OAuth2身份验证服务的集成测试?

时间:2015-10-14 11:01:54

标签: java spring spring-security spring-security-oauth2

所以我试图学习如何使用Spring Boot服务,决定开始的地方是OAuth2身份验证服务。当然,我想要一些集成测试来确保我的auth正常运行。我的问题是,我可以使用curl获得一个令牌,但是当我尝试抓住一个时,我得到一个400错误和以下JSON 

{"error":"invalid_request","error_description":"Missing grant type"}

我使用的curl命令是

curl -v my-trusted-client:@localhost:9999/oauth/token -d grant_type=password -d username=user -d password=password

集成测试代码

@RunWith(SpringJUnit4ClassRunner.class)
@SpringApplicationConfiguration(classes = AuthApplication.class)
@WebIntegrationTest
public class AuthServiceIntegrationTest {
    @Value("${server.port}")
    private int port;

    @Value("${security.user.name}")
    private String username;

    @Value("${security.user.password}")
    private String password;

    private RestTemplate template = new TestRestTemplate("my-trusted-client","");

    @Test
    public void testTokenGet() throws Exception{
        String url = "http://localhost:"+port+"/oauth/token";
        Map<String, String> data = new HashMap<>();
        data.put("grant_type", "password");
        data.put("username", username);
        data.put("password", password);
        ResponseEntity<String> token = template.postForEntity(url, data, String.class);
        assertEquals(HttpStatus.OK, token.getStatusCode());
    }
}

配置是

@Configuration
@EnableAuthorizationServer
public class OAuthConfiguration extends AuthorizationServerConfigurerAdapter {

     @Autowired
     private AuthenticationManager authenticationManager;

     @Override
     public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
         endpoints.authenticationManager(authenticationManager);
     }

     @Override
     public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
         clients.inMemory()
                .withClient("my-trusted-client")
                    .authorizedGrantTypes("password", "authorization_code", "refresh_token", "implicit")
                    .authorities("ROLE_CLIENT", "ROLE_TRUSTED_CLIENT")
                    .scopes("read", "write", "trust")
                    .resourceIds("oauth2-resource")
                    .accessTokenValiditySeconds(60)
                .and()
                    .withClient("my-client-with-registered-redirect")
                    .authorizedGrantTypes("authorization_code")
                    .authorities("ROLE_CLIENT")
                    .scopes("read", "trust")
                    .resourceIds("oauth2-resource")
                    .redirectUris("http://anywhere?key=value")
                .and()
                    .withClient("my-client-with-secret")
                    .authorizedGrantTypes("client_credentials", "password")
                    .authorities("ROLE_CLIENT")
                    .scopes("read")
                    .resourceIds("oauth2-resource")
                    .secret("secret");
    }
}

几乎从https://github.com/dsyer/spring-oauth2-integration-tests/blob/master/vanilla/src/main/java/demo/Application.java

复制并粘贴

对我做错的任何见解?

1 个答案:

答案 0 :(得分:2)

我认为您需要MultiValueMap(不是常规Map)来说服其余模板在请求正文中发送表单编码数据。

相关问题
最新问题