Examples of org.springframework.security.oauth2.client.http.AccessTokenRequiredException

• org.springframework.security.oauth2.client.token.AccessTokenRequest
  @author Ryan Heaton

  protected OAuth2AccessToken acquireAccessToken(OAuth2ClientContext oauth2Context)
      throws UserRedirectRequiredException {

    AccessTokenRequest accessTokenRequest = oauth2Context.getAccessTokenRequest();
    if (accessTokenRequest == null) {
      throw new AccessTokenRequiredException(
          "No OAuth 2 security context has been established. Unable to access resource '"
              + this.resource.getId() + "'.", resource);
    }

    // Transfer the preserved state from the (longer lived) context to the current request.

  @Test(expected = AccessTokenRequiredException.class)
  public void testNoRetryAccessDeniedExceptionForNoExistingToken() throws Exception {
    restTemplate.setAccessTokenProvider(new StubAccessTokenProvider());
    restTemplate.setRequestFactory(new ClientHttpRequestFactory() {
      public ClientHttpRequest createRequest(URI uri, HttpMethod httpMethod) throws IOException {
        throw new AccessTokenRequiredException(resource);
      }
    });
    restTemplate.doExecute(new URI("http://foo"), HttpMethod.GET, new NullRequestCallback(),
        new SimpleResponseExtractor());
  }

    restTemplate.setAccessTokenProvider(new StubAccessTokenProvider());
    restTemplate.setRequestFactory(new ClientHttpRequestFactory() {
      public ClientHttpRequest createRequest(URI uri, HttpMethod httpMethod) throws IOException {
        if (!failed.get()) {
          failed.set(true);
          throw new AccessTokenRequiredException(resource);
        }
        return request;
      }
    });
    Boolean result = restTemplate.doExecute(new URI("http://foo"), HttpMethod.GET, new NullRequestCallback(),

  }

  @Test
  public void testUnsuccessfulAuthentication() throws IOException, ServletException {
    try {
      filter.unsuccessfulAuthentication(null, null, new AccessTokenRequiredException("testing", null));
      fail("AccessTokenRedirectException must be thrown");
    }
    catch (AccessTokenRequiredException ex) {

    }

      throw new InvalidTokenException("Invalid token: " + token);
    }

    Collection<String> resourceIds = auth.getOAuth2Request().getResourceIds();
    if (resourceId != null && resourceIds != null && !resourceIds.isEmpty() && !resourceIds.contains(resourceId)) {
      throw new OAuth2AccessDeniedException("Invalid token does not contain resource id (" + resourceId + ")");
    }

    checkClientDetails(auth);

    if (authentication.getDetails() instanceof OAuth2AuthenticationDetails) {

      ClientDetails client;
      try {
        client = clientDetailsService.loadClientByClientId(auth.getOAuth2Request().getClientId());
      }
      catch (ClientRegistrationException e) {
        throw new OAuth2AccessDeniedException("Invalid token contains invalid client id");
      }
      Set<String> allowed = client.getScope();
      for (String scope : auth.getOAuth2Request().getScope()) {
        if (!allowed.contains(scope)) {
          throw new OAuth2AccessDeniedException("Invalid token contains disallowed scope (" + scope
              + ") for this client");
        }
      }
    }
  }

    }
    return null;
  }

  private OAuth2AccessToken createToken(String username, String password, String clientId, String clientSecret) {
    OAuth2ProtectedResourceDetails resource = getResourceDetails(username, password, clientId, clientSecret);
    AccessTokenRequest request = createAccessTokenRequest(username, password);

    ResourceOwnerPasswordAccessTokenProvider provider = createResourceOwnerPasswordAccessTokenProvider();
    try {
      return provider.obtainAccessToken(resource, request);

      throw cfEx;
    }
  }

  private OAuth2AccessToken refreshToken(OAuth2AccessToken currentToken, String username, String password, String clientId, String clientSecret) {
    OAuth2ProtectedResourceDetails resource = getResourceDetails(username, password, clientId, clientSecret);
    AccessTokenRequest request = createAccessTokenRequest(username, password);

    ResourceOwnerPasswordAccessTokenProvider provider = createResourceOwnerPasswordAccessTokenProvider();

    return provider.refreshAccessToken(resource, currentToken.getRefreshToken(), request);

    return null;
  }

  private OAuth2AccessToken createToken(String username, String password, String clientId, String clientSecret) {
    OAuth2ProtectedResourceDetails resource = getResourceDetails(username, password, clientId, clientSecret);
    AccessTokenRequest request = createAccessTokenRequest(username, password);

    ResourceOwnerPasswordAccessTokenProvider provider = createResourceOwnerPasswordAccessTokenProvider();
    try {
      return provider.obtainAccessToken(resource, request);
    }

    }
  }

  private OAuth2AccessToken refreshToken(OAuth2AccessToken currentToken, String username, String password, String clientId, String clientSecret) {
    OAuth2ProtectedResourceDetails resource = getResourceDetails(username, password, clientId, clientSecret);
    AccessTokenRequest request = createAccessTokenRequest(username, password);

    ResourceOwnerPasswordAccessTokenProvider provider = createResourceOwnerPasswordAccessTokenProvider();

    return provider.refreshAccessToken(resource, currentToken.getRefreshToken(), request);
  }