Examples of OAuth2Authentication

Examples of org.springframework.security.oauth2.provider.OAuth2Authentication

253
254
255
256
257
258
259
260
261
262
263
  public OAuth2Authentication readAuthenticationForRefreshToken(OAuth2RefreshToken token) {
    return readAuthenticationForRefreshToken(token.getValue());
  }

  public OAuth2Authentication readAuthenticationForRefreshToken(String value) {
    OAuth2Authentication authentication = null;

    try {
      authentication = jdbcTemplate.queryForObject(selectRefreshTokenAuthenticationSql,
          new RowMapper<OAuth2Authentication>() {
            public OAuth2Authentication mapRow(ResultSet rs, int rowNum) throws SQLException {
View Full Code Here

Examples of org.springframework.security.oauth2.provider.OAuth2Authentication

84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
  }

  @Override
  public void removeAccessToken(OAuth2AccessToken token) {
    if (approvalStore != null) {
      OAuth2Authentication auth = readAuthentication(token);
      String clientId = auth.getOAuth2Request().getClientId();
      Authentication user = auth.getUserAuthentication();
      if (user != null) {
        Collection<Approval> approvals = new ArrayList<Approval>();
        for (String scope : auth.getOAuth2Request().getScope()) {
          approvals.add(new Approval(user.getName(), clientId, scope, new Date(), ApprovalStatus.APPROVED));
        }
        approvalStore.revokeApprovals(approvals);
      }
    }
View Full Code Here

Examples of org.springframework.security.oauth2.provider.OAuth2Authentication

107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
  public OAuth2RefreshToken readRefreshToken(String tokenValue) {
    OAuth2AccessToken encodedRefreshToken = readAccessToken(tokenValue);
    ExpiringOAuth2RefreshToken refreshToken = new DefaultExpiringOAuth2RefreshToken(encodedRefreshToken.getValue(),
        encodedRefreshToken.getExpiration());
    if (approvalStore != null) {
      OAuth2Authentication authentication = readAuthentication(tokenValue);
      if (authentication.getUserAuthentication() != null) {
        String userId = authentication.getUserAuthentication().getName();
        String clientId = authentication.getOAuth2Request().getClientId();
        Collection<Approval> approvals = approvalStore.getApprovals(userId, clientId);
        Collection<String> approvedScopes = new HashSet<String>();
        for (Approval approval : approvals) {
          if (approval.isApproved()) {
            approvedScopes.add(approval.getScope());
          }
        }
        if (!approvedScopes.containsAll(authentication.getOAuth2Request().getScope())) {
          return null;
        }
      }
    }
    return refreshToken;
View Full Code Here

Examples of org.springframework.security.oauth2.provider.OAuth2Authentication

163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
    this.jwtTokenEnhancer = tokenEnhancer;
  }

  private void remove(String token) {
    if (approvalStore != null) {
      OAuth2Authentication auth = readAuthentication(token);
      String clientId = auth.getOAuth2Request().getClientId();
      Authentication user = auth.getUserAuthentication();
      if (user != null) {
        Collection<Approval> approvals = new ArrayList<Approval>();
        for (String scope : auth.getOAuth2Request().getScope()) {
          approvals.add(new Approval(user.getName(), clientId, scope, new Date(), ApprovalStatus.APPROVED));
        }
        approvalStore.revokeApprovals(approvals);
      }
    }
View Full Code Here

Examples of org.springframework.security.oauth2.provider.OAuth2Authentication

24
25
26
27
28
29
30
31
32
33
34
    return code;
  }

  public OAuth2Authentication consumeAuthorizationCode(String code)
      throws InvalidGrantException {
    OAuth2Authentication auth = this.remove(code);
    if (auth == null) {
      throw new InvalidGrantException("Invalid authorization code: " + code);
    }
    return auth;
  }
View Full Code Here

Examples of org.springframework.security.oauth2.provider.OAuth2Authentication

61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
    if (authorizationCode == null) {
      throw new InvalidRequestException("An authorization code must be supplied.");
    }

    OAuth2Authentication storedAuth = authorizationCodeServices.consumeAuthorizationCode(authorizationCode);
    if (storedAuth == null) {
      throw new InvalidGrantException("Invalid authorization code: " + authorizationCode);
    }

    OAuth2Request pendingOAuth2Request = storedAuth.getOAuth2Request();
    // https://jira.springsource.org/browse/SECOAUTH-333
    // This might be null, if the authorization was done without the redirect_uri parameter
    String redirectUriApprovalParameter = pendingOAuth2Request.getRequestParameters().get(
        OAuth2Utils.REDIRECT_URI);

    if ((redirectUri != null || redirectUriApprovalParameter != null)
        && !pendingOAuth2Request.getRedirectUri().equals(redirectUri)) {
      throw new RedirectMismatchException("Redirect URI mismatch.");
    }

    String pendingClientId = pendingOAuth2Request.getClientId();
    String clientId = tokenRequest.getClientId();
    if (clientId != null && !clientId.equals(pendingClientId)) {
      // just a sanity check.
      throw new InvalidClientException("Client ID mismatch");
    }

    // Secret is not required in the authorization request, so it won't be available
    // in the pendingAuthorizationRequest. We do want to check that a secret is provided
    // in the token request, but that happens elsewhere.

    Map<String, String> combinedParameters = new HashMap<String, String>(pendingOAuth2Request
        .getRequestParameters());
    // Combine the parameters adding the new ones last so they override if there are any clashes
    combinedParameters.putAll(parameters);
   
    // Make a new stored request with the combined parameters
    OAuth2Request finalStoredOAuth2Request = pendingOAuth2Request.createOAuth2Request(combinedParameters);
   
    Authentication userAuth = storedAuth.getUserAuthentication();
   
    return new OAuth2Authentication(finalStoredOAuth2Request, userAuth);

  }
View Full Code Here

Examples of org.springframework.security.oauth2.provider.OAuth2Authentication

19
20
21
22
23
24
25
26
    this.authorizationCodeStore.put(code, authentication);
  }

  @Override
  public OAuth2Authentication remove(String code) {
    OAuth2Authentication auth = this.authorizationCodeStore.remove(code);
    return auth;
  }
View Full Code Here

Examples of org.springframework.security.oauth2.provider.OAuth2Authentication

88
89
90
91
92
93
94
95
96
97
98
99
100
101
  public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response)
      throws AuthenticationException, IOException, ServletException {

    OAuth2AccessToken accessToken = restTemplate.getAccessToken();
    try {
      OAuth2Authentication result = tokenServices.loadAuthentication(accessToken.getValue());
      if (authenticationDetailsSource!=null) {
        request.setAttribute(OAuth2AuthenticationDetails.ACCESS_TOKEN_VALUE, accessToken.getValue());
        result.setDetails(authenticationDetailsSource.buildDetails(request));
      }
      return result;
    }
    catch (InvalidTokenException e) {
      throw new BadCredentialsException("Could not obtain user details from token", e);
View Full Code Here

Examples of org.springframework.security.oauth2.provider.OAuth2Authentication

98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
    if (!(authentication instanceof OAuth2Authentication)) {
      return result;
    }

    OAuth2Authentication oauth2Authentication = (OAuth2Authentication) authentication;
    OAuth2Request clientAuthentication = oauth2Authentication.getOAuth2Request();
    ClientDetails client = clientDetailsService.loadClientByClientId(clientAuthentication.getClientId());
    Set<String> scopes = clientAuthentication.getScope();
    if (oauth2Authentication.isClientOnly() && clientAuthoritiesAreScopes) {
      scopes = AuthorityUtils.authorityListToSet(clientAuthentication.getAuthorities());
    }

    for (ConfigAttribute attribute : attributes) {
      if (this.supports(attribute)) {
View Full Code Here

Examples of org.springframework.security.oauth2.provider.OAuth2Authentication

43
44
45
46
47
48
49
50
51
52
53
        new Object[] { code, new SqlLobValue(SerializationUtils.serialize(authentication)) }, new int[] {
            Types.VARCHAR, Types.BLOB });
  }

  public OAuth2Authentication remove(String code) {
    OAuth2Authentication authentication;

    try {
      authentication = jdbcTemplate.queryForObject(selectAuthenticationSql,
          new RowMapper<OAuth2Authentication>() {
            public OAuth2Authentication mapRow(ResultSet rs, int rowNum)
View Full Code Here
TOP
Copyright © 2018 www.massapi.com. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.