Package org.springframework.security.oauth2.common

Examples of org.springframework.security.oauth2.common.DefaultOAuth2AccessToken


  @Test
  public void testScopePreserved() {
    OAuth2Authentication authentication = new OAuth2Authentication(createOAuth2Request("foo", Collections.singleton("read")),
        userAuthentication);
    DefaultOAuth2AccessToken original = new DefaultOAuth2AccessToken("FOO");
    original.setScope(authentication.getOAuth2Request().getScope());
    OAuth2AccessToken token = tokenEnhancer.enhance(original, authentication);
    assertNotNull(token.getValue());
    assertEquals(Collections.singleton("read"), token.getScope());
  }
View Full Code Here


  @Test
  public void testRefreshTokenAdded() {
    OAuth2Authentication authentication = new OAuth2Authentication(createOAuth2Request("foo", Collections.singleton("read")),
        userAuthentication);
    DefaultOAuth2AccessToken original = new DefaultOAuth2AccessToken("FOO");
    original.setScope(authentication.getOAuth2Request().getScope());
    original.setRefreshToken(new DefaultOAuth2RefreshToken("BAR"));
    OAuth2AccessToken token = tokenEnhancer.enhance(original, authentication);
    assertNotNull(token.getValue());
    assertNotNull(token.getRefreshToken());
    String claims = JwtHelper.decode(token.getRefreshToken().getValue()).getClaims();
    assertTrue("Wrong claims: " + claims, claims.contains("\"" + AccessTokenConverter.SCOPE + "\""));
View Full Code Here

        + "gOdvA1hvq3tlWU5REDrYt24xpviA0fvrJpwMPbECMAKDKdiDi6Q4/iBkkzNMefA8\n"
        + "7HX27b9LR33don/1u/yvzMUo+lrRdKAFJ+9GPE9XFA== \n" + "-----END RSA PRIVATE KEY----- ";
    tokenEnhancer.setSigningKey(rsaKey);
    OAuth2Authentication authentication = new OAuth2Authentication(createOAuth2Request("foo", null),
        userAuthentication);
    OAuth2AccessToken token = tokenEnhancer.enhance(new DefaultOAuth2AccessToken("FOO"), authentication);
    JwtHelper.decodeAndVerify(token.getValue(), new RsaVerifier(rsaKey));
  }
View Full Code Here

  }

  @Test
  public void testStoreAccessToken() {
    OAuth2Authentication expectedAuthentication = new OAuth2Authentication(RequestTokenFactory.createOAuth2Request("id", false), new TestAuthentication("test2", false));
    OAuth2AccessToken expectedOAuth2AccessToken = new DefaultOAuth2AccessToken("testToken");
    getTokenStore().storeAccessToken(expectedOAuth2AccessToken, expectedAuthentication);

    OAuth2AccessToken actualOAuth2AccessToken = getTokenStore().readAccessToken("testToken");
    assertEquals(expectedOAuth2AccessToken, actualOAuth2AccessToken);
    assertEquals(expectedAuthentication, getTokenStore().readAuthentication(expectedOAuth2AccessToken));
    getTokenStore().removeAccessToken(expectedOAuth2AccessToken);
    assertNull(getTokenStore().readAccessToken("testToken"));
    assertNull(getTokenStore().readAuthentication(expectedOAuth2AccessToken.getValue()));
  }
View Full Code Here

  }

  @Test
  public void testStoreAccessTokenTwice() {
    OAuth2Authentication expectedAuthentication = new OAuth2Authentication(RequestTokenFactory.createOAuth2Request( "id", false), new TestAuthentication("test2", false));
    OAuth2AccessToken expectedOAuth2AccessToken = new DefaultOAuth2AccessToken("testToken");
    getTokenStore().storeAccessToken(expectedOAuth2AccessToken, expectedAuthentication);
    getTokenStore().storeAccessToken(expectedOAuth2AccessToken, expectedAuthentication);

    OAuth2AccessToken actualOAuth2AccessToken = getTokenStore().readAccessToken("testToken");
    assertEquals(expectedOAuth2AccessToken, actualOAuth2AccessToken);
    assertEquals(expectedAuthentication, getTokenStore().readAuthentication(expectedOAuth2AccessToken));
    getTokenStore().removeAccessToken(expectedOAuth2AccessToken);
    assertNull(getTokenStore().readAccessToken("testToken"));
    assertNull(getTokenStore().readAuthentication(expectedOAuth2AccessToken.getValue()));
  }
View Full Code Here

  @Test
  public void testRetrieveAccessToken() {
    //Test approved request
    OAuth2Request storedOAuth2Request = RequestTokenFactory.createOAuth2Request("id", true);
    OAuth2Authentication authentication = new OAuth2Authentication(storedOAuth2Request, new TestAuthentication("test2", true));
    DefaultOAuth2AccessToken expectedOAuth2AccessToken = new DefaultOAuth2AccessToken("testToken");
    expectedOAuth2AccessToken.setExpiration(new Date(Long.MAX_VALUE-1));
    getTokenStore().storeAccessToken(expectedOAuth2AccessToken, authentication);

