Examples of org.springframework.security.oauth2.client.token.DefaultAccessTokenRequest

• org.springframework.security.oauth2.client.token.DefaultAccessTokenRequest
  Local context for an access token request encapsulating the parameters that are sent by the client requesting the token, as opposed to the more static variables representing the client itself and the resource being targeted. @author Dave Syer

  @Test
  public void testAttemptedTokenAcquisitionWithNoRedirect() throws Exception {
    AuthorizationCodeAccessTokenProvider provider = new AuthorizationCodeAccessTokenProvider();
    try {
      OAuth2AccessToken token = provider.obtainAccessToken(resource,
          new DefaultAccessTokenRequest());
      fail("Expected UserRedirectRequiredException");
      assertNotNull(token);
    } catch (UserRedirectRequiredException e) {
      String message = e.getMessage();
      assertTrue("Wrong message: " + message,

    resource.setClientId("my-client-with-registered-redirect");
    resource.setId("sparklr");
    resource.setScope(Arrays.asList("trust"));

    ClientCredentialsAccessTokenProvider provider = new ClientCredentialsAccessTokenProvider();
    OAuth2AccessToken accessToken = provider.obtainAccessToken(resource, new DefaultAccessTokenRequest());

    OAuth2RestTemplate template = new OAuth2RestTemplate(resource, new DefaultOAuth2ClientContext(accessToken));
    String result = template.getForObject(serverRunning.getUrl("/sparklr2/photos/trusted/message"), String.class);
    assertEquals("Hello, Trusted Client", result);

    assertNotNull(existingToken.getRefreshToken());
    // It won't be expired on the server, but we can force the client to refresh it
    assertTrue(existingToken.isExpired());

    AccessTokenRequest request = new DefaultAccessTokenRequest();
    request.setExistingToken(existingToken);

    OAuth2RestTemplate template = new OAuth2RestTemplate(resource, new DefaultOAuth2ClientContext(request));
    String result = template.getForObject(serverRunning.getUrl("/sparklr2/photos/user/message"), String.class);
    assertEquals("Hello, Trusted User marissa", result);

  private ResourceOwnerPasswordResourceDetails resource = new ResourceOwnerPasswordResourceDetails();

  @Test
  public void testGetAccessToken() throws Exception {
    AccessTokenRequest request = new DefaultAccessTokenRequest();
    resource.setAccessTokenUri("http://localhost/oauth/token");
    resource.setUsername("foo");
    resource.setPassword("bar");
    assertEquals("FOO", provider.obtainAccessToken(resource, request).getValue());
  }

    assertEquals("FOO", provider.obtainAccessToken(resource, request).getValue());
  }

  @Test
  public void testGetAccessTokenWithDynamicCredentials() throws Exception {
    AccessTokenRequest request = new DefaultAccessTokenRequest();
    request.set("username", "foo");
    request.set("password", "bar");
    resource.setAccessTokenUri("http://localhost/oauth/token");
    assertEquals("FOO", provider.obtainAccessToken(resource, request).getValue());
  }

    assertEquals("FOO", provider.obtainAccessToken(resource, request).getValue());
  }

  @Test
  public void testCurrentUriNotUsed() throws Exception {
    AccessTokenRequest request = new DefaultAccessTokenRequest();
    request.set("username", "foo");
    request.setCurrentUri("urn:foo:bar");
    resource.setAccessTokenUri("http://localhost/oauth/token");
    assertEquals("FOO", provider.obtainAccessToken(resource, request).getValue());
  }

  private AuthorizationCodeResourceDetails resource = new AuthorizationCodeResourceDetails();

  @Test
  public void testGetAccessToken() throws Exception {
    AccessTokenRequest request = new DefaultAccessTokenRequest();
    request.setAuthorizationCode("foo");
    resource.setAccessTokenUri("http://localhost/oauth/token");
    assertEquals("FOO", provider.obtainAccessToken(resource, request).getValue());
  }

    assertEquals("FOO", provider.obtainAccessToken(resource, request).getValue());
  }

  @Test
  public void testRedirectToAuthorizationEndpoint() throws Exception {
    AccessTokenRequest request = new DefaultAccessTokenRequest();
    request.setCurrentUri("/come/back/soon");
    resource.setUserAuthorizationUri("http://localhost/oauth/authorize");
    try {
      provider.obtainAccessToken(resource, request);
      fail("Expected UserRedirectRequiredException");
    }

  }

  // A missing redirect just means the server has to deal with it
  @Test(expected = UserRedirectRequiredException.class)
  public void testRedirectNotSpecified() throws Exception {
    AccessTokenRequest request = new DefaultAccessTokenRequest();
    resource.setUserAuthorizationUri("http://localhost/oauth/authorize");
    provider.obtainAccessToken(resource, request);
  }

    provider.obtainAccessToken(resource, request);
  }

  @Test
  public void testGetAccessTokenRequest() throws Exception {
    AccessTokenRequest request = new DefaultAccessTokenRequest();
    request.setAuthorizationCode("foo");
    request.setStateKey("bar");
    request.setPreservedState(new Object());
    resource.setAccessTokenUri("http://localhost/oauth/token");
    resource.setPreEstablishedRedirectUri("http://anywhere.com");
    assertEquals("FOO", provider.obtainAccessToken(resource, request).getValue());
    // System.err.println(params);
    assertEquals("authorization_code", params.getFirst("grant_type"));