diff --git a/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2AuthorizationCodeRequestAuthenticationProviderTests.java b/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2AuthorizationCodeRequestAuthenticationProviderTests.java index 6412bbe66..403fe5048 100644 --- a/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2AuthorizationCodeRequestAuthenticationProviderTests.java +++ b/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2AuthorizationCodeRequestAuthenticationProviderTests.java @@ -491,12 +491,12 @@ public void authenticateWhenCustomAuthorizationConsentRequiredThenUsed() { this.authenticationProvider.setAuthorizationConsentRequired(authorizationConsentRequired); RegisteredClient registeredClient = TestRegisteredClients.registeredClient().build(); - when(this.registeredClientRepository.findByClientId(eq(registeredClient.getClientId()))) - .thenReturn(registeredClient); + given(this.registeredClientRepository.findByClientId(eq(registeredClient.getClientId()))) + .willReturn(registeredClient); String redirectUri = registeredClient.getRedirectUris().toArray(new String[0])[1]; OAuth2AuthorizationCodeRequestAuthenticationToken authentication = new OAuth2AuthorizationCodeRequestAuthenticationToken( - AUTHORIZATION_URI, registeredClient.getClientId(), principal, redirectUri, STATE, + AUTHORIZATION_URI, registeredClient.getClientId(), this.principal, redirectUri, STATE, registeredClient.getScopes(), null); OAuth2AuthorizationCodeRequestAuthenticationToken authenticationResult = (OAuth2AuthorizationCodeRequestAuthenticationToken) this.authenticationProvider diff --git a/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2ClientCredentialsAuthenticationProviderTests.java b/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2ClientCredentialsAuthenticationProviderTests.java index d602dee73..b0c2a5758 100644 --- a/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2ClientCredentialsAuthenticationProviderTests.java +++ b/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2ClientCredentialsAuthenticationProviderTests.java @@ -334,7 +334,7 @@ public void authenticateWhenCustomAuthenticationValidatorThenUsed() { Consumer authenticationValidator = mock(Consumer.class); this.authenticationProvider.setAuthenticationValidator(authenticationValidator); - when(this.jwtEncoder.encode(any())).thenReturn(createJwt(registeredClient.getScopes())); + given(this.jwtEncoder.encode(any())).willReturn(createJwt(registeredClient.getScopes())); this.authenticationProvider.authenticate(authentication); diff --git a/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2TokenExchangeAuthenticationProviderTests.java b/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2TokenExchangeAuthenticationProviderTests.java index b74dd2f57..6e1f6ce5f 100644 --- a/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2TokenExchangeAuthenticationProviderTests.java +++ b/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2TokenExchangeAuthenticationProviderTests.java @@ -58,11 +58,11 @@ import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; import static org.mockito.ArgumentMatchers.any; import static org.mockito.ArgumentMatchers.anyString; +import static org.mockito.BDDMockito.given; import static org.mockito.Mockito.mock; import static org.mockito.Mockito.verify; import static org.mockito.Mockito.verifyNoInteractions; import static org.mockito.Mockito.verifyNoMoreInteractions; -import static org.mockito.Mockito.when; /** * Tests for {@link OAuth2TokenExchangeAuthenticationProvider}. @@ -180,7 +180,7 @@ public void authenticateWhenSubjectTokenNotFoundThenThrowOAuth2AuthenticationExc .authorizationGrantType(AuthorizationGrantType.TOKEN_EXCHANGE) .build(); OAuth2TokenExchangeAuthenticationToken authentication = createDelegationRequest(registeredClient); - when(this.authorizationService.findByToken(anyString(), any(OAuth2TokenType.class))).thenReturn(null); + given(this.authorizationService.findByToken(anyString(), any(OAuth2TokenType.class))).willReturn(null); // @formatter:off assertThatExceptionOfType(OAuth2AuthenticationException.class) .isThrownBy(() -> this.authenticationProvider.authenticate(authentication)) @@ -203,7 +203,7 @@ public void authenticateWhenSubjectTokenNotActiveThenThrowOAuth2AuthenticationEx OAuth2Authorization authorization = TestOAuth2Authorizations.authorization(registeredClient) .token(createExpiredAccessToken(SUBJECT_TOKEN)) .build(); - when(this.authorizationService.findByToken(anyString(), any(OAuth2TokenType.class))).thenReturn(authorization); + given(this.authorizationService.findByToken(anyString(), any(OAuth2TokenType.class))).willReturn(authorization); // @formatter:off assertThatExceptionOfType(OAuth2AuthenticationException.class) .isThrownBy(() -> this.authenticationProvider.authenticate(authentication)) @@ -226,7 +226,7 @@ public void authenticateWhenSubjectTokenTypeJwtAndSubjectTokenFormatReferenceThe OAuth2Authorization authorization = TestOAuth2Authorizations.authorization(registeredClient) .token(createAccessToken(SUBJECT_TOKEN), withTokenFormat(OAuth2TokenFormat.REFERENCE)) .build(); - when(this.authorizationService.findByToken(anyString(), any(OAuth2TokenType.class))).thenReturn(authorization); + given(this.authorizationService.findByToken(anyString(), any(OAuth2TokenType.class))).willReturn(authorization); // @formatter:off