Package org.springframework.security.oauth2.common

Examples of org.springframework.security.oauth2.common.DefaultOAuth2AccessToken

61
62
63
64
65
66
67
68
69
70
71
  @Test
  public void testScopePreserved() {
    OAuth2Authentication authentication = new OAuth2Authentication(createOAuth2Request("foo", Collections.singleton("read")),
        userAuthentication);
    DefaultOAuth2AccessToken original = new DefaultOAuth2AccessToken("FOO");
    original.setScope(authentication.getOAuth2Request().getScope());
    OAuth2AccessToken token = tokenEnhancer.enhance(original, authentication);
    assertNotNull(token.getValue());
    assertEquals(Collections.singleton("read"), token.getScope());
  }
View Full Code Here
72
73
74
75
76
77
78
79
80
81
82
83
84
  @Test
  public void testRefreshTokenAdded() {
    OAuth2Authentication authentication = new OAuth2Authentication(createOAuth2Request("foo", Collections.singleton("read")),
        userAuthentication);
    DefaultOAuth2AccessToken original = new DefaultOAuth2AccessToken("FOO");
    original.setScope(authentication.getOAuth2Request().getScope());
    original.setRefreshToken(new DefaultOAuth2RefreshToken("BAR"));
    OAuth2AccessToken token = tokenEnhancer.enhance(original, authentication);
    assertNotNull(token.getValue());
    assertNotNull(token.getRefreshToken());
    String claims = JwtHelper.decode(token.getRefreshToken().getValue()).getClaims();
    assertTrue("Wrong claims: " + claims, claims.contains("\"" + AccessTokenConverter.SCOPE + "\""));
View Full Code Here
98
99
100
101
102
103
104
105
        + "gOdvA1hvq3tlWU5REDrYt24xpviA0fvrJpwMPbECMAKDKdiDi6Q4/iBkkzNMefA8\n"
        + "7HX27b9LR33don/1u/yvzMUo+lrRdKAFJ+9GPE9XFA== \n" + "-----END RSA PRIVATE KEY----- ";
    tokenEnhancer.setSigningKey(rsaKey);
    OAuth2Authentication authentication = new OAuth2Authentication(createOAuth2Request("foo", null),
        userAuthentication);
    OAuth2AccessToken token = tokenEnhancer.enhance(new DefaultOAuth2AccessToken("FOO"), authentication);
    JwtHelper.decodeAndVerify(token.getValue(), new RsaVerifier(rsaKey));
  }
View Full Code Here
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
  }

  @Test
  public void testStoreAccessToken() {
    OAuth2Authentication expectedAuthentication = new OAuth2Authentication(RequestTokenFactory.createOAuth2Request("id", false), new TestAuthentication("test2", false));
    OAuth2AccessToken expectedOAuth2AccessToken = new DefaultOAuth2AccessToken("testToken");
    getTokenStore().storeAccessToken(expectedOAuth2AccessToken, expectedAuthentication);

    OAuth2AccessToken actualOAuth2AccessToken = getTokenStore().readAccessToken("testToken");
    assertEquals(expectedOAuth2AccessToken, actualOAuth2AccessToken);
    assertEquals(expectedAuthentication, getTokenStore().readAuthentication(expectedOAuth2AccessToken));
    getTokenStore().removeAccessToken(expectedOAuth2AccessToken);
    assertNull(getTokenStore().readAccessToken("testToken"));
    assertNull(getTokenStore().readAuthentication(expectedOAuth2AccessToken.getValue()));
  }
View Full Code Here
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
  }

  @Test
  public void testStoreAccessTokenTwice() {
    OAuth2Authentication expectedAuthentication = new OAuth2Authentication(RequestTokenFactory.createOAuth2Request( "id", false), new TestAuthentication("test2", false));
    OAuth2AccessToken expectedOAuth2AccessToken = new DefaultOAuth2AccessToken("testToken");
    getTokenStore().storeAccessToken(expectedOAuth2AccessToken, expectedAuthentication);
    getTokenStore().storeAccessToken(expectedOAuth2AccessToken, expectedAuthentication);

    OAuth2AccessToken actualOAuth2AccessToken = getTokenStore().readAccessToken("testToken");
    assertEquals(expectedOAuth2AccessToken, actualOAuth2AccessToken);
    assertEquals(expectedAuthentication, getTokenStore().readAuthentication(expectedOAuth2AccessToken));
    getTokenStore().removeAccessToken(expectedOAuth2AccessToken);
    assertNull(getTokenStore().readAccessToken("testToken"));
    assertNull(getTokenStore().readAuthentication(expectedOAuth2AccessToken.getValue()));
  }
View Full Code Here
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
  @Test
  public void testRetrieveAccessToken() {
    //Test approved request
    OAuth2Request storedOAuth2Request = RequestTokenFactory.createOAuth2Request("id", true);
    OAuth2Authentication authentication = new OAuth2Authentication(storedOAuth2Request, new TestAuthentication("test2", true));
    DefaultOAuth2AccessToken expectedOAuth2AccessToken = new DefaultOAuth2AccessToken("testToken");
    expectedOAuth2AccessToken.setExpiration(new Date(Long.MAX_VALUE-1));
    getTokenStore().storeAccessToken(expectedOAuth2AccessToken, authentication);

