Samsung · m-rudyk · Oct 24, 2023 · Oct 23, 2023 · Oct 23, 2023 · Oct 24, 2023
@@ -5,7 +5,7 @@
  * found in the LICENSE file.
  */
 
-package com.lpvs.auth;
+package com.lpvs.entity.auth;
 
 import com.lpvs.entity.LPVSMember;
 import lombok.Getter;

@@ -5,12 +5,13 @@
  * found in the LICENSE file.
  */
 
-package com.lpvs.auth;
+package com.lpvs.entity.auth;
 
 import java.util.Arrays;
 import java.util.Map;
 import java.util.function.Function;
 
+@SuppressWarnings("unchecked")
 public enum OAuthAttributes {
     GOOGLE("google", (attributes) -> {
         MemberProfile memberProfile = new MemberProfile();
@@ -55,7 +56,8 @@ public enum OAuthAttributes {
         this.of = of;
     }
 
-    public static MemberProfile extract(String registrationId, Map<String, Object> attributes) {
+    public static MemberProfile 
+    extract(String registrationId, Map<String, Object> attributes) {
         return Arrays.stream(values())
                 .filter(provider -> registrationId.equals(provider.registrationId))
                 .findFirst()

@@ -5,11 +5,13 @@
  * found in the LICENSE file.
  */
 
-package com.lpvs.auth;
+package com.lpvs.entity.auth;
 
 import com.lpvs.entity.LPVSMember;
 import com.lpvs.repository.LPVSMemberRepository;
 import lombok.RequiredArgsConstructor;
+
+import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.security.core.authority.SimpleGrantedAuthority;
 import org.springframework.security.oauth2.client.userinfo.DefaultOAuth2UserService;
 import org.springframework.security.oauth2.client.userinfo.OAuth2UserRequest;
@@ -28,10 +30,18 @@
 public class OAuthService implements OAuth2UserService<OAuth2UserRequest, OAuth2User> {
 
     private final LPVSMemberRepository lpvsMemberRepository;
+
+    private DefaultOAuth2UserService oAuth2UserService = null;
+
+    @Autowired
+    public OAuthService(LPVSMemberRepository lpvsMemberRepository, DefaultOAuth2UserService oAuth2UserService) {
+        this.lpvsMemberRepository = lpvsMemberRepository;
+        this.oAuth2UserService = oAuth2UserService;
+    }   
 
     @Override
     public OAuth2User loadUser(OAuth2UserRequest userRequest) throws OAuth2AuthenticationException {
-        OAuth2UserService delegate = new DefaultOAuth2UserService();
+        OAuth2UserService <OAuth2UserRequest, OAuth2User> delegate = (null != oAuth2UserService)? oAuth2UserService : new DefaultOAuth2UserService();
         OAuth2User oAuth2User = delegate.loadUser(userRequest);
 
         String registrationId = userRequest.getClientRegistration().getRegistrationId();
@@ -49,6 +59,7 @@ public OAuth2User loadUser(OAuth2UserRequest userRequest) throws OAuth2Authentic
 
         Map<String, Object> customAttribute = customAttribute(attributes, userNameAttributeName,
                 memberProfile, registrationId);
+
 
         return new DefaultOAuth2User(Collections.singleton(new SimpleGrantedAuthority("USER")),
                 customAttribute,

@@ -5,18 +5,30 @@
  * found in the LICENSE file.
  */
 
-package com.lpvs.auth;
+package com.lpvs.entity.auth;
 
 import lombok.RequiredArgsConstructor;
+
+import java.io.IOException;
+import java.nio.charset.StandardCharsets;
+
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.context.annotation.Bean;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.oauth2.core.user.OAuth2User;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.web.SecurityFilterChain;
+import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
 import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
 import org.springframework.web.cors.CorsConfiguration;
 import org.springframework.web.cors.CorsConfigurationSource;
 import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
+import org.springframework.web.util.UriComponentsBuilder;
 
 @EnableWebSecurity
 @RequiredArgsConstructor
@@ -48,7 +60,23 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
                 .anyRequest().permitAll()
                 .and()
                 .oauth2Login()
-                .successHandler(new MyAuthenticationSuccessHandler())
+                .successHandler(new AuthenticationSuccessHandler() {
+                    @Value("${frontend.main-page.url:}")
+                    private String frontendMainPageUrl;
+
+                    private String REDIRECT_URI = frontendMainPageUrl+"/login/callback";
+
+                    @Override
+                    public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException {
+                        OAuth2User oAuth2User = (OAuth2User) authentication.getPrincipal();
+                        System.out.println("oAuth2User = " + oAuth2User);
+
+                        response.sendRedirect(UriComponentsBuilder.fromUriString(REDIRECT_URI)
+                                .queryParam("accessToken", "accessToken")
+                                .queryParam("refreshToken", "refreshToken")
+                                .build().encode(StandardCharsets.UTF_8).toUriString());
+                    }
+                })
                 .defaultSuccessUrl(frontendMainPageUrl, true)
                 .userInfoEndpoint()
                 .userService(oAuthService);

