String header = "{\"alg\": \"RS256\", \"kid\": \"valid-key\",\"typ\": \"JWT\"}"; String claims = "{\"exp\": 2147483647, \"iss\": \"http://localhost:8080/uaa/oauth/token\", \"scope\": [\"actuator.read\"]}"; StepVerifier//from www.j a v a 2 s . c o m .create(this.tokenValidator .validate(new Token(getSignedToken(header.getBytes(), claims.getBytes())))) .verifyComplete(); Object cachedTokenKeys = ReflectionTestUtils.getField(this.tokenValidator, "cachedTokenKeys"); assertThat(cachedTokenKeys).isEqualTo(VALID_KEYS); fetchTokenKeys.assertWasSubscribed(); }
From source file:org.springframework.boot.actuate.autoconfigure.cloudfoundry.reactive.ReactiveTokenValidatorTests.java
@Test public void validateTokenWhenCacheIsEmptyShouldFetchTokenKeys() throws Exception { PublisherProbe<Map<String, String>> fetchTokenKeys = PublisherProbe.of(Mono.just(VALID_KEYS)); given(this.securityService.fetchTokenKeys()).willReturn(fetchTokenKeys.mono()); given(this.securityService.getUaaUrl()).willReturn(Mono.just("http://localhost:8080/uaa")); String header = "{\"alg\": \"RS256\", \"kid\": \"valid-key\",\"typ\": \"JWT\"}"; String claims = "{\"exp\": 2147483647, \"iss\": \"http://localhost:8080/uaa/oauth/token\", \"scope\": [\"actuator.read\"]}"; StepVerifier// w ww . j a v a2s. c o m .create(this.tokenValidator .validate(new Token(getSignedToken(header.getBytes(), claims.getBytes())))) .verifyComplete(); Object cachedTokenKeys = ReflectionTestUtils.getField(this.tokenValidator, "cachedTokenKeys"); assertThat(cachedTokenKeys).isEqualTo(VALID_KEYS); fetchTokenKeys.assertWasSubscribed(); }
From source file:org.springframework.boot.actuate.autoconfigure.cloudfoundry.reactive.ReactiveTokenValidatorTests.java
@Test public void validateTokenWhenCacheEmptyAndInvalidKeyShouldThrowException() throws Exception { PublisherProbe<Map<String, String>> fetchTokenKeys = PublisherProbe.of(Mono.just(VALID_KEYS)); given(this.securityService.fetchTokenKeys()).willReturn(fetchTokenKeys.mono()); given(this.securityService.getUaaUrl()).willReturn(Mono.just("http://localhost:8080/uaa")); String header = "{\"alg\": \"RS256\", \"kid\": \"invalid-key\",\"typ\": \"JWT\"}"; String claims = "{\"exp\": 2147483647, \"iss\": \"http://localhost:8080/uaa/oauth/token\", \"scope\": [\"actuator.read\"]}"; StepVerifier/*w ww .j av a 2 s. co m*/ .create(this.tokenValidator .validate(new Token(getSignedToken(header.getBytes(), claims.getBytes())))) .consumeErrorWith((ex) -> { assertThat(ex).isExactlyInstanceOf(CloudFoundryAuthorizationException.class); assertThat(((CloudFoundryAuthorizationException) ex).getReason()) .isEqualTo(Reason.INVALID_KEY_ID); }).verify(); Object cachedTokenKeys = ReflectionTestUtils.getField(this.tokenValidator, "cachedTokenKeys"); assertThat(cachedTokenKeys).isEqualTo(VALID_KEYS); fetchTokenKeys.assertWasSubscribed(); }
From source file:org.springframework.boot.actuate.autoconfigure.cloudfoundry.reactive.ReactiveTokenValidatorTests.java
@Test public void validateTokenWhenCacheValidShouldNotFetchTokenKeys() throws Exception { PublisherProbe<Map<String, String>> fetchTokenKeys = PublisherProbe.empty(); ReflectionTestUtils.setField(this.tokenValidator, "cachedTokenKeys", VALID_KEYS); given(this.securityService.fetchTokenKeys()).willReturn(fetchTokenKeys.mono()); given(this.securityService.getUaaUrl()).willReturn(Mono.just("http://localhost:8080/uaa")); String header = "{\"alg\": \"RS256\", \"kid\": \"valid-key\",\"typ\": \"JWT\"}"; String claims = "{\"exp\": 2147483647, \"iss\": \"http://localhost:8080/uaa/oauth/token\", \"scope\": [\"actuator.read\"]}"; StepVerifier/*from w ww . j a v a2 s . com*/ .create(this.tokenValidator .validate(new Token(getSignedToken(header.getBytes(), claims.getBytes())))) .verifyComplete(); fetchTokenKeys.assertWasNotSubscribed(); }
From source file:org.springframework.boot.actuate.autoconfigure.cloudfoundry.reactive.ReactiveTokenValidatorTests.java
@Test public void validateTokenWhenSignatureInvalidShouldThrowException() throws Exception { Map<String, String> KEYS = Collections.singletonMap("valid-key", INVALID_KEY); given(this.securityService.fetchTokenKeys()).willReturn(Mono.just(KEYS)); given(this.securityService.getUaaUrl()).willReturn(Mono.just("http://localhost:8080/uaa")); String header = "{ \"alg\": \"RS256\", \"kid\": \"valid-key\",\"typ\": \"JWT\"}"; String claims = "{ \"exp\": 2147483647, \"iss\": \"http://localhost:8080/uaa/oauth/token\", \"scope\": [\"actuator.read\"]}"; StepVerifier/*from w ww .jav a2s . c o m*/ .create(this.tokenValidator .validate(new Token(getSignedToken(header.getBytes(), claims.getBytes())))) .consumeErrorWith((ex) -> { assertThat(ex).isExactlyInstanceOf(CloudFoundryAuthorizationException.class); assertThat(((CloudFoundryAuthorizationException) ex).getReason()) .isEqualTo(Reason.INVALID_SIGNATURE); }).verify(); }
From source file:org.springframework.boot.actuate.autoconfigure.cloudfoundry.reactive.ReactiveTokenValidatorTests.java
@Test public void validateTokenWhenTokenAlgorithmIsNotRS256ShouldThrowException() throws Exception { given(this.securityService.fetchTokenKeys()).willReturn(Mono.just(VALID_KEYS)); given(this.securityService.getUaaUrl()).willReturn(Mono.just("http://localhost:8080/uaa")); String header = "{ \"alg\": \"HS256\", \"kid\": \"valid-key\", \"typ\": \"JWT\"}"; String claims = "{ \"exp\": 2147483647, \"iss\": \"http://localhost:8080/uaa/oauth/token\", \"scope\": [\"actuator.read\"]}"; StepVerifier/*from ww w .j a va2 s. com*/ .create(this.tokenValidator .validate(new Token(getSignedToken(header.getBytes(), claims.getBytes())))) .consumeErrorWith((ex) -> { assertThat(ex).isExactlyInstanceOf(CloudFoundryAuthorizationException.class); assertThat(((CloudFoundryAuthorizationException) ex).getReason()) .isEqualTo(Reason.UNSUPPORTED_TOKEN_SIGNING_ALGORITHM); }).verify(); }