Polish OpaqueTokenAuthenticationConverterTests

Issue gh-11665

config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/server/resource/OAuth2ResourceServerConfigurerTests.java

@@ -1391,11 +1391,10 @@ public class OAuth2ResourceServerConfigurerTests {
 	}
 
 	@Test
-	public void getWhenCustomAuthenticationConverterThenConverts() throws Exception {
+	public void getWhenCustomAuthenticationConverterThenUsed() throws Exception {
 		this.spring.register(RestOperationsConfig.class, OpaqueTokenAuthenticationConverterConfig.class,
 				BasicController.class).autowire();
-		OpaqueTokenAuthenticationConverter authenticationConverter = this.spring.getContext()
-				.getBean(OpaqueTokenAuthenticationConverter.class);
+		OpaqueTokenAuthenticationConverter authenticationConverter = bean(OpaqueTokenAuthenticationConverter.class);
 		given(authenticationConverter.convert(anyString(), any(OAuth2AuthenticatedPrincipal.class)))
 				.willReturn(new TestingAuthenticationToken("jdoe", null, Collections.emptyList()));
 		mockRestOperations(json("Active"));
@@ -1404,6 +1403,7 @@ public class OAuth2ResourceServerConfigurerTests {
 				.andExpect(status().isOk())
 				.andExpect(content().string("jdoe"));
 		// @formatter:on
+		verify(authenticationConverter).convert(any(), any());
 	}
 
 	private static <T> void registerMockBean(GenericApplicationContext context, String name, Class<T> clazz) {

config/src/test/java/org/springframework/security/config/http/OAuth2ResourceServerBeanDefinitionParserTests.java

@@ -23,7 +23,6 @@ import java.security.interfaces.RSAPublicKey;
 import java.time.Clock;
 import java.time.Instant;
 import java.time.ZoneId;
-import java.util.Collection;
 import java.util.Collections;
 import java.util.HashMap;
 import java.util.List;
@@ -69,17 +68,14 @@ import org.springframework.http.HttpStatus;
 import org.springframework.http.MediaType;
 import org.springframework.http.RequestEntity;
 import org.springframework.http.ResponseEntity;
-import org.springframework.security.authentication.AbstractAuthenticationToken;
 import org.springframework.security.authentication.AuthenticationManagerResolver;
 import org.springframework.security.authentication.AuthenticationServiceException;
+import org.springframework.security.authentication.TestingAuthenticationToken;
 import org.springframework.security.config.http.OAuth2ResourceServerBeanDefinitionParser.JwtBeanDefinitionParser;
 import org.springframework.security.config.http.OAuth2ResourceServerBeanDefinitionParser.OpaqueTokenBeanDefinitionParser;
 import org.springframework.security.config.test.SpringTestContext;
 import org.springframework.security.config.test.SpringTestContextExtension;
-import org.springframework.security.core.Authentication;
-import org.springframework.security.core.GrantedAuthority;
 import org.springframework.security.core.context.SecurityContextHolderStrategy;
-import org.springframework.security.oauth2.core.OAuth2AuthenticatedPrincipal;
 import org.springframework.security.oauth2.core.OAuth2Error;
 import org.springframework.security.oauth2.core.OAuth2TokenValidator;
 import org.springframework.security.oauth2.core.OAuth2TokenValidatorResult;
@@ -673,13 +669,13 @@ public class OAuth2ResourceServerBeanDefinitionParserTests {
 		this.spring.configLocations(xml("OpaqueTokenRestOperations"), xml("OpaqueTokenAndAuthenticationConverter"))
 				.autowire();
 		mockRestOperations(json("Active"));
+		OpaqueTokenAuthenticationConverter converter = bean(OpaqueTokenAuthenticationConverter.class);
+		given(converter.convert(any(), any())).willReturn(new TestingAuthenticationToken("user", "pass", "app"));
 		// @formatter:off
 		this.mvc.perform(get("/authenticated").header("Authorization", "Bearer token"))
 				.andExpect(status().isNotFound());
-
-		this.mvc.perform(get("/authenticated").header("Authorization", "Bearer invalidToken"))
-				.andExpect(status().isUnauthorized());
 		// @formatter:on
+		verify(converter).convert(any(), any());
 	}
 
 	@Test
@@ -1116,39 +1112,4 @@ public class OAuth2ResourceServerBeanDefinitionParserTests {
 
 	}
 
-	public static class TestAuthentication extends AbstractAuthenticationToken {
-
-		private final String introspectedToken;
-
-		public TestAuthentication(String introspectedToken, Collection<? extends GrantedAuthority> authorities) {
-			super(authorities);
-			this.introspectedToken = introspectedToken;
-		}
-
-		@Override
-		public Object getCredentials() {
-			return this.introspectedToken;
-		}
-
-		@Override
-		public Object getPrincipal() {
-			return this.introspectedToken;
-		}
-
-		@Override
-		public boolean isAuthenticated() {
-			return "token".equals(this.introspectedToken);
-		}
-
-	}
-
-	public static class TestOpaqueTokenAuthenticationConverter implements OpaqueTokenAuthenticationConverter {
-
-		@Override
-		public Authentication convert(String introspectedToken, OAuth2AuthenticatedPrincipal authenticatedPrincipal) {
-			return new TestAuthentication(introspectedToken, Collections.emptyList());
-		}
-
-	}
-
 }

config/src/test/resources/org/springframework/security/config/http/OAuth2ResourceServerBeanDefinitionParserTests-OpaqueTokenAndAuthenticationConverter.xml

@@ -22,7 +22,8 @@
 		http://www.springframework.org/schema/beans https://www.springframework.org/schema/beans/spring-beans.xsd">
 
 	<b:bean name="authentication-converter"
-			class="org.springframework.security.config.http.OAuth2ResourceServerBeanDefinitionParserTests$TestOpaqueTokenAuthenticationConverter">
+			class="org.mockito.Mockito" factory-method="mock">
+		<b:constructor-arg value="org.springframework.security.oauth2.server.resource.introspection.OpaqueTokenAuthenticationConverter"/>
 	</b:bean>
 
 	<http>