Examples of OAuth2Request

Examples of org.springframework.security.oauth2.provider.OAuth2Request

20
21
22
23
24
25
26
27
28
29
30
public class OAuth2AuthenticationReadConverter implements Converter<DBObject, OAuth2Authentication> {

    @Override
    public OAuth2Authentication convert(DBObject source) {
        DBObject storedRequest = (DBObject)source.get("storedRequest");
        OAuth2Request oAuth2Request = new OAuth2Request((Map<String, String>)storedRequest.get("requestParameters"),
                (String)storedRequest.get("clientId"), null, true, new HashSet((List)storedRequest.get("scope")),
                null, null, null, null);

        DBObject userAuthorization = (DBObject)source.get("userAuthentication");
        Object principal = getPrincipalObject(userAuthorization.get("principal"));
View Full Code Here

Examples of org.springframework.security.oauth2.provider.OAuth2Request

656
657
658
659
660
661
662
663
664
665
666
                            currentId = reader.nextLong();
                        } else if (name.equals("ownerId")) {
                            //not needed
                            reader.skipValue();
                        } else if (name.equals("authentication")) {
                            OAuth2Request clientAuthorization = null;
                            Authentication userAuthentication = null;
                            reader.beginObject();
                            while (reader.hasNext()) {
                                switch (reader.peek()) {
                                    case END_OBJECT:
View Full Code Here

Examples of org.springframework.security.oauth2.provider.OAuth2Request

772
773
774
775
776
777
778
                    reader.skipValue();
                    continue;
            }
        }
        reader.endObject();
        return new OAuth2Request(requestParameters, clientId, authorities, approved, scope, resourceIds, redirectUri, responseTypes, extensions);
    }
View Full Code Here

Examples of org.springframework.security.oauth2.provider.OAuth2Request

244
245
246
247
248
249
250
251
252
253
254
    }
   
    // create a new token
   
    Map<String, String> authorizationParameters = Maps.newHashMap();
    OAuth2Request clientAuth = new OAuth2Request(authorizationParameters, client.getClientId(),
        Sets.newHashSet(new SimpleGrantedAuthority("ROLE_CLIENT")), true,
        scope, null, null, null, null);
    OAuth2Authentication authentication = new OAuth2Authentication(clientAuth, null);

    OAuth2AccessTokenEntity token = new OAuth2AccessTokenEntity();
View Full Code Here

Examples of org.springframework.security.oauth2.provider.OAuth2Request

47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
  public String revoke(@RequestParam("token") String tokenValue, @RequestParam(value = "token_type_hint", required = false) String tokenType, Principal principal, Model model) {

    // This is the token as passed in from OAuth (in case we need it some day)
    //OAuth2AccessTokenEntity tok = tokenServices.getAccessToken((OAuth2Authentication) principal);

    OAuth2Request authRequest = null;
    if (principal instanceof OAuth2Authentication) {
      // if the client is acting on its own behalf (the common case), pull out the client authorization request
      authRequest = ((OAuth2Authentication) principal).getOAuth2Request();
    }

    try {
      // check and handle access tokens first

      OAuth2AccessTokenEntity accessToken = tokenServices.readAccessToken(tokenValue);
      if (authRequest != null) {
        // client acting on its own, make sure it owns the token
        if (!accessToken.getClient().getClientId().equals(authRequest.getClientId())) {
          // trying to revoke a token we don't own, throw a 403
          model.addAttribute("code", HttpStatus.FORBIDDEN);
          return HttpCodeView.VIEWNAME;
        }
      }

      // if we got this far, we're allowed to do this
      tokenServices.revokeAccessToken(accessToken);
      model.addAttribute("code", HttpStatus.OK);
      return HttpCodeView.VIEWNAME;

    } catch (InvalidTokenException e) {

      // access token wasn't found, check the refresh token

      try {
        OAuth2RefreshTokenEntity refreshToken = tokenServices.getRefreshToken(tokenValue);
        if (authRequest != null) {
          // client acting on its own, make sure it owns the token
          if (!refreshToken.getClient().getClientId().equals(authRequest.getClientId())) {
            // trying to revoke a token we don't own, throw a 403
            model.addAttribute("code", HttpStatus.FORBIDDEN);
            return HttpCodeView.VIEWNAME;
          }
        }
View Full Code Here

Examples of org.springframework.security.oauth2.provider.OAuth2Request

314
315
316
317
318
319
320
321
322
323
324
                            currentId = reader.nextLong();
                        } else if (name.equals("ownerId")) {
                            //not needed
                            reader.skipValue();
                        } else if (name.equals("authentication")) {
                            OAuth2Request clientAuthorization = null;
                            Authentication userAuthentication = null;
                            reader.beginObject();
                            while (reader.hasNext()) {
                                switch (reader.peek()) {
                                    case END_OBJECT:
View Full Code Here

Examples of org.springframework.security.oauth2.provider.OAuth2Request

108
109
110
111
112
113
114
115
116
117
118
    Mockito.reset(tokenRepository, authenticationHolderRepository, clientDetailsService, tokenEnhancer);



    authentication = Mockito.mock(OAuth2Authentication.class);
    OAuth2Request clientAuth = new OAuth2Request(null, clientId, null, true, scope, null, null, null, null);
    Mockito.when(authentication.getOAuth2Request()).thenReturn(clientAuth);

    client = Mockito.mock(ClientDetailsEntity.class);
    Mockito.when(client.getClientId()).thenReturn(clientId);
    Mockito.when(clientDetailsService.loadClientByClientId(clientId)).thenReturn(client);
View Full Code Here

Examples of org.springframework.security.oauth2.provider.OAuth2Request

423
424
425
426
427
428
429
                    reader.skipValue();
                    continue;
            }
        }
        reader.endObject();
        return new OAuth2Request(authorizationParameters, clientId, authorities, approved, scope, resourceIds, redirectUri, responseTypes, null);
    }
View Full Code Here

Examples of org.springframework.security.oauth2.provider.OAuth2Request

227
228
229
230
231
232
233
234
235
236
237
   * Tests the creation of access tokens for clients that are allowed to have refresh tokens.
   */
  @Test
  public void createAccessToken_yesRefresh() {

    OAuth2Request clientAuth = new OAuth2Request(null, clientId, null, true, Sets.newHashSet(SystemScopeService.OFFLINE_ACCESS), null, null, null, null);
    Mockito.when(authentication.getOAuth2Request()).thenReturn(clientAuth);
    Mockito.when(client.isAllowRefresh()).thenReturn(true);

    OAuth2AccessTokenEntity token = service.createAccessToken(authentication);

View Full Code Here

Examples of org.springframework.security.oauth2.provider.OAuth2Request

219
220
221
222
223
224
225
    private OAuth2Request request(String clientId) {
        return request(clientId, null);
    }

    private OAuth2Request request(String clientId, Set<String> scopes) {
        return new OAuth2Request(null, clientId, null, true, scopes, null, null, null, null);
    }
View Full Code Here
TOP
Copyright © 2018 www.massapi.com. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.