Package org.springframework.security.oauth.provider

Examples of org.springframework.security.oauth.provider.ConsumerAuthentication


    filter.doFilter(request, response, filterChain);

    verify(filterChain).doFilter(null, null);
    verify(request).setAttribute(OAuthProviderProcessingFilter.OAUTH_PROCESSING_HANDLED, Boolean.TRUE);
    ConsumerAuthentication authentication = (ConsumerAuthentication) SecurityContextHolder.getContext()
        .getAuthentication();
    assertSame(consumerDetails, authentication.getConsumerDetails());
    assertEquals("tokenvalue", authentication.getConsumerCredentials().getToken());
    assertEquals("methodvalue", authentication.getConsumerCredentials().getSignatureMethod());
    assertEquals("signaturevalue", authentication.getConsumerCredentials().getSignature());
    assertEquals("sigbasestring", authentication.getConsumerCredentials().getSignatureBaseString());
    assertEquals("consumerKey", authentication.getConsumerCredentials().getConsumerKey());
    assertTrue(authentication.isSignatureValidated());
    SecurityContextHolder.getContext().setAuthentication(null);
    assertTrue(triggers[0]);
    assertTrue(triggers[1]);
    Arrays.fill(triggers, false);
  }
View Full Code Here


    when(tokenServices.getToken("token")).thenReturn(token);
    filter.setSignatureMethodFactory(signatureFactory);
    when(token.getSecret()).thenReturn("shhh!!!");
    when(signatureFactory.getSignatureMethod("method", secret, "shhh!!!")).thenReturn(sigMethod);

    ConsumerAuthentication authentication = new ConsumerAuthentication(details, credentials);
    filter.validateSignature(authentication);

    verify(sigMethod).verify("base", "sig");
  }
View Full Code Here

    AccessTokenProcessingFilter filter = new AccessTokenProcessingFilter();
    filter.setTokenServices(tokenServices);

    when(tokenServices.createAccessToken("tok")).thenReturn(token);
    ConsumerAuthentication authentication = new ConsumerAuthentication(consumerDetails, creds);
    assertSame(token, filter.createOAuthToken(authentication));
  }
View Full Code Here

    StringWriter writer = new StringWriter();
    when(response.getWriter()).thenReturn(new PrintWriter(writer));
    response.flushBuffer();
    TreeMap<String, String> params = new TreeMap<String, String>();
    params.put(OAuthConsumerParameter.oauth_callback.toString(), "mycallback");
    ConsumerAuthentication authentication = new ConsumerAuthentication(consumerDetails, creds, params);
    authentication.setAuthenticated(true);
    SecurityContextHolder.getContext().setAuthentication(authentication);

    filter.onValidSignature(request, response, filterChain);

    assertEquals("oauth_token=tokvalue&oauth_token_secret=shhhhhh&oauth_callback_confirmed=true", writer.toString());
View Full Code Here

    when(consumerDetails.getConsumerKey()).thenReturn("chi");
    when(consumerDetails.getAuthorities()).thenReturn(new ArrayList<GrantedAuthority>());
    when(tokenServices.createUnauthorizedRequestToken("chi", "callback")).thenReturn(token);
    TreeMap<String, String> map = new TreeMap<String, String>();
    map.put(OAuthConsumerParameter.oauth_callback.toString(), "callback");
    ConsumerAuthentication authentication = new ConsumerAuthentication(consumerDetails, creds, map);

    assertSame(token, filter.createOAuthToken(authentication));
  }
View Full Code Here

    ProtectedResourceProcessingFilter filter = new ProtectedResourceProcessingFilter();
    HttpServletRequest request = mock(HttpServletRequest.class);
    HttpServletResponse response = mock(HttpServletResponse.class);
    FilterChain chain = mock(FilterChain.class);
    ConsumerCredentials creds = new ConsumerCredentials("key", "sig", "meth", "base", "tok");
    ConsumerAuthentication authentication = new ConsumerAuthentication(mock(ConsumerDetails.class), creds);
    authentication.setAuthenticated(true);
    SecurityContextHolder.getContext().setAuthentication(authentication);
    OAuthProviderTokenServices tokenServices = mock(OAuthProviderTokenServices.class);
    OAuthAccessProviderToken token = mock(OAuthAccessProviderToken.class);
    filter.setTokenServices(tokenServices);
View Full Code Here

