Add oidcLogin MockMvc Test Support

Fixes gh-7618

Author: jzheaux

samples/boot/oauth2login/src/integration-test/java/sample/OAuth2LoginApplicationTests.java

@@ -18,6 +18,7 @@
 import java.net.URI;
 import java.net.URL;
 import java.net.URLDecoder;
+import java.util.Collections;
 import java.util.HashMap;
 import java.util.HashSet;
 import java.util.List;
@@ -40,6 +41,7 @@
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.boot.test.autoconfigure.web.servlet.AutoConfigureMockMvc;
 import org.springframework.boot.test.context.SpringBootTest;
+import org.springframework.context.annotation.Bean;
 import org.springframework.http.HttpStatus;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
@@ -51,7 +53,9 @@
 import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository;
 import org.springframework.security.oauth2.client.userinfo.OAuth2UserRequest;
 import org.springframework.security.oauth2.client.userinfo.OAuth2UserService;
+import org.springframework.security.oauth2.client.web.HttpSessionOAuth2AuthorizedClientRepository;
 import org.springframework.security.oauth2.client.web.OAuth2AuthorizationRequestRedirectFilter;
+import org.springframework.security.oauth2.client.web.OAuth2AuthorizedClientRepository;
 import org.springframework.security.oauth2.client.web.OAuth2LoginAuthenticationFilter;
 import org.springframework.security.oauth2.core.OAuth2AccessToken;
 import org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse;
@@ -61,13 +65,18 @@
 import org.springframework.security.oauth2.core.user.OAuth2User;
 import org.springframework.security.oauth2.core.user.OAuth2UserAuthority;
 import org.springframework.test.context.junit4.SpringRunner;
+import org.springframework.test.web.servlet.MockMvc;
 import org.springframework.web.util.UriComponents;
 import org.springframework.web.util.UriComponentsBuilder;
 
 import static org.assertj.core.api.Assertions.assertThat;
 import static org.mockito.ArgumentMatchers.any;
 import static org.mockito.Mockito.mock;
 import static org.mockito.Mockito.when;
+import static org.springframework.security.oauth2.core.oidc.IdTokenClaimNames.SUB;
+import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.oidcLogin;
+import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
+import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.model;
 
 /**
  * Integration tests for the OAuth 2.0 client filters {@link OAuth2AuthorizationRequestRedirectFilter}
@@ -87,6 +96,9 @@ public class OAuth2LoginApplicationTests {
 	@Autowired
 	private WebClient webClient;
 
+	@Autowired
+	private MockMvc mvc;
+
 	@Autowired
 	private ClientRegistrationRepository clientRegistrationRepository;
 
@@ -284,6 +296,15 @@ public void requestAuthorizationCodeGrantWhenInvalidRedirectUriThenDisplayLoginP
 		assertThat(errorElement.asText()).contains("invalid_redirect_uri_parameter");
 	}
 
+	@Test
+	public void requestWhenMockOidcLoginThenIndex() throws Exception {
+		ClientRegistration clientRegistration = this.clientRegistrationRepository.findByRegistrationId("github");
+		this.mvc.perform(get("/").with(oidcLogin().clientRegistration(clientRegistration)))
+				.andExpect(model().attribute("userName", "test-subject"))
+				.andExpect(model().attribute("clientName", "GitHub"))
+				.andExpect(model().attribute("userAttributes", Collections.singletonMap(SUB, "test-subject")));
+	}
+
 	private void assertLoginPage(HtmlPage page) {
 		assertThat(page.getTitleText()).isEqualTo("Please sign in");
 
@@ -397,5 +418,10 @@ private OAuth2UserService<OAuth2UserRequest, OAuth2User> mockUserService() {
 			when(userService.loadUser(any())).thenReturn(user);
 			return userService;
 		}
+
+		@Bean
+		OAuth2AuthorizedClientRepository authorizedClientRepository() {
+			return new HttpSessionOAuth2AuthorizedClientRepository();
+		}
 	}
 }

samples/boot/oauth2login/src/test/java/sample/web/OAuth2LoginControllerTests.java

@@ -0,0 +1,94 @@
+/*
+ * Copyright 2002-2019 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package sample.web;
+
+import java.util.Collections;
+
+import org.junit.Test;
+import org.junit.runner.RunWith;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.test.autoconfigure.web.servlet.WebMvcTest;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.Import;
+import org.springframework.security.oauth2.client.registration.ClientRegistration;
+import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository;
+import org.springframework.security.oauth2.client.registration.InMemoryClientRegistrationRepository;
+import org.springframework.security.oauth2.client.web.HttpSessionOAuth2AuthorizedClientRepository;
+import org.springframework.security.oauth2.client.web.OAuth2AuthorizedClientRepository;
+import org.springframework.security.oauth2.core.AuthorizationGrantType;
+import org.springframework.test.context.junit4.SpringRunner;
+import org.springframework.test.web.servlet.MockMvc;
+
+import static org.springframework.security.oauth2.core.oidc.IdTokenClaimNames.SUB;
+import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.oidcLogin;
+import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
+import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.model;
+
+/**
+ * Tests for {@link OAuth2LoginController}
+ *
+ * @author Josh Cummings
+ */
+@RunWith(SpringRunner.class)
+@WebMvcTest
+@Import({OAuth2LoginController.class, OAuth2LoginControllerTests.OAuth2ClientConfig.class})
+public class OAuth2LoginControllerTests {
+
+	static ClientRegistration clientRegistration = ClientRegistration.withRegistrationId("test")
+			.authorizationGrantType(AuthorizationGrantType.PASSWORD)
+			.clientId("my-client-id")
+			.clientName("my-client-name")
+			.tokenUri("https://token-uri.example.org")
+			.build();
+
+	@Autowired
+	MockMvc mvc;
+
+	@Test
+	public void rootWhenAuthenticatedReturnsUserAndClient() throws Exception {
+		this.mvc.perform(get("/").with(oidcLogin()))
+			.andExpect(model().attribute("userName", "test-subject"))
+			.andExpect(model().attribute("clientName", "test"))
+			.andExpect(model().attribute("userAttributes", Collections.singletonMap(SUB, "test-subject")));
+	}
+
+	@Test
+	public void rootWhenOverridingClientRegistrationReturnsAccordingly() throws Exception {
+		this.mvc.perform(get("/").with(oidcLogin()
+				.clientRegistration(clientRegistration)
+				.idToken(i -> i.subject("spring-security"))))
+				.andExpect(model().attribute("userName", "spring-security"))
+				.andExpect(model().attribute("clientName", "my-client-name"))
+				.andExpect(model().attribute("userAttributes", Collections.singletonMap(SUB, "spring-security")));
+	}
+
+	@Configuration
+	static class OAuth2ClientConfig {
+
+		@Bean
+		ClientRegistrationRepository clientRegistrationRepository() {
+			return new InMemoryClientRegistrationRepository(clientRegistration);
+		}
+
+		@Bean
+		OAuth2AuthorizedClientRepository authorizedClientRepository() {
+			return new HttpSessionOAuth2AuthorizedClientRepository();
+		}
+	}
+}

test/spring-security-test.gradle

@@ -7,6 +7,7 @@ dependencies {
 	compile 'org.springframework:spring-test'
 
 	optional project(':spring-security-config')
+	optional project(':spring-security-oauth2-client')
 	optional project(':spring-security-oauth2-jose')
 	optional project(':spring-security-oauth2-resource-server')
 	optional 'io.projectreactor:reactor-core'