    //Test unapproved request
    storedOAuth2Request = RequestTokenFactory.createOAuth2Request("id", false);
    authentication = new OAuth2Authentication(storedOAuth2Request, new TestAuthentication("test2", true));
    OAuth2AccessToken actualOAuth2AccessToken = getTokenStore().getAccessToken(authentication);
    assertEquals(expectedOAuth2AccessToken, actualOAuth2AccessToken);
    assertEquals(authentication.getUserAuthentication(), getTokenStore().readAuthentication(expectedOAuth2AccessToken.getValue()).getUserAuthentication());
    // The authorizationRequest does not match because it is unapproved, but the token was granted to an approved request
    assertFalse(storedOAuth2Request.equals(getTokenStore().readAuthentication(expectedOAuth2AccessToken.getValue()).getOAuth2Request()));
    actualOAuth2AccessToken = getTokenStore().getAccessToken(authentication);
    assertEquals(expectedOAuth2AccessToken, actualOAuth2AccessToken);
    getTokenStore().removeAccessToken(expectedOAuth2AccessToken);
    assertNull(getTokenStore().readAccessToken("testToken"));
    assertNull(getTokenStore().readAuthentication(expectedOAuth2AccessToken.getValue()));
    assertNull(getTokenStore().getAccessToken(authentication));
  }
View Full Code Here
100
101
102
103
104
105
106
107
108
109
110
  }

  @Test
  public void testFindAccessTokensByClientIdAndUserName() {
    OAuth2Authentication expectedAuthentication = new OAuth2Authentication(RequestTokenFactory.createOAuth2Request("id", false), new TestAuthentication("test2", false));
    OAuth2AccessToken expectedOAuth2AccessToken = new DefaultOAuth2AccessToken("testToken");
    getTokenStore().storeAccessToken(expectedOAuth2AccessToken, expectedAuthentication);

    Collection<OAuth2AccessToken> actualOAuth2AccessTokens = getTokenStore().findTokensByClientIdAndUserName("id", "test2");
    assertEquals(1, actualOAuth2AccessTokens.size());
  }
View Full Code Here
110
111
112
113
114
115
116
117
118
119
120
  }

  @Test
  public void testFindAccessTokensByClientId() {
    OAuth2Authentication expectedAuthentication = new OAuth2Authentication(RequestTokenFactory.createOAuth2Request("id", false), new TestAuthentication("test2", false));
    OAuth2AccessToken expectedOAuth2AccessToken = new DefaultOAuth2AccessToken("testToken");
    getTokenStore().storeAccessToken(expectedOAuth2AccessToken, expectedAuthentication);

    Collection<OAuth2AccessToken> actualOAuth2AccessTokens = getTokenStore().findTokensByClientId("id");
    assertEquals(1, actualOAuth2AccessTokens.size());
  }
View Full Code Here
125
126
127
128
129
130
131
132
133
134
135
136
  }

  @Test
  public void testRefreshTokenIsNotStoredDuringAccessToken() {
    OAuth2Authentication expectedAuthentication = new OAuth2Authentication(RequestTokenFactory.createOAuth2Request("id", false), new TestAuthentication("test2", false));
    DefaultOAuth2AccessToken expectedOAuth2AccessToken = new DefaultOAuth2AccessToken("testToken");
    expectedOAuth2AccessToken.setRefreshToken(new DefaultOAuth2RefreshToken("refreshToken"));
    getTokenStore().storeAccessToken(expectedOAuth2AccessToken, expectedAuthentication);

    OAuth2AccessToken actualOAuth2AccessToken = getTokenStore().readAccessToken("testToken");
    assertNotNull(actualOAuth2AccessToken.getRefreshToken());
   
View Full Code Here
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
  @Test
  public void testGetAccessTokenForDeletedUser() throws Exception {
    //Test approved request
    OAuth2Request storedOAuth2Request = RequestTokenFactory.createOAuth2Request("id", true);
    OAuth2Authentication expectedAuthentication = new OAuth2Authentication(storedOAuth2Request, new TestAuthentication("test", true));
    OAuth2AccessToken expectedOAuth2AccessToken = new DefaultOAuth2AccessToken("testToken");
    getTokenStore().storeAccessToken(expectedOAuth2AccessToken, expectedAuthentication);
    assertEquals(expectedOAuth2AccessToken, getTokenStore().getAccessToken(expectedAuthentication));
    assertEquals(expectedAuthentication, getTokenStore().readAuthentication(expectedOAuth2AccessToken.getValue()));
   
    //Test unapproved request
    storedOAuth2Request = RequestTokenFactory.createOAuth2Request("id", false);
    OAuth2Authentication anotherAuthentication = new OAuth2Authentication(storedOAuth2Request, new TestAuthentication("test", true));
    assertEquals(expectedOAuth2AccessToken, getTokenStore().getAccessToken(anotherAuthentication));
    // The generated key for the authentication is the same as before, but the two auths are not equal. This could
    // happen if there are 2 users in a system with the same username, or (more likely), if a user account was
    // deleted and re-created.
    assertEquals(anotherAuthentication.getUserAuthentication(), getTokenStore().readAuthentication(expectedOAuth2AccessToken.getValue()).getUserAuthentication());
    // The authorizationRequest does not match because it is unapproved, but the token was granted to an approved request
    assertFalse(storedOAuth2Request.equals(getTokenStore().readAuthentication(expectedOAuth2AccessToken.getValue()).getOAuth2Request()));
  }
View Full Code Here
TOP

Related Classes of org.springframework.security.oauth2.common.DefaultOAuth2AccessToken

  • client.ClientServerInteractionTests
  • com.springsource.greenhouse.settings.SettingsControllerTest
  • demo.Application
  • demo.Application$OAuth2Config
  • demo.Application$TokenEndpointSecurity
  • OAuth2AuthenticationReadConverter
  • org.codehaus.jackson.map.ObjectMapper
  • org.mitre.oauth2.introspectingfilter.IntrospectingTokenService
  • org.mitre.oauth2.repository.impl.JpaAuthorizationCodeRepository
  • org.mitre.oauth2.service.impl.DefaultIntrospectionResultAssembler
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.