diff --git a/spring-addons-oauth2-test/src/main/java/com/c4_soft/springaddons/security/oauth2/test/annotations/WithJwt.java b/spring-addons-oauth2-test/src/main/java/com/c4_soft/springaddons/security/oauth2/test/annotations/WithJwt.java index 0f3f0c132..bcf00aebf 100644 --- a/spring-addons-oauth2-test/src/main/java/com/c4_soft/springaddons/security/oauth2/test/annotations/WithJwt.java +++ b/spring-addons-oauth2-test/src/main/java/com/c4_soft/springaddons/security/oauth2/test/annotations/WithJwt.java @@ -35,6 +35,7 @@ import org.springframework.security.core.context.SecurityContext; import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.security.oauth2.jwt.Jwt; +import org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationConverter; import org.springframework.security.test.context.support.WithSecurityContext; import org.springframework.security.test.context.support.WithSecurityContextFactory; import org.springframework.util.StringUtils; @@ -109,6 +110,8 @@ public static final class AuthenticationFactory implements WithSecurityContextFa private final Optional>> reactiveJwtAuthenticationConverter; + private final Converter defaultAuthenticationConverter = new JwtAuthenticationConverter(); + @Override public SecurityContext createSecurityContext(WithJwt annotation) { final var auth = authentication(annotation); @@ -160,9 +163,7 @@ public AbstractAuthenticationToken authentication(Map claims, Ma }).orElseGet(() -> reactiveJwtAuthenticationConverter.map(c -> { final AbstractAuthenticationToken auth = c.convert(jwt).block(); return auth; - }).orElseThrow(() -> { - return new RuntimeException("Missing jwtAuthenticationConverter bean"); - })); + }).orElse(defaultAuthenticationConverter.convert(jwt))); } /** diff --git a/spring-addons-oauth2-test/src/main/java/com/c4_soft/springaddons/security/oauth2/test/annotations/WithOpaqueToken.java b/spring-addons-oauth2-test/src/main/java/com/c4_soft/springaddons/security/oauth2/test/annotations/WithOpaqueToken.java index cdf2c1046..eed33cb29 100644 --- a/spring-addons-oauth2-test/src/main/java/com/c4_soft/springaddons/security/oauth2/test/annotations/WithOpaqueToken.java +++ b/spring-addons-oauth2-test/src/main/java/com/c4_soft/springaddons/security/oauth2/test/annotations/WithOpaqueToken.java @@ -20,6 +20,7 @@ import java.lang.annotation.Retention; import java.lang.annotation.RetentionPolicy; import java.lang.annotation.Target; +import java.time.Instant; import java.util.Collection; import java.util.HashMap; import java.util.Map; @@ -33,7 +34,10 @@ import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.context.SecurityContext; import org.springframework.security.core.context.SecurityContextHolder; +import org.springframework.security.oauth2.core.OAuth2AccessToken; import org.springframework.security.oauth2.core.OAuth2AuthenticatedPrincipal; +import org.springframework.security.oauth2.core.OAuth2TokenIntrospectionClaimNames; +import org.springframework.security.oauth2.server.resource.authentication.BearerTokenAuthentication; import org.springframework.security.oauth2.server.resource.introspection.OpaqueTokenAuthenticationConverter; import org.springframework.security.oauth2.server.resource.introspection.ReactiveOpaqueTokenAuthenticationConverter; import org.springframework.security.test.context.support.WithSecurityContext; @@ -74,9 +78,9 @@ * return authFactory.authenticationsFrom("ch4mp.json", "tonton-pirate.json"); * } * - * - * If using spring-addons-oauth2-test without spring-addons-starter-oidc-test, you should explicitly import - * @Import(AuthenticationFactoriesTestConf.class) (otherwise, the @Addons...Test will pull this configuration for you) + * + * If using spring-addons-oauth2-test without spring-addons-starter-oidc-test, you should explicitly import @Import(AuthenticationFactoriesTestConf.class) + * (otherwise, the @Addons...Test will pull this configuration for you) * * @author Jérôme Wacongne <ch4mp@c4-soft.com> */ @@ -164,8 +168,13 @@ public Map getAttributes() { }).orElseGet(() -> reactiveOpaqueTokenAuthenticationConverter.map(c -> { final var auth = c.convert(bearerString, principal).block(); return auth; - }).orElseThrow(() -> { - return new RuntimeException("Missing opaque token authentication converter bean"); + }).orElseGet(() -> { + Instant iat = + Optional.ofNullable(principal.getAttribute(OAuth2TokenIntrospectionClaimNames.IAT)).map(Instant.class::cast).orElse(Instant.now()); + Instant exp = Optional.ofNullable(principal.getAttribute(OAuth2TokenIntrospectionClaimNames.EXP)).map(Instant.class::cast) + .orElse(Instant.ofEpochSecond(Instant.now().getEpochSecond() + 300)); + OAuth2AccessToken accessToken = new OAuth2AccessToken(OAuth2AccessToken.TokenType.BEARER, bearerString, iat, exp); + return new BearerTokenAuthentication(principal, accessToken, principal.getAuthorities()); })); }