  protected boolean allowMethod(String method) {
    return allowAllMethods || super.allowMethod(method);
  }

  protected void onValidSignature(HttpServletRequest request, HttpServletResponse response, FilterChain chain) throws IOException, ServletException {
    ConsumerAuthentication authentication = (ConsumerAuthentication) SecurityContextHolder.getContext().getAuthentication();
    String token = authentication.getConsumerCredentials().getToken();
    OAuthAccessProviderToken accessToken = null;
    if (StringUtils.hasText(token)) {
      OAuthProviderToken authToken = getTokenServices().getToken(token);
      if (authToken == null) {
        throw new AccessDeniedException("Invalid access token.");
      }
      else if (!authToken.isAccessToken()) {
        throw new AccessDeniedException("Token should be an access token.");
      }
      else if (authToken instanceof OAuthAccessProviderToken) {
        accessToken = (OAuthAccessProviderToken) authToken;
      }
    }
    else if ((!(authentication.getConsumerDetails() instanceof ExtraTrustConsumerDetails)) ||
      ((ExtraTrustConsumerDetails)authentication.getConsumerDetails()).isRequiredToObtainAuthenticatedToken()) {
      throw new InvalidOAuthParametersException(messages.getMessage("ProtectedResourceProcessingFilter.missingToken", "Missing auth token."));
    }

    Authentication userAuthentication = authHandler.createAuthentication(request, authentication, accessToken);
    SecurityContextHolder.getContext().setAuthentication(userAuthentication);
View Full Code Here

    }
  }

  protected void onValidSignature(HttpServletRequest request, HttpServletResponse response, FilterChain chain) throws IOException {
    //signature is verified; create the token, send the response.
    ConsumerAuthentication authentication = (ConsumerAuthentication) SecurityContextHolder.getContext().getAuthentication();
    OAuthProviderToken authToken = createOAuthToken(authentication);
    if (!authToken.getConsumerKey().equals(authentication.getConsumerDetails().getConsumerKey())) {
      throw new IllegalStateException("The consumer key associated with the created auth token is not valid for the authenticated consumer.");
    }

    String tokenValue = authToken.getValue();
View Full Code Here

            String signature = oauthParams.get(OAuthConsumerParameter.oauth_signature.toString());
            String signatureBaseString = getProviderSupport().getSignatureBaseString(request);
            ConsumerCredentials credentials = new ConsumerCredentials(consumerKey, signature, signatureMethod, signatureBaseString, token);

            //create an authentication request.
            ConsumerAuthentication authentication = new ConsumerAuthentication(consumerDetails, credentials, oauthParams);
            authentication.setDetails(createDetails(request, consumerDetails));

            Authentication previousAuthentication = SecurityContextHolder.getContext().getAuthentication();
            try {
              //set the authentication request (unauthenticated) into the context.
              SecurityContextHolder.getContext().setAuthentication(authentication);

              //validate the signature.
              validateSignature(authentication);

              //mark the authentication request as validated.
              authentication.setSignatureValidated(true);

              //mark that processing has been handled.
              request.setAttribute(OAUTH_PROCESSING_HANDLED, Boolean.TRUE);

              if (log.isDebugEnabled()) {
View Full Code Here

    }
  }

  protected void onValidSignature(HttpServletRequest request, HttpServletResponse response, FilterChain chain) throws IOException {
    //signature is verified; create the token, send the response.
    ConsumerAuthentication authentication = (ConsumerAuthentication) SecurityContextHolder.getContext().getAuthentication();
    OAuthProviderToken authToken = createOAuthToken(authentication);
    if (!authToken.getConsumerKey().equals(authentication.getConsumerDetails().getConsumerKey())) {
      throw new IllegalStateException("The consumer key associated with the created auth token is not valid for the authenticated consumer.");
    }

    String tokenValue = authToken.getValue();
    String callback = authentication.getOAuthParameters().get(OAuthConsumerParameter.oauth_callback.toString());

    StringBuilder responseValue = new StringBuilder(OAuthProviderParameter.oauth_token.toString())
      .append('=')
      .append(OAuthCodec.oauthEncode(tokenValue))
      .append('&')
View Full Code Here

TOP

Related Classes of org.springframework.security.oauth.provider.ConsumerAuthentication

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.