@@ -0,0 +1,41 @@
+/**
+ * Copyright (c) 2023, Samsung Electronics Co., Ltd. All rights reserved.
+ * <p>
+ * Use of this source code is governed by a MIT license that can be
+ * found in the LICENSE file.
+ */
+
+package com.lpvs.entity.auth;
+
+import org.junit.jupiter.api.Test;
+
+import com.lpvs.entity.LPVSMember;
+
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertNull;
+
+
+public class MemberProfileTest {
+
+    @Test
+    public void testConstructor() {
+        MemberProfile profile = new MemberProfile();
+        assertNull(profile.getName());
+        assertNull(profile.getEmail());
+        assertNull(profile.getProvider());
+        assertNull(profile.getNickname());
+    }
+
+    @Test
+    public void testToMember() {
+        MemberProfile profile = new MemberProfile();
+        profile.setName("John");
+        profile.setEmail("[email protected]");
+        profile.setProvider("OAuth2");
+        LPVSMember member = profile.toMember();
+
+        assertEquals("John", member.getName());
+        assertEquals("[email protected]", member.getEmail());
+        assertEquals("OAuth2", member.getProvider());
+    }
+}
@@ -0,0 +1,40 @@
+/**
+ * Copyright (c) 2023, Samsung Electronics Co., Ltd. All rights reserved.
+ * <p>
+ * Use of this source code is governed by a MIT license that can be
+ * found in the LICENSE file.
+ */
+
+package com.lpvs.entity.auth;
+
+import org.junit.jupiter.api.Test;
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertThrows;
+
+import java.util.HashMap;
+import java.util.Map;
+
+public class OAuthAttributesTest {
+
+    @Test
+    public void testExtractOAuthAttributes() {
+        Map<String, Object> attributes = new HashMap<String, Object>() {{
+            put("name", "testName");
+            put("email", "testEmail");
+        }};;
+        MemberProfile profile = OAuthAttributes.extract("google", attributes);
+        assertEquals("testName", profile.getName());
+        assertEquals("testEmail", profile.getEmail());
+    }
+
+    @Test
+    public void testExtractOAuthAttributesUnknownProvider() {
+        Map<String, Object> attributes = new HashMap<String, Object>() {{
+            put("name", "testName");
+            put("email", "testEmail");
+        }};;
+        assertThrows(IllegalArgumentException.class, () -> {
+            OAuthAttributes.extract("unknown", attributes);
+        });
+    }
+}
@@ -0,0 +1,62 @@
+package com.lpvs.entity.auth;
+
+import com.lpvs.repository.LPVSMemberRepository;
+
+import org.junit.jupiter.api.Test;
+import org.mockito.Mockito;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
+import org.springframework.security.oauth2.client.registration.ClientRegistration;
+import org.springframework.security.oauth2.client.userinfo.DefaultOAuth2UserService;
+import org.springframework.security.oauth2.client.userinfo.OAuth2UserService;
+import org.springframework.security.oauth2.client.userinfo.OAuth2UserRequest;
+import org.springframework.security.oauth2.core.AuthorizationGrantType;
+import org.springframework.security.oauth2.core.OAuth2AccessToken;
+import org.springframework.security.oauth2.core.OAuth2AuthenticationException;
+import org.springframework.security.oauth2.core.user.DefaultOAuth2User;
+import org.springframework.security.oauth2.core.user.OAuth2User;
+import java.util.Collections;
+import java.util.LinkedHashMap;
+import java.util.Map;
+import static org.mockito.Mockito.*;
+import static org.junit.jupiter.api.Assertions.assertEquals;
+
+public class OAuthServiceTest {
+
+    @Test
+    public void testLoadUser() throws OAuth2AuthenticationException {
+
+        // Create a mock LPVSMemberRepository
+        LPVSMemberRepository lpvsMemberRepository = mock(LPVSMemberRepository.class);
+
+        // Create a sample OAuth2UserRequest
+        ClientRegistration clientRegistration = ClientRegistration
+                .withRegistrationId("google")
+                .userInfoUri("https://example.com/userinfo")
+                .userNameAttributeName("email")
+                .authorizationGrantType(AuthorizationGrantType.PASSWORD)
+                .clientId("id")
+                .tokenUri("https://example.com/tokenuri")
+                .build();
+        OAuth2UserRequest userRequest = new OAuth2UserRequest(
+                clientRegistration,
+                new OAuth2AccessToken(OAuth2AccessToken.TokenType.BEARER, "access-token", null, null));
+
+        Map<String, Object> attributes = new LinkedHashMap<>();
+        attributes.put("email", "testEmail");
+        attributes.put("name", "testName");
+        OAuth2User oAuth2User = new DefaultOAuth2User(Collections.singleton(new SimpleGrantedAuthority("USER")), attributes, "email");
+
+        // Mock the behavior of DefaultOAuth2UserService
+        DefaultOAuth2UserService defaultUserService = Mockito.mock(DefaultOAuth2UserService.class);
+        when(defaultUserService.loadUser(userRequest)).thenReturn(oAuth2User);
+
+        // Create an instance of your OAuthService with the mocked DefaultOAuth2UserService
+        OAuthService oAuthService = new OAuthService(lpvsMemberRepository, defaultUserService);
+
+        OAuth2User loadedUser = oAuthService.loadUser(userRequest);
+
+        assertEquals("testEmail", loadedUser.getAttribute("email"));
+        assertEquals("testName", loadedUser.getAttribute("name"));
+        assertEquals("google", loadedUser.getAttribute("provider"));
+    }
+}