oidcLogin MockMvc Documentation

Remove documentation requiring a valid ClientRegistrationRepository

Issue: gh-7618

samples/boot/oauth2login/src/test/java/sample/web/OAuth2LoginControllerTests.java

@@ -23,12 +23,11 @@ import org.junit.runner.RunWith;
 
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.boot.test.autoconfigure.web.servlet.WebMvcTest;
+import org.springframework.boot.test.context.TestConfiguration;
+import org.springframework.boot.test.mock.mockito.MockBean;
 import org.springframework.context.annotation.Bean;
-import org.springframework.context.annotation.Configuration;
-import org.springframework.context.annotation.Import;
 import org.springframework.security.oauth2.client.registration.ClientRegistration;
 import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository;
-import org.springframework.security.oauth2.client.registration.InMemoryClientRegistrationRepository;
 import org.springframework.security.oauth2.client.web.HttpSessionOAuth2AuthorizedClientRepository;
 import org.springframework.security.oauth2.client.web.OAuth2AuthorizedClientRepository;
 import org.springframework.security.oauth2.core.AuthorizationGrantType;
@@ -46,20 +45,23 @@ import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.
  * @author Josh Cummings
  */
 @RunWith(SpringRunner.class)
-@WebMvcTest
-@Import({OAuth2LoginController.class, OAuth2LoginControllerTests.OAuth2ClientConfig.class})
+@WebMvcTest(OAuth2LoginController.class)
 public class OAuth2LoginControllerTests {
 
-	static ClientRegistration clientRegistration = ClientRegistration.withRegistrationId("test")
-			.authorizationGrantType(AuthorizationGrantType.PASSWORD)
-			.clientId("my-client-id")
-			.clientName("my-client-name")
-			.tokenUri("https://token-uri.example.org")
-			.build();
-
 	@Autowired
 	MockMvc mvc;
 
+	@MockBean
+	ClientRegistrationRepository clientRegistrationRepository;
+
+	@TestConfiguration
+	static class AuthorizedClient {
+		@Bean
+		public OAuth2AuthorizedClientRepository authorizedClientRepository() {
+			return new HttpSessionOAuth2AuthorizedClientRepository();
+		}
+	}
+
 	@Test
 	public void rootWhenAuthenticatedReturnsUserAndClient() throws Exception {
 		this.mvc.perform(get("/").with(oidcLogin()))
@@ -70,6 +72,13 @@ public class OAuth2LoginControllerTests {
 
 	@Test
 	public void rootWhenOverridingClientRegistrationReturnsAccordingly() throws Exception {
+		ClientRegistration clientRegistration = ClientRegistration.withRegistrationId("test")
+				.authorizationGrantType(AuthorizationGrantType.PASSWORD)
+				.clientId("my-client-id")
+				.clientName("my-client-name")
+				.tokenUri("https://token-uri.example.org")
+				.build();
+
 		this.mvc.perform(get("/").with(oidcLogin()
 				.clientRegistration(clientRegistration)
 				.idToken(i -> i.subject("spring-security"))))
@@ -77,18 +86,4 @@ public class OAuth2LoginControllerTests {
 				.andExpect(model().attribute("clientName", "my-client-name"))
 				.andExpect(model().attribute("userAttributes", Collections.singletonMap(SUB, "spring-security")));
 	}
-
-	@Configuration
-	static class OAuth2ClientConfig {
-
-		@Bean
-		ClientRegistrationRepository clientRegistrationRepository() {
-			return new InMemoryClientRegistrationRepository(clientRegistration);
-		}
-
-		@Bean
-		OAuth2AuthorizedClientRepository authorizedClientRepository() {
-			return new HttpSessionOAuth2AuthorizedClientRepository();
-		}
-	}
 }

test/src/main/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessors.java

@@ -1161,10 +1161,6 @@ public final class SecurityMockMvcRequestPostProcessors {
 		 * annotations should register an {@link HttpSessionOAuth2AuthorizedClientRepository} bean
 		 * to the application context.
 		 *
-		 * The client registration must be a valid {@link ClientRegistration} from the
-		 * {@link org.springframework.security.oauth2.client.registration.ClientRegistrationRepository}
-		 * in the application context.
-		 *
 		 * @param clientRegistration the {@link ClientRegistration} to use
 		 * @return the {@link OidcLoginRequestPostProcessor} for further configuration
 		 */

test/src/test/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessorsOidcLoginTests.java

@@ -34,11 +34,9 @@ import org.springframework.security.core.annotation.AuthenticationPrincipal;
 import org.springframework.security.core.authority.SimpleGrantedAuthority;
 import org.springframework.security.oauth2.client.OAuth2AuthorizedClient;
 import org.springframework.security.oauth2.client.annotation.RegisteredOAuth2AuthorizedClient;
-import org.springframework.security.oauth2.client.registration.ClientRegistration;
 import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository;
 import org.springframework.security.oauth2.client.web.HttpSessionOAuth2AuthorizedClientRepository;
 import org.springframework.security.oauth2.client.web.OAuth2AuthorizedClientRepository;
-import org.springframework.security.oauth2.core.AuthorizationGrantType;
 import org.springframework.security.oauth2.core.oidc.user.OidcUser;
 import org.springframework.security.test.context.TestSecurityContextHolder;
 import org.springframework.test.context.ContextConfiguration;
@@ -52,9 +50,7 @@ import org.springframework.web.bind.annotation.RestController;
 import org.springframework.web.context.WebApplicationContext;
 import org.springframework.web.servlet.config.annotation.EnableWebMvc;
 
-import static org.mockito.ArgumentMatchers.anyString;
 import static org.mockito.Mockito.mock;
-import static org.powermock.api.mockito.PowerMockito.when;
 import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.oidcLogin;
 import static org.springframework.security.test.web.servlet.setup.SecurityMockMvcConfigurers.springSecurity;
 import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
@@ -105,15 +101,7 @@ public class SecurityMockMvcRequestPostProcessorsOidcLoginTests {
 	public void oidcLoginWhenUsingDefaultsThenProducesDefaultAuthorizedClient()
 			throws Exception {
 
-		ClientRegistration clientRegistration = ClientRegistration.withRegistrationId("test")
-				.authorizationGrantType(AuthorizationGrantType.PASSWORD)
-				.clientId("test-client")
-				.tokenUri("https://token-uri.example.org")
-				.build();
-		ClientRegistrationRepository repository = this.context.getBean(ClientRegistrationRepository.class);
-		when(repository.findByRegistrationId(anyString())).thenReturn(clientRegistration);
-
-		this.mvc.perform(get("/access-token").with(oidcLogin().clientRegistration(clientRegistration)))
+		this.mvc.perform(get("/access-token").with(oidcLogin()))
 				.andExpect(content().string("access-token"));
 	}