    //Test unapproved request
    storedOAuth2Request = RequestTokenFactory.createOAuth2Request("id", false);
    authentication = new OAuth2Authentication(storedOAuth2Request, new TestAuthentication("test2", true));
    OAuth2AccessToken actualOAuth2AccessToken = getTokenStore().getAccessToken(authentication);
    assertEquals(expectedOAuth2AccessToken, actualOAuth2AccessToken);
    assertEquals(authentication.getUserAuthentication(), getTokenStore().readAuthentication(expectedOAuth2AccessToken.getValue()).getUserAuthentication());
    // The authorizationRequest does not match because it is unapproved, but the token was granted to an approved request
    assertFalse(storedOAuth2Request.equals(getTokenStore().readAuthentication(expectedOAuth2AccessToken.getValue()).getOAuth2Request()));
    actualOAuth2AccessToken = getTokenStore().getAccessToken(authentication);
    assertEquals(expectedOAuth2AccessToken, actualOAuth2AccessToken);
    getTokenStore().removeAccessToken(expectedOAuth2AccessToken);
    assertNull(getTokenStore().readAccessToken("testToken"));
    assertNull(getTokenStore().readAuthentication(expectedOAuth2AccessToken.getValue()));
    assertNull(getTokenStore().getAccessToken(authentication));
  }
View Full Code Here

  }

  @Test
  public void testFindAccessTokensByClientIdAndUserName() {
    OAuth2Authentication expectedAuthentication = new OAuth2Authentication(RequestTokenFactory.createOAuth2Request("id", false), new TestAuthentication("test2", false));
    OAuth2AccessToken expectedOAuth2AccessToken = new DefaultOAuth2AccessToken("testToken");
    getTokenStore().storeAccessToken(expectedOAuth2AccessToken, expectedAuthentication);

    Collection<OAuth2AccessToken> actualOAuth2AccessTokens = getTokenStore().findTokensByClientIdAndUserName("id", "test2");
    assertEquals(1, actualOAuth2AccessTokens.size());
  }
View Full Code Here

  }

  @Test
  public void testFindAccessTokensByClientId() {
    OAuth2Authentication expectedAuthentication = new OAuth2Authentication(RequestTokenFactory.createOAuth2Request("id", false), new TestAuthentication("test2", false));
    OAuth2AccessToken expectedOAuth2AccessToken = new DefaultOAuth2AccessToken("testToken");
    getTokenStore().storeAccessToken(expectedOAuth2AccessToken, expectedAuthentication);

    Collection<OAuth2AccessToken> actualOAuth2AccessTokens = getTokenStore().findTokensByClientId("id");
    assertEquals(1, actualOAuth2AccessTokens.size());
  }
View Full Code Here

  }

  @Test
  public void testRefreshTokenIsNotStoredDuringAccessToken() {
    OAuth2Authentication expectedAuthentication = new OAuth2Authentication(RequestTokenFactory.createOAuth2Request("id", false), new TestAuthentication("test2", false));
    DefaultOAuth2AccessToken expectedOAuth2AccessToken = new DefaultOAuth2AccessToken("testToken");
    expectedOAuth2AccessToken.setRefreshToken(new DefaultOAuth2RefreshToken("refreshToken"));
    getTokenStore().storeAccessToken(expectedOAuth2AccessToken, expectedAuthentication);

    OAuth2AccessToken actualOAuth2AccessToken = getTokenStore().readAccessToken("testToken");
    assertNotNull(actualOAuth2AccessToken.getRefreshToken());
   
View Full Code Here

  @Test
  public void testGetAccessTokenForDeletedUser() throws Exception {
    //Test approved request
    OAuth2Request storedOAuth2Request = RequestTokenFactory.createOAuth2Request("id", true);
    OAuth2Authentication expectedAuthentication = new OAuth2Authentication(storedOAuth2Request, new TestAuthentication("test", true));
    OAuth2AccessToken expectedOAuth2AccessToken = new DefaultOAuth2AccessToken("testToken");
    getTokenStore().storeAccessToken(expectedOAuth2AccessToken, expectedAuthentication);
    assertEquals(expectedOAuth2AccessToken, getTokenStore().getAccessToken(expectedAuthentication));
    assertEquals(expectedAuthentication, getTokenStore().readAuthentication(expectedOAuth2AccessToken.getValue()));
   
    //Test unapproved request
    storedOAuth2Request = RequestTokenFactory.createOAuth2Request("id", false);
    OAuth2Authentication anotherAuthentication = new OAuth2Authentication(storedOAuth2Request, new TestAuthentication("test", true));
    assertEquals(expectedOAuth2AccessToken, getTokenStore().getAccessToken(anotherAuthentication));
    // The generated key for the authentication is the same as before, but the two auths are not equal. This could
    // happen if there are 2 users in a system with the same username, or (more likely), if a user account was
    // deleted and re-created.
    assertEquals(anotherAuthentication.getUserAuthentication(), getTokenStore().readAuthentication(expectedOAuth2AccessToken.getValue()).getUserAuthentication());
    // The authorizationRequest does not match because it is unapproved, but the token was granted to an approved request
    assertFalse(storedOAuth2Request.equals(getTokenStore().readAuthentication(expectedOAuth2AccessToken.getValue()).getOAuth2Request()));
  }
View Full Code Here

TOP

Related Classes of org.springframework.security.oauth2.common.DefaultOAuth2AccessToken

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.