Reputation: 323
Integration tests of an OAuth2 authentication service?
So I'm trying to learn how to use Spring Boot services, decided the place to start was an OAuth2 authentication service. Of course, I want some integration tests to make sure my auth is running properly. My problem is, I can get a token using curl just fine, however when I try to grab one through I get a 400 error and the following JSON
{"error":"invalid_request","error_description":"Missing grant type"}
The curl command I'm using is
curl -v my-trusted-client:@localhost:9999/oauth/token -d grant_type=password -d username=user -d password=password
Integration test code is
@RunWith(SpringJUnit4ClassRunner.class)
@SpringApplicationConfiguration(classes = AuthApplication.class)
@WebIntegrationTest
public class AuthServiceIntegrationTest {
@Value("${server.port}")
private int port;
@Value("${security.user.name}")
private String username;
@Value("${security.user.password}")
private String password;
private RestTemplate template = new TestRestTemplate("my-trusted-client","");
@Test
public void testTokenGet() throws Exception{
String url = "http://localhost:"+port+"/oauth/token";
Map<String, String> data = new HashMap<>();
data.put("grant_type", "password");
data.put("username", username);
data.put("password", password);
ResponseEntity<String> token = template.postForEntity(url, data, String.class);
assertEquals(HttpStatus.OK, token.getStatusCode());
}
}
And the config is
@Configuration
@EnableAuthorizationServer
public class OAuthConfiguration extends AuthorizationServerConfigurerAdapter {
@Autowired
private AuthenticationManager authenticationManager;
@Override
public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
endpoints.authenticationManager(authenticationManager);
}
@Override
public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
clients.inMemory()
.withClient("my-trusted-client")
.authorizedGrantTypes("password", "authorization_code", "refresh_token", "implicit")
.authorities("ROLE_CLIENT", "ROLE_TRUSTED_CLIENT")
.scopes("read", "write", "trust")
.resourceIds("oauth2-resource")
.accessTokenValiditySeconds(60)
.and()
.withClient("my-client-with-registered-redirect")
.authorizedGrantTypes("authorization_code")
.authorities("ROLE_CLIENT")
.scopes("read", "trust")
.resourceIds("oauth2-resource")
.redirectUris("http://anywhere?key=value")
.and()
.withClient("my-client-with-secret")
.authorizedGrantTypes("client_credentials", "password")
.authorities("ROLE_CLIENT")
.scopes("read")
.resourceIds("oauth2-resource")
.secret("secret");
}
}
Pretty much copied and pasted from https://github.com/dsyer/spring-oauth2-integration-tests/blob/master/vanilla/src/main/java/demo/Application.java
Any insights into what I'm doing wrong?
Upvotes: 1
Views: 1835
Answers (1)
Reputation: 58114
I think you need a MultiValueMap (not a regular Map) to persuade the rest template to send form-encoded data in the request body.
Upvotes: 2
Related Questions
- Spring Integration Tests for Resource Server (based on spring-cloud-starter-oauth2)
- Mock OAuth server for testing
- How to mock authentication and authorization with Spring Security
- How to test spring-security-oauth2 resource server security?
- Spring oauth2 and integration tests
- How to test the spring check_token endpoint
- Automated API testing of OAuth2/OpenID Connect protected API
- Java Spring MVC integration test create OAuth2 Principal
- How to test a resource with OAuth2 and Mock
- Spring OAuth and Boot Integration Test