DMC/oauth2-authorization-server
0
0
Fork 0
Code Issues 5 Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Implement support for user consent #4

Manually merged
ansv7779 merged 13 commits from user-consent into main 2025-04-25 10:22:44 +02:00
Conversation 0 Commits 13 Files Changed 31 +14 -4
2 changed files with 14 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit 119e27f5da - Show all commits

1
src/main/java/se/su/dsv/oauth2/web/oauth2/ConsentController.java
View File

@ -81,6 +81,7 @@ public class ConsentController {
} }
return Arrays.stream(scopeString.split(" ")) return Arrays.stream(scopeString.split(" "))
.filter(s -> !s.isBlank()) .filter(s -> !s.isBlank())
.filter(scope -> !scope.equals("openid"))
.collect(Collectors.toSet()); .collect(Collectors.toSet());
} }

17
src/test/java/se/su/dsv/oauth2/ConsentFlowTest.java
View File

@ -22,6 +22,7 @@ import java.nio.charset.StandardCharsets;
import java.util.Set; import java.util.Set;
import static org.hamcrest.Matchers.containsString; import static org.hamcrest.Matchers.containsString;
import static org.hamcrest.Matchers.not;
import static org.junit.jupiter.api.Assertions.assertNotNull; import static org.junit.jupiter.api.Assertions.assertNotNull;
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get; import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post; import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post;
@ -84,13 +85,20 @@ public class ConsentFlowTest extends AbstractMetadataTest {
@Test @Test
public void shows_requested_scopes() throws Exception { public void shows_requested_scopes() throws Exception {
attemptAuthorizationWithConsentResponseUsingScopes("some-other-end-user", Set.of("openid", "profile")) attemptAuthorizationWithConsentResponseUsingScopes("some-other-end-user", Set.of("openid", "email", "profile"))
.andExpect(status().isOk()) .andExpect(status().isOk())
.andExpectAll( .andExpectAll(
content().string(containsString("openid")), content().string(containsString("email")),
content().string(containsString("profile"))); content().string(containsString("profile")));
} }
@Test
public void does_not_ask_for_consent_for_openid_scope() throws Exception {
attemptAuthorizationWithConsentResponseUsingScopes("some-other-end-user", Set.of("openid", "profile"))
.andExpect(status().isOk())
.andExpect(content().string(not(containsString("openid"))));
}
private ResultActions attemptAuthorizationWithConsentResponse(String principal) throws Exception { private ResultActions attemptAuthorizationWithConsentResponse(String principal) throws Exception {
Set<String> scopes = Set.of(); Set<String> scopes = Set.of();
return attemptAuthorizationWithConsentResponseUsingScopes(principal, scopes); return attemptAuthorizationWithConsentResponseUsingScopes(principal, scopes);
@ -109,8 +117,9 @@ public class ConsentFlowTest extends AbstractMetadataTest {
.andExpect(redirectedUrlPattern("**/oauth2/consent?**")) .andExpect(redirectedUrlPattern("**/oauth2/consent?**"))
.andReturn(); .andReturn();
String consentUrl = result.getResponse().getRedirectedUrl(); String redirectedUrl = result.getResponse().getRedirectedUrl();
assertNotNull(consentUrl, "Should have redirected to the consent page"); assertNotNull(redirectedUrl, "Should have redirected to the consent page");
String consentUrl = URLDecoder.decode(redirectedUrl, StandardCharsets.UTF_8);
return mockMvc.perform(get(consentUrl) return mockMvc.perform(get(consentUrl)
.with(remoteUser(principal))); .with(remoteUser(principal)));