Package org.springframework.security.oauth2.common

Examples of org.springframework.security.oauth2.common.DefaultOAuth2AccessToken


  @Test
  public void testTokenCountConsistency() throws Exception {
    for (int i = 0; i <= 10; i++) {
      OAuth2Authentication expectedAuthentication = new OAuth2Authentication(RequestTokenFactory.createOAuth2Request("id" + i, false), new TestAuthentication("test", false));
      DefaultOAuth2AccessToken expectedOAuth2AccessToken = new DefaultOAuth2AccessToken("testToken" + i);
      expectedOAuth2AccessToken.setExpiration(new Date(System.currentTimeMillis() - 1000));
      if (i > 1) {
        assertEquals(i, getTokenStore().getAccessTokenCount());
      }
      getTokenStore().storeAccessToken(expectedOAuