Package org.mitre.oauth2.model

Examples of org.mitre.oauth2.model.AuthenticationHolderEntity


  }

  @RequestMapping(value = "/refresh/{id}", method = RequestMethod.DELETE, produces = "application/json")
  public String deleteRefreshTokenById(@PathVariable("id") Long id, ModelMap m, Principal p) {

    OAuth2RefreshTokenEntity token = tokenService.getRefreshTokenById(id);

    if (token == null) {
      logger.error("refresh token not found: " + id);
      m.put("code", HttpStatus.NOT_FOUND);
      m.put("errorMessage", "The requested token with id " + id + " could not be found.");
      return JsonErrorView.VIEWNAME;
    } else if (!token.getAuthenticationHolder().getAuthentication().getName().equals(p.getName())) {
      logger.error("refresh token " + id + " does not belong to principal " + p.getName());
      m.put("code", HttpStatus.FORBIDDEN);
      m.put("errorMessage", "You do not have permission to view this token");
      return JsonErrorView.VIEWNAME;
    } else {
View Full Code Here


    } catch (InvalidTokenException e) {

      // access token wasn't found, check the refresh token

      try {
        OAuth2RefreshTokenEntity refreshToken = tokenServices.getRefreshToken(tokenValue);
        if (authRequest != null) {
          // client acting on its own, make sure it owns the token
          if (!refreshToken.getClient().getClientId().equals(authRequest.getClientId())) {
            // trying to revoke a token we don't own, throw a 403
            model.addAttribute("code", HttpStatus.FORBIDDEN);
            return HttpCodeView.VIEWNAME;
          }
        }
View Full Code Here

    @Test
    public void shouldAssembleExpectedResultForRefreshToken() {

        // given
        OAuth2RefreshTokenEntity refreshToken = refreshToken(new Date(123),
                authentication("name", request("clientId", scopes("foo""bar"))));

        UserInfo userInfo = userInfo("sub");

        // when
View Full Code Here

    @Test
    public void shouldAssembleExpectedResultForRefreshTokenWithoutUserInfo() {

        // given
        OAuth2RefreshTokenEntity refreshToken = refreshToken(new Date(123),
                authentication("name", request("clientId", scopes("foo""bar"))));

        // when
        Map<String, Object> result = assembler.assembleFrom(refreshToken, null);
View Full Code Here

    @Test
    public void shouldAssembleExpectedResultForRefreshTokenWithoutExpiry() {

        // given
        OAuth2RefreshTokenEntity refreshToken = refreshToken(null,
                authentication("name", request("clientId", scopes("foo""bar"))));

        UserInfo userInfo = userInfo("sub");

        // when
View Full Code Here

        given(accessToken.getAuthenticationHolder().getAuthentication()).willReturn(authentication);
        return accessToken;
    }

    private OAuth2RefreshTokenEntity refreshToken(Date exp, OAuth2Authentication authentication) {
        OAuth2RefreshTokenEntity refreshToken = mock(OAuth2RefreshTokenEntity.class, RETURNS_DEEP_STUBS);
        given(refreshToken.getExpiration()).willReturn(exp);
        given(refreshToken.getAuthenticationHolder().getAuthentication()).willReturn(authentication);
        return refreshToken;
    }
View Full Code Here

  @Test
  public void getClientConfiguration_useStatic() {

    Mockito.when(mockStaticService.getClientConfiguration(mockServerConfig)).thenReturn(mockClient);

    RegisteredClient result = hybridService.getClientConfiguration(mockServerConfig);

    Mockito.verify(mockStaticService).getClientConfiguration(mockServerConfig);
    Mockito.verify(mockDynamicService, Mockito.never()).getClientConfiguration(Matchers.any(ServerConfiguration.class));
    assertEquals(mockClient, result);
  }
View Full Code Here

  public void getClientConfiguration_useDynamic() {

    Mockito.when(mockStaticService.getClientConfiguration(mockServerConfig)).thenReturn(null);
    Mockito.when(mockDynamicService.getClientConfiguration(mockServerConfig)).thenReturn(mockClient);

    RegisteredClient result = hybridService.getClientConfiguration(mockServerConfig);

    Mockito.verify(mockStaticService).getClientConfiguration(mockServerConfig);
    Mockito.verify(mockDynamicService).getClientConfiguration(mockServerConfig);
    assertEquals(mockClient, result);
  }
View Full Code Here

    // But oh noes! We're going to ask it to find us some other issuer
    ServerConfiguration badIssuer = Mockito.mock(ServerConfiguration.class);
    Mockito.when(badIssuer.getIssuer()).thenReturn("www.badexample.com");

    RegisteredClient result = hybridService.getClientConfiguration(badIssuer);

    Mockito.verify(mockStaticService).getClientConfiguration(badIssuer);
    Mockito.verify(mockDynamicService).getClientConfiguration(badIssuer);
    assertThat(result, is(nullValue()));
  }
View Full Code Here

        OAuth2AccessTokenEntity token = connectTokenService.createResourceAccessToken(savedClient);
        tokenService.saveAccessToken(token);

        // send it all out to the view

        RegisteredClient registered = new RegisteredClient(savedClient, token.getValue(), config.getIssuer() + "resource/" + UriUtils.encodePathSegment(savedClient.getClientId(), "UTF-8"));
        m.addAttribute("client", registered);
        m.addAttribute("code", HttpStatus.CREATED); // http 201

        return ClientInformationResponseView.VIEWNAME;
      } catch (UnsupportedEncodingException e) {
View Full Code Here

TOP

Related Classes of org.mitre.oauth2.model.AuthenticationHolderEntity

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.