assertThatExceptionOfType(OAuth2AuthenticationException.class) .isThrownBy(() -> this.authenticationProvider.authenticate(authentication)) @@ -252,7 +252,7 @@ public void authenticateWhenSubjectPrincipalNullThenThrowOAuth2AuthenticationExc .attributes((attributes) -> attributes.remove(Principal.class.getName())) .build(); // @formatter:on - when(this.authorizationService.findByToken(anyString(), any(OAuth2TokenType.class))).thenReturn(authorization); + given(this.authorizationService.findByToken(anyString(), any(OAuth2TokenType.class))).willReturn(authorization); // @formatter:off assertThatExceptionOfType(OAuth2AuthenticationException.class) .isThrownBy(() -> this.authenticationProvider.authenticate(authentication)) @@ -275,8 +275,8 @@ public void authenticateWhenActorTokenNotFoundThenThrowOAuth2AuthenticationExcep OAuth2Authorization subjectAuthorization = TestOAuth2Authorizations.authorization(registeredClient) .token(createAccessToken(SUBJECT_TOKEN)) .build(); - when(this.authorizationService.findByToken(anyString(), any(OAuth2TokenType.class))) - .thenReturn(subjectAuthorization, (OAuth2Authorization) null); + given(this.authorizationService.findByToken(anyString(), any(OAuth2TokenType.class))) + .willReturn(subjectAuthorization, (OAuth2Authorization) null); // @formatter:off assertThatExceptionOfType(OAuth2AuthenticationException.class) .isThrownBy(() -> this.authenticationProvider.authenticate(authentication)) @@ -303,8 +303,8 @@ public void authenticateWhenActorTokenNotActiveThenThrowOAuth2AuthenticationExce OAuth2Authorization actorAuthorization = TestOAuth2Authorizations.authorization(registeredClient) .token(createExpiredAccessToken(ACTOR_TOKEN)) .build(); - when(this.authorizationService.findByToken(anyString(), any(OAuth2TokenType.class))) - .thenReturn(subjectAuthorization, actorAuthorization); + given(this.authorizationService.findByToken(anyString(), any(OAuth2TokenType.class))) + .willReturn(subjectAuthorization, actorAuthorization); // @formatter:off assertThatExceptionOfType(OAuth2AuthenticationException.class) .isThrownBy(() -> this.authenticationProvider.authenticate(authentication)) @@ -331,8 +331,8 @@ public void authenticateWhenActorTokenTypeJwtAndActorTokenFormatReferenceThenThr OAuth2Authorization actorAuthorization = TestOAuth2Authorizations.authorization(registeredClient) .token(createAccessToken(ACTOR_TOKEN), withTokenFormat(OAuth2TokenFormat.REFERENCE)) .build(); - when(this.authorizationService.findByToken(anyString(), any(OAuth2TokenType.class))) - .thenReturn(subjectAuthorization, actorAuthorization); + given(this.authorizationService.findByToken(anyString(), any(OAuth2TokenType.class))) + .willReturn(subjectAuthorization, actorAuthorization); // @formatter:off assertThatExceptionOfType(OAuth2AuthenticationException.class) .isThrownBy(() -> this.authenticationProvider.authenticate(authentication)) @@ -365,8 +365,8 @@ public void authenticateWhenMayActAndActorIssClaimNotAuthorizedThenThrowOAuth2Au OAuth2Authorization actorAuthorization = TestOAuth2Authorizations.authorization(registeredClient) .token(createAccessToken(ACTOR_TOKEN), withClaims(actorTokenClaims)) .build(); - when(this.authorizationService.findByToken(anyString(), any(OAuth2TokenType.class))) - .thenReturn(subjectAuthorization, actorAuthorization); + given(this.authorizationService.findByToken(anyString(), any(OAuth2TokenType.class))) + .willReturn(subjectAuthorization, actorAuthorization); // @formatter:off assertThatExceptionOfType(OAuth2AuthenticationException.class) .isThrownBy(() -> this.authenticationProvider.authenticate(authentication)) @@ -399,8 +399,8 @@ public void authenticateWhenMayActAndActorSubClaimNotAuthorizedThenThrowOAuth2Au OAuth2Authorization actorAuthorization = TestOAuth2Authorizations.authorization(registeredClient) .token(createAccessToken(ACTOR_TOKEN), withClaims(actorTokenClaims)) .build(); - when(this.authorizationService.findByToken(anyString(), any(OAuth2TokenType.class))) - .thenReturn(subjectAuthorization, actorAuthorization); + given(this.authorizationService.findByToken(anyString(), any(OAuth2TokenType.class))) + .willReturn(subjectAuthorization, actorAuthorization); // @formatter:off assertThatExceptionOfType(OAuth2AuthenticationException.class) .isThrownBy(() -> this.authenticationProvider.authenticate(authentication)) @@ -428,8 +428,8 @@ public void authenticateWhenMayActAndImpersonationThenThrowOAuth2AuthenticationE .token(createAccessToken(SUBJECT_TOKEN), withClaims(Map.of("may_act", authorizedActorClaims))) .build(); // @formatter:on - when(this.authorizationService.findByToken(anyString(), any(OAuth2TokenType.class))) - .thenReturn(subjectAuthorization); + given(this.authorizationService.findByToken(anyString(), any(OAuth2TokenType.class))) + .willReturn(subjectAuthorization); // @formatter:off assertThatExceptionOfType(OAuth2AuthenticationException.class) .isThrownBy(() -> this.authenticationProvider.authenticate(authentication)) @@ -456,8 +456,8 @@ public void authenticateWhenInvalidScopeInRequestThenThrowOAuth2AuthenticationEx OAuth2Authorization actorAuthorization = TestOAuth2Authorizations.authorization(registeredClient) .token(createAccessToken(ACTOR_TOKEN)) .build(); - when(this.authorizationService.findByToken(anyString(), any(OAuth2TokenType.class))) - .thenReturn(subjectAuthorization, actorAuthorization); + given(this.authorizationService.findByToken(anyString(), any(OAuth2TokenType.class))) + .willReturn(subjectAuthorization, actorAuthorization); // @formatter:off assertThatExceptionOfType(OAuth2AuthenticationException.class) .isThrownBy(() -> this.authenticationProvider.authenticate(authentication)) @@ -485,8 +485,8 @@ public void authenticateWhenInvalidScopeInSubjectAuthorizationThenThrowOAuth2Aut OAuth2Authorization actorAuthorization = TestOAuth2Authorizations.authorization(registeredClient) .token(createAccessToken(ACTOR_TOKEN)) .build(); - when(this.authorizationService.findByToken(anyString(), any(OAuth2TokenType.class))) - .thenReturn(subjectAuthorization, actorAuthorization); + given(this.authorizationService.findByToken(anyString(), any(OAuth2TokenType.class))) + .willReturn(subjectAuthorization, actorAuthorization); // @formatter:off assertThatExceptionOfType(OAuth2AuthenticationException.class) .isThrownBy(() -> this.authenticationProvider.authenticate(authentication)) @@ -514,10 +514,10 @@ public void authenticateWhenNoActorTokenAndValidTokenExchangeThenReturnAccessTok .attribute(Principal.class.getName(), userPrincipal) .build(); // @formatter:on - when(this.authorizationService.findByToken(anyString(), any(OAuth2TokenType.class))) - .thenReturn(subjectAuthorization); + given(this.authorizationService.findByToken(anyString(), any(OAuth2TokenType.class))) + .willReturn(subjectAuthorization); OAuth2AccessToken accessToken = createAccessToken("token-value"); - when(this.tokenGenerator.generate(any(OAuth2TokenContext.class))).thenReturn(accessToken); + given(this.tokenGenerator.generate(any(OAuth2TokenContext.class))).willReturn(accessToken); OAuth2AccessTokenAuthenticationToken authenticationResult = (OAuth2AccessTokenAuthenticationToken) this.authenticationProvider .authenticate(authentication); assertThat(authenticationResult.getRegisteredClient()).isEqualTo(registeredClient); @@ -571,10 +571,10 @@ public void authenticateWhenNoActorTokenAndPreviousActorThenReturnAccessTokenFor .attribute(Principal.class.getName(), subjectPrincipal) .build(); // @formatter:on - when(this.authorizationService.findByToken(anyString(), any(OAuth2TokenType.class))) - .thenReturn(subjectAuthorization); + given(this.authorizationService.findByToken(anyString(), any(OAuth2TokenType.class))) + .willReturn(subjectAuthorization); OAuth2AccessToken accessToken = createAccessToken("token-value"); - when(this.tokenGenerator.generate(any(OAuth2TokenContext.class))).thenReturn(accessToken); + given(this.tokenGenerator.generate(any(OAuth2TokenContext.class))).willReturn(accessToken); OAuth2AccessTokenAuthenticationToken authenticationResult = (OAuth2AccessTokenAuthenticationToken) this.authenticationProvider .authenticate(authentication); assertThat(authenticationResult.getRegisteredClient()).isEqualTo(registeredClient); @@ -634,10 +634,10 @@ public void authenticateWhenActorTokenAndValidTokenExchangeThenReturnAccessToken .token(createAccessToken(ACTOR_TOKEN), withClaims(actor2.getClaims())) .build(); // @formatter:on - when(this.authorizationService.findByToken(anyString(), any(OAuth2TokenType.class))) - .thenReturn(subjectAuthorization, actorAuthorization); + given(this.authorizationService.findByToken(anyString(), any(OAuth2TokenType.class))) + .willReturn(subjectAuthorization, actorAuthorization); OAuth2AccessToken accessToken = createAccessToken("token-value"); - when(this.tokenGenerator.generate(any(OAuth2TokenContext.class))).thenReturn(accessToken); + given(this.tokenGenerator.generate(any(OAuth2TokenContext.class))).willReturn(accessToken); OAuth2AccessTokenAuthenticationToken authenticationResult = (OAuth2AccessTokenAuthenticationToken) this.authenticationProvider .authenticate(authentication); assertThat(authenticationResult.getRegisteredClient()).isEqualTo(registeredClient); diff --git a/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/authentication/X509ClientCertificateAuthenticationProviderTests.java b/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/authentication/X509ClientCertificateAuthenticationProviderTests.java index c37da3f4c..b144fc208 100644 --- a/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/authentication/X509ClientCertificateAuthenticationProviderTests.java +++ b/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/authentication/X509ClientCertificateAuthenticationProviderTests.java @@ -55,9 +55,9 @@ import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.assertThatThrownBy; import static org.mockito.ArgumentMatchers.eq; +import static org.mockito.BDDMockito.given; import static org.mockito.Mockito.mock; import static org.mockito.Mockito.verify; -import static org.mockito.Mockito.when; /** * Tests for {@link X509ClientCertificateAuthenticationProvider}. @@ -153,16 +153,16 @@ public void authenticateWhenInvalidClientIdThenThrowOAuth2AuthenticationExceptio .clientAuthenticationMethod(ClientAuthenticationMethod.TLS_CLIENT_AUTH) .build(); // @formatter:on - when(this.registeredClientRepository.findByClientId(eq(registeredClient.getClientId()))) - .thenReturn(registeredClient); + given(this.registeredClientRepository.findByClientId(eq(registeredClient.getClientId()))) + .willReturn(registeredClient); OAuth2ClientAuthenticationToken authentication = new OAuth2ClientAuthenticationToken( registeredClient.getClientId() + "-invalid", ClientAuthenticationMethod.TLS_CLIENT_AUTH, TestX509Certificates.DEMO_CLIENT_PKI_CERTIFICATE, null); assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication)) .isInstanceOf(OAuth2AuthenticationException.class) - .extracting(ex -> ((OAuth2AuthenticationException) ex).getError()) - .satisfies(error -> { + .extracting((ex) -> ((OAuth2AuthenticationException) ex).getError()) + .satisfies((error) -> { assertThat(error.getErrorCode()).isEqualTo(OAuth2ErrorCodes.INVALID_CLIENT); assertThat(error.getDescription()).contains(OAuth2ParameterNames.CLIENT_ID); }); @@ -171,16 +171,16 @@ public void authenticateWhenInvalidClientIdThenThrowOAuth2AuthenticationExceptio @Test public void authenticateWhenUnsupportedClientAuthenticationMethodThenThrowOAuth2AuthenticationException() { RegisteredClient registeredClient = TestRegisteredClients.registeredClient().build(); - when(this.registeredClientRepository.findByClientId(eq(registeredClient.getClientId()))) - .thenReturn(registeredClient); + given(this.registeredClientRepository.findByClientId(eq(registeredClient.getClientId()))) + .willReturn(registeredClient); OAuth2ClientAuthenticationToken authentication = new OAuth2ClientAuthenticationToken( registeredClient.getClientId(), ClientAuthenticationMethod.TLS_CLIENT_AUTH, TestX509Certificates.DEMO_CLIENT_PKI_CERTIFICATE, null); assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication)) .isInstanceOf(OAuth2AuthenticationException.class) - .extracting(ex -> ((OAuth2AuthenticationException) ex).getError()) - .satisfies(error -> { + .extracting((ex) -> ((OAuth2AuthenticationException) ex).getError()) + .satisfies((error) -> { assertThat(error.getErrorCode()).isEqualTo(OAuth2ErrorCodes.INVALID_CLIENT); assertThat(error.getDescription()).contains("authentication_method"); }); @@ -193,15 +193,15 @@ public void authenticateWhenX509CertificateNotProvidedThenThrowOAuth2Authenticat .clientAuthenticationMethod(ClientAuthenticationMethod.TLS_CLIENT_AUTH) .build(); // @formatter:on - when(this.registeredClientRepository.findByClientId(eq(registeredClient.getClientId()))) - .thenReturn(registeredClient); + given(this.registeredClientRepository.findByClientId(eq(registeredClient.getClientId()))) + .willReturn(registeredClient); OAuth2ClientAuthenticationToken authentication = new OAuth2ClientAuthenticationToken( registeredClient.getClientId(), ClientAuthenticationMethod.TLS_CLIENT_AUTH, null, null); assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication)) .isInstanceOf(OAuth2AuthenticationException.class) - .extracting(ex -> ((OAuth2AuthenticationException) ex).getError()) - .satisfies(error -> { + .extracting((ex) -> ((OAuth2AuthenticationException) ex).getError()) + .satisfies((error) -> { assertThat(error.getErrorCode()).isEqualTo(OAuth2ErrorCodes.INVALID_CLIENT); assertThat(error.getDescription()).contains("credentials"); }); @@ -219,16 +219,16 @@ public void authenticateWhenPKIX509CertificateInvalidSubjectDNThenThrowOAuth2Aut ) .build(); // @formatter:on - when(this.registeredClientRepository.findByClientId(eq(registeredClient.getClientId()))) - .thenReturn(registeredClient); + given(this.registeredClientRepository.findByClientId(eq(registeredClient.getClientId()))) + .willReturn(registeredClient); OAuth2ClientAuthenticationToken authentication = new OAuth2ClientAuthenticationToken( registeredClient.getClientId(), ClientAuthenticationMethod.TLS_CLIENT_AUTH, TestX509Certificates.DEMO_CLIENT_PKI_CERTIFICATE, null); assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication)) .isInstanceOf(OAuth2AuthenticationException.class) - .extracting(ex -> ((OAuth2AuthenticationException) ex).getError()) - .satisfies(error -> { + .extracting((ex) -> ((OAuth2AuthenticationException) ex).getError()) + .satisfies((error) -> { assertThat(error.getErrorCode()).isEqualTo(OAuth2ErrorCodes.INVALID_CLIENT); assertThat(error.getDescription()).contains("x509_certificate_subject_dn"); }); @@ -246,8 +246,8 @@ public void authenticateWhenPKIX509CertificateValidThenAuthenticated() { ) .build(); // @formatter:on - when(this.registeredClientRepository.findByClientId(eq(registeredClient.getClientId()))) - .thenReturn(registeredClient); + given(this.registeredClientRepository.findByClientId(eq(registeredClient.getClientId()))) + .willReturn(registeredClient); OAuth2ClientAuthenticationToken authentication = new OAuth2ClientAuthenticationToken( registeredClient.getClientId(), ClientAuthenticationMethod.TLS_CLIENT_AUTH, @@ -276,8 +276,8 @@ public void authenticateWhenSelfSignedX509CertificateInvalidIssuerThenThrowOAuth ) .build(); // @formatter:on - when(this.registeredClientRepository.findByClientId(eq(registeredClient.getClientId()))) - .thenReturn(registeredClient); + given(this.registeredClientRepository.findByClientId(eq(registeredClient.getClientId()))) + .willReturn(registeredClient); // PKI Certificate will have different issuer OAuth2ClientAuthenticationToken authentication = new OAuth2ClientAuthenticationToken( @@ -285,8 +285,8 @@ public void authenticateWhenSelfSignedX509CertificateInvalidIssuerThenThrowOAuth TestX509Certificates.DEMO_CLIENT_PKI_CERTIFICATE, null); assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication)) .isInstanceOf(OAuth2AuthenticationException.class) - .extracting(ex -> ((OAuth2AuthenticationException) ex).getError()) - .satisfies(error -> { + .extracting((ex) -> ((OAuth2AuthenticationException) ex).getError()) + .satisfies((error) -> { assertThat(error.getErrorCode()).isEqualTo(OAuth2ErrorCodes.INVALID_CLIENT); assertThat(error.getDescription()).contains("x509_certificate_issuer"); }); @@ -299,16 +299,16 @@ public void authenticateWhenSelfSignedX509CertificateMissingClientJwkSetUrlThenT .clientAuthenticationMethod(ClientAuthenticationMethod.SELF_SIGNED_TLS_CLIENT_AUTH) .build(); // @formatter:on - when(this.registeredClientRepository.findByClientId(eq(registeredClient.getClientId()))) - .thenReturn(registeredClient); + given(this.registeredClientRepository.findByClientId(eq(registeredClient.getClientId()))) + .willReturn(registeredClient); OAuth2ClientAuthenticationToken authentication = new OAuth2ClientAuthenticationToken( registeredClient.getClientId(), ClientAuthenticationMethod.SELF_SIGNED_TLS_CLIENT_AUTH, TestX509Certificates.DEMO_CLIENT_SELF_SIGNED_CERTIFICATE, null); assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication)) .isInstanceOf(OAuth2AuthenticationException.class) - .extracting(ex -> ((OAuth2AuthenticationException) ex).getError()) - .satisfies(error -> { + .extracting((ex) -> ((OAuth2AuthenticationException) ex).getError()) + .satisfies((error) -> { assertThat(error.getErrorCode()).isEqualTo(OAuth2ErrorCodes.INVALID_CLIENT); assertThat(error.getDescription()).contains("client_jwk_set_url"); }); @@ -326,16 +326,16 @@ public void authenticateWhenSelfSignedX509CertificateInvalidClientJwkSetUrlThenT ) .build(); // @formatter:on - when(this.registeredClientRepository.findByClientId(eq(registeredClient.getClientId()))) - .thenReturn(registeredClient); + given(this.registeredClientRepository.findByClientId(eq(registeredClient.getClientId()))) + .willReturn(registeredClient); OAuth2ClientAuthenticationToken authentication = new OAuth2ClientAuthenticationToken( registeredClient.getClientId(), ClientAuthenticationMethod.SELF_SIGNED_TLS_CLIENT_AUTH, TestX509Certificates.DEMO_CLIENT_SELF_SIGNED_CERTIFICATE, null); assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication)) .isInstanceOf(OAuth2AuthenticationException.class) - .extracting(ex -> ((OAuth2AuthenticationException) ex).getError()) - .satisfies(error -> { + .extracting((ex) -> ((OAuth2AuthenticationException) ex).getError()) + .satisfies((error) -> { assertThat(error.getErrorCode()).isEqualTo(OAuth2ErrorCodes.INVALID_CLIENT); assertThat(error.getDescription()).contains("jwk_set_uri"); }); @@ -407,16 +407,16 @@ public MockResponse dispatch(RecordedRequest request) { ) .build(); // @formatter:on - when(this.registeredClientRepository.findByClientId(eq(registeredClient.getClientId()))) - .thenReturn(registeredClient); + given(this.registeredClientRepository.findByClientId(eq(registeredClient.getClientId()))) + .willReturn(registeredClient); OAuth2ClientAuthenticationToken authentication = new OAuth2ClientAuthenticationToken( registeredClient.getClientId(), ClientAuthenticationMethod.SELF_SIGNED_TLS_CLIENT_AUTH, TestX509Certificates.DEMO_CLIENT_SELF_SIGNED_CERTIFICATE, null); assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication)) .isInstanceOf(OAuth2AuthenticationException.class) - .extracting(ex -> ((OAuth2AuthenticationException) ex).getError()) - .satisfies(error -> { + .extracting((ex) -> ((OAuth2AuthenticationException) ex).getError()) + .satisfies((error) -> { assertThat(error.getErrorCode()).isEqualTo(OAuth2ErrorCodes.INVALID_CLIENT); assertThat(error.getDescription()).contains(expectedErrorDescription); }); @@ -434,8 +434,8 @@ public void authenticateWhenSelfSignedX509CertificateValidThenAuthenticated() { ) .build(); // @formatter:on - when(this.registeredClientRepository.findByClientId(eq(registeredClient.getClientId()))) - .thenReturn(registeredClient); + given(this.registeredClientRepository.findByClientId(eq(registeredClient.getClientId()))) + .willReturn(registeredClient); OAuth2ClientAuthenticationToken authentication = new OAuth2ClientAuthenticationToken( registeredClient.getClientId(), ClientAuthenticationMethod.SELF_SIGNED_TLS_CLIENT_AUTH, @@ -465,14 +465,14 @@ public void authenticateWhenPkceAndValidCodeVerifierThenAuthenticated() { ) .build(); // @formatter:on - when(this.registeredClientRepository.findByClientId(eq(registeredClient.getClientId()))) - .thenReturn(registeredClient); + given(this.registeredClientRepository.findByClientId(eq(registeredClient.getClientId()))) + .willReturn(registeredClient); OAuth2Authorization authorization = TestOAuth2Authorizations .authorization(registeredClient, createPkceAuthorizationParametersS256()) .build(); - when(this.authorizationService.findByToken(eq(AUTHORIZATION_CODE), eq(AUTHORIZATION_CODE_TOKEN_TYPE))) - .thenReturn(authorization); + given(this.authorizationService.findByToken(eq(AUTHORIZATION_CODE), eq(AUTHORIZATION_CODE_TOKEN_TYPE))) + .willReturn(authorization); Map parameters = createPkceTokenParameters(S256_CODE_VERIFIER); diff --git a/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/AuthorizationServerContextFilterTests.java b/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/AuthorizationServerContextFilterTests.java index 914134114..23532a7cd 100644 --- a/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/AuthorizationServerContextFilterTests.java +++ b/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/AuthorizationServerContextFilterTests.java @@ -21,7 +21,6 @@ import java.util.concurrent.atomic.AtomicReference; import jakarta.servlet.FilterChain; - import org.junit.jupiter.api.Test; import org.springframework.mock.web.MockHttpServletRequest; @@ -49,7 +48,7 @@ class AuthorizationServerContextFilterTests { private AuthorizationServerContextFilter filter; @Test - public void doFilterWhenDefaultEndpointsThenIssuerResolved() throws Exception { + void doFilterWhenDefaultEndpointsThenIssuerResolved() throws Exception { AuthorizationServerSettings authorizationServerSettings = AuthorizationServerSettings.builder().build(); this.filter = new AuthorizationServerContextFilter(authorizationServerSettings); @@ -63,7 +62,7 @@ public void doFilterWhenDefaultEndpointsThenIssuerResolved() throws Exception { } @Test - public void doFilterWhenCustomEndpointsThenIssuerResolved() throws Exception { + void doFilterWhenCustomEndpointsThenIssuerResolved() throws Exception { AuthorizationServerSettings authorizationServerSettings = AuthorizationServerSettings.builder() .authorizationEndpoint("/oauth2/v1/authorize") .deviceAuthorizationEndpoint("/oauth2/v1/device_authorization") @@ -88,7 +87,7 @@ public void doFilterWhenCustomEndpointsThenIssuerResolved() throws Exception { } @Test - public void doFilterWhenIssuerHasMultiplePathsThenIssuerResolved() throws Exception { + void doFilterWhenIssuerHasMultiplePathsThenIssuerResolved() throws Exception { AuthorizationServerSettings authorizationServerSettings = AuthorizationServerSettings.builder().build(); this.filter = new AuthorizationServerContextFilter(authorizationServerSettings); diff --git a/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/DefaultOAuth2TokenCustomizersTests.java b/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/DefaultOAuth2TokenCustomizersTests.java index 42f53ae1b..c7853cd56 100644 --- a/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/DefaultOAuth2TokenCustomizersTests.java +++ b/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/DefaultOAuth2TokenCustomizersTests.java @@ -45,8 +45,8 @@ import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.entry; +import static org.mockito.BDDMockito.given; import static org.mockito.Mockito.mock; -import static org.mockito.Mockito.when; /** * Tests for {@link DefaultOAuth2TokenCustomizers}. @@ -98,7 +98,7 @@ void customizeWhenAuthorizationGrantIsNullThenNoClaimsAdded() { void customizeWhenTokenExchangeGrantAndResourcesThenNoClaimsAdded() { OAuth2TokenExchangeAuthenticationToken tokenExchangeAuthentication = mock( OAuth2TokenExchangeAuthenticationToken.class); - when(tokenExchangeAuthentication.getResources()).thenReturn(Set.of("resource1", "resource2")); + given(tokenExchangeAuthentication.getResources()).willReturn(Set.of("resource1", "resource2")); // @formatter:off JwtEncodingContext tokenContext = JwtEncodingContext.with(this.jwsHeaderBuilder, this.jwtClaimsBuilder) .tokenType(OAuth2TokenType.ACCESS_TOKEN) @@ -115,7 +115,7 @@ void customizeWhenTokenExchangeGrantAndResourcesThenNoClaimsAdded() { void customizeWhenTokenExchangeGrantAndAudiencesThenNoClaimsAdded() { OAuth2TokenExchangeAuthenticationToken tokenExchangeAuthentication = mock( OAuth2TokenExchangeAuthenticationToken.class); - when(tokenExchangeAuthentication.getAudiences()).thenReturn(Set.of("audience1", "audience2")); + given(tokenExchangeAuthentication.getAudiences()).willReturn(Set.of("audience1", "audience2")); // @formatter:off JwtEncodingContext tokenContext = JwtEncodingContext.with(this.jwsHeaderBuilder, this.jwtClaimsBuilder) .tokenType(OAuth2TokenType.ACCESS_TOKEN) @@ -132,7 +132,7 @@ void customizeWhenTokenExchangeGrantAndAudiencesThenNoClaimsAdded() { void customizeWhenTokenExchangeGrantAndDelegationThenActClaimAdded() { OAuth2TokenExchangeAuthenticationToken tokenExchangeAuthentication = mock( OAuth2TokenExchangeAuthenticationToken.class); - when(tokenExchangeAuthentication.getAudiences()).thenReturn(Collections.emptySet()); + given(tokenExchangeAuthentication.getAudiences()).willReturn(Collections.emptySet()); Authentication subject = new TestingAuthenticationToken("subject", null); OAuth2TokenExchangeActor actor1 = new OAuth2TokenExchangeActor( diff --git a/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/JwkSetTests.java b/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/JwkSetTests.java index 6c0d27a11..b1ae5b760 100644 --- a/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/JwkSetTests.java +++ b/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/JwkSetTests.java @@ -113,7 +113,7 @@ public void requestWhenJwkSetThenReturnKeys() throws Exception { public void requestWhenJwkSetCustomEndpointThenReturnKeys() throws Exception { this.spring.register(AuthorizationServerConfigurationCustomEndpoints.class).autowire(); - assertJwkSetRequestThenReturnKeys(authorizationServerSettings.getJwkSetEndpoint()); + assertJwkSetRequestThenReturnKeys(this.authorizationServerSettings.getJwkSetEndpoint()); } @Test @@ -121,7 +121,7 @@ public void requestWhenJwkSetRequestIncludesIssuerPathThenReturnKeys() throws Ex this.spring.register(AuthorizationServerConfigurationCustomEndpoints.class).autowire(); String issuer = "https://example.com:8443/issuer1"; - assertJwkSetRequestThenReturnKeys(issuer.concat(authorizationServerSettings.getJwkSetEndpoint())); + assertJwkSetRequestThenReturnKeys(issuer.concat(this.authorizationServerSettings.getJwkSetEndpoint())); } private void assertJwkSetRequestThenReturnKeys(String jwkSetEndpointUri) throws Exception { diff --git a/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2AuthorizationCodeGrantTests.java b/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2AuthorizationCodeGrantTests.java index d1df383b4..bf0258942 100644 --- a/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2AuthorizationCodeGrantTests.java +++ b/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2AuthorizationCodeGrantTests.java @@ -947,7 +947,7 @@ public void requestWhenAuthorizationAndTokenRequestIncludesIssuerPathThenIssuerR .andReturn(); ArgumentCaptor tokenContextCaptor = ArgumentCaptor.forClass(OAuth2TokenContext.class); - verify(tokenGenerator).generate(tokenContextCaptor.capture()); + verify(this.tokenGenerator).generate(tokenContextCaptor.capture()); OAuth2TokenContext tokenContext = tokenContextCaptor.getValue(); assertThat(tokenContext.getAuthorizationServerContext().getIssuer()).isEqualTo(issuer); } diff --git a/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2TokenIntrospectionTests.java b/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2TokenIntrospectionTests.java index 2c3a5a521..9f4f95d33 100644 --- a/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2TokenIntrospectionTests.java +++ b/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2TokenIntrospectionTests.java @@ -442,9 +442,9 @@ public void requestWhenIntrospectionRequestIncludesIssuerPathThenActive() throws OAuth2TokenIntrospectionAuthenticationToken tokenIntrospectionAuthentication = new OAuth2TokenIntrospectionAuthenticationToken( accessToken.getTokenValue(), clientPrincipal, null, null); - when(authenticationConverter.convert(any())).thenReturn(tokenIntrospectionAuthentication); - when(authenticationProvider.supports(eq(OAuth2TokenIntrospectionAuthenticationToken.class))).thenReturn(true); - when(authenticationProvider.authenticate(any())).thenReturn(tokenIntrospectionAuthentication); + given(authenticationConverter.convert(any())).willReturn(tokenIntrospectionAuthentication); + given(authenticationProvider.supports(eq(OAuth2TokenIntrospectionAuthenticationToken.class))).willReturn(true); + given(authenticationProvider.authenticate(any())).willReturn(tokenIntrospectionAuthentication); String issuer = "https://example.com:8443/issuer1"; diff --git a/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OidcUserInfoTests.java b/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OidcUserInfoTests.java index 82d86d1db..f39dfa8db 100644 --- a/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OidcUserInfoTests.java +++ b/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OidcUserInfoTests.java @@ -24,12 +24,11 @@ import java.util.function.Consumer; import java.util.function.Function; -import jakarta.servlet.http.HttpServletResponse; - import com.nimbusds.jose.jwk.JWKSet; import com.nimbusds.jose.jwk.source.ImmutableJWKSet; import com.nimbusds.jose.jwk.source.JWKSource; import com.nimbusds.jose.proc.SecurityContext; +import jakarta.servlet.http.HttpServletResponse; import org.junit.jupiter.api.BeforeAll; import org.junit.jupiter.api.BeforeEach; import org.junit.jupiter.api.Test; diff --git a/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/web/OAuth2TokenEndpointFilterTests.java b/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/web/OAuth2TokenEndpointFilterTests.java index 0185781b7..98a8cbbff 100644 --- a/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/web/OAuth2TokenEndpointFilterTests.java +++ b/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/web/OAuth2TokenEndpointFilterTests.java @@ -68,13 +68,11 @@ import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.assertThatThrownBy; import static org.assertj.core.api.Assertions.entry; -import static org.assertj.core.api.InstanceOfAssertFactories.type; import static org.mockito.ArgumentMatchers.any; import static org.mockito.BDDMockito.given; import static org.mockito.Mockito.mock; import static org.mockito.Mockito.verify; import static org.mockito.Mockito.verifyNoInteractions; -import static org.mockito.Mockito.when; /** * Tests for {@link OAuth2TokenEndpointFilter}. @@ -280,7 +278,7 @@ public void doFilterWhenAuthorizationCodeTokenRequestThenAccessTokenResponse() t entry("custom-param-1", "custom-value-1"), entry("custom-param-2", new String[] { "custom-value-1", "custom-value-2" })); assertThat(authorizationCodeAuthentication.getDetails()) - .asInstanceOf(type(WebAuthenticationDetails.class)) + .asInstanceOf(InstanceOfAssertFactories.type(WebAuthenticationDetails.class)) .extracting(WebAuthenticationDetails::getRemoteAddress) .isEqualTo(REMOTE_ADDRESS); @@ -345,7 +343,7 @@ public void doFilterWhenClientCredentialsTokenRequestThenAccessTokenResponse() t entry("custom-param-1", "custom-value-1"), entry("custom-param-2", new String[] { "custom-value-1", "custom-value-2" })); assertThat(clientCredentialsAuthentication.getDetails()) - .asInstanceOf(type(WebAuthenticationDetails.class)) + .asInstanceOf(InstanceOfAssertFactories.type(WebAuthenticationDetails.class)) .extracting(WebAuthenticationDetails::getRemoteAddress) .isEqualTo(REMOTE_ADDRESS); @@ -434,7 +432,7 @@ public void doFilterWhenRefreshTokenRequestThenAccessTokenResponse() throws Exce entry("custom-param-1", "custom-value-1"), entry("custom-param-2", new String[] { "custom-value-1", "custom-value-2" })); assertThat(refreshTokenAuthenticationToken.getDetails()) - .asInstanceOf(type(WebAuthenticationDetails.class)) + .asInstanceOf(InstanceOfAssertFactories.type(WebAuthenticationDetails.class)) .extracting(WebAuthenticationDetails::getRemoteAddress) .isEqualTo(REMOTE_ADDRESS); @@ -468,7 +466,7 @@ public void doFilterWhenTokenExchangeRequestThenAccessTokenResponse() throws Exc OAuth2AccessTokenAuthenticationToken accessTokenAuthentication = new OAuth2AccessTokenAuthenticationToken( registeredClient, clientPrincipal, accessToken, refreshToken); - when(this.authenticationManager.authenticate(any())).thenReturn(accessTokenAuthentication); + given(this.authenticationManager.authenticate(any())).willReturn(accessTokenAuthentication); SecurityContext securityContext = SecurityContextHolder.createEmptyContext(); securityContext.setAuthentication(clientPrincipal); @@ -495,7 +493,8 @@ public void doFilterWhenTokenExchangeRequestThenAccessTokenResponse() throws Exc assertThat(tokenExchangeAuthenticationToken.getAdditionalParameters()).containsExactly( entry("custom-param-1", "custom-value-1"), entry("custom-param-2", new String[] { "custom-value-1", "custom-value-2" })); - assertThat(tokenExchangeAuthenticationToken.getDetails()).asInstanceOf(type(WebAuthenticationDetails.class)) + assertThat(tokenExchangeAuthenticationToken.getDetails()) + .asInstanceOf(InstanceOfAssertFactories.type(WebAuthenticationDetails.class)) .extracting(WebAuthenticationDetails::getRemoteAddress) .isEqualTo(REMOTE_ADDRESS); diff --git a/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/web/authentication/OAuth2AccessTokenResponseAuthenticationSuccessHandlerTests.java b/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/web/authentication/OAuth2AccessTokenResponseAuthenticationSuccessHandlerTests.java index b144ee896..f30a9a8f5 100644 --- a/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/web/authentication/OAuth2AccessTokenResponseAuthenticationSuccessHandlerTests.java +++ b/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/web/authentication/OAuth2AccessTokenResponseAuthenticationSuccessHandlerTests.java @@ -108,7 +108,7 @@ public void onAuthenticationSuccessWhenInvalidAuthenticationTypeThenThrowOAuth2A assertThatThrownBy(() -> this.authenticationSuccessHandler.onAuthenticationSuccess(request, response, new TestingAuthenticationToken(this.clientPrincipal, null))) .isInstanceOf(OAuth2AuthenticationException.class) - .extracting(ex -> ((OAuth2AuthenticationException) ex).getError()) + .extracting((ex) -> ((OAuth2AuthenticationException) ex).getError()) .extracting("errorCode") .isEqualTo(OAuth2ErrorCodes.SERVER_ERROR); } diff --git a/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/web/authentication/X509ClientCertificateAuthenticationConverterTests.java b/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/web/authentication/X509ClientCertificateAuthenticationConverterTests.java index 42e934486..fcd44888e 100644 --- a/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/web/authentication/X509ClientCertificateAuthenticationConverterTests.java +++ b/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/web/authentication/X509ClientCertificateAuthenticationConverterTests.java @@ -63,7 +63,7 @@ public void convertWhenMissingClientIdThenInvalidRequestError() { request.setAttribute("jakarta.servlet.request.X509Certificate", TestX509Certificates.DEMO_CLIENT_PKI_CERTIFICATE); assertThatThrownBy(() -> this.converter.convert(request)).isInstanceOf(OAuth2AuthenticationException.class) - .extracting(ex -> ((OAuth2AuthenticationException) ex).getError()) + .extracting((ex) -> ((OAuth2AuthenticationException) ex).getError()) .extracting("errorCode") .isEqualTo(OAuth2ErrorCodes.INVALID_REQUEST); } @@ -76,7 +76,7 @@ public void convertWhenMultipleClientIdThenInvalidRequestError() { request.addParameter(OAuth2ParameterNames.CLIENT_ID, "client-1"); request.addParameter(OAuth2ParameterNames.CLIENT_ID, "client-2"); assertThatThrownBy(() -> this.converter.convert(request)).isInstanceOf(OAuth2AuthenticationException.class) - .extracting(ex -> ((OAuth2AuthenticationException) ex).getError()) + .extracting((ex) -> ((OAuth2AuthenticationException) ex).getError()) .extracting("errorCode") .isEqualTo(OAuth2ErrorCodes.INVALID_REQUEST); }