Skip to content

Commit fbf49f9

Browse files
mpalourdiompalourdio
committed
fix: Allow OidcAuthorizedClientRefreshedEventListener refreshing if authentication subclasses OAuth2AuthenticationToken - 2
1 parent 92533fb commit fbf49f9

File tree

1 file changed

+12
-6
lines changed

1 file changed

+12
-6
lines changed

config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OidcUserRefreshedEventListenerConfigurationTests.java

Lines changed: 12 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -237,11 +237,14 @@ public void authorizeWhenAuthenticationIsCustomThenOidcUserNotRefreshed() {
237237

238238
OAuth2AuthorizedClient authorizedClient = createAuthorizedClient();
239239
OAuth2AccessTokenResponse accessTokenResponse = createAccessTokenResponse(OidcScopes.OPENID);
240+
Jwt jwt = createJwt().build();
240241
given(this.authorizedClientRepository.loadAuthorizedClient(anyString(), any(Authentication.class),
241242
any(HttpServletRequest.class)))
242-
.willReturn(authorizedClient);
243+
.willReturn(authorizedClient);
243244
given(this.refreshTokenAccessTokenResponseClient.getTokenResponse(any(OAuth2RefreshTokenGrantRequest.class)))
244-
.willReturn(accessTokenResponse);
245+
.willReturn(accessTokenResponse);
246+
given(this.jwtDecoder.decode(anyString())).willReturn(jwt);
247+
given(this.oidcUserService.loadUser(any(OidcUserRequest.class))).willReturn(createOidcUser());
245248

246249
OidcUser oidcUser = createOidcUser();
247250
OAuth2AuthenticationToken authentication = new CustomOAuth2AuthenticationToken(oidcUser,
@@ -250,12 +253,15 @@ public void authorizeWhenAuthenticationIsCustomThenOidcUserNotRefreshed() {
250253
SecurityContextHolder.setContext(securityContext);
251254

252255
OAuth2AuthorizeRequest authorizeRequest = OAuth2AuthorizeRequest
253-
.withClientRegistrationId(GOOGLE_CLIENT_REGISTRATION.getRegistrationId())
254-
.principal(authentication)
255-
.build();
256+
.withClientRegistrationId(GOOGLE_CLIENT_REGISTRATION.getRegistrationId())
257+
.principal(authentication)
258+
.build();
256259
OAuth2AuthorizedClient refreshedAuthorizedClient = this.authorizedClientManager.authorize(authorizeRequest);
257260
assertThat(refreshedAuthorizedClient).isNotNull();
258-
verifyNoInteractions(this.securityContextRepository, this.jwtDecoder, this.oidcUserService);
261+
assertThat(refreshedAuthorizedClient).isNotSameAs(authorizedClient);
262+
assertThat(refreshedAuthorizedClient.getClientRegistration()).isEqualTo(GOOGLE_CLIENT_REGISTRATION);
263+
assertThat(refreshedAuthorizedClient.getAccessToken()).isEqualTo(accessTokenResponse.getAccessToken());
264+
assertThat(refreshedAuthorizedClient.getRefreshToken()).isEqualTo(accessTokenResponse.getRefreshToken());
259265
}
260266

261267
@Test

0 commit comments

Comments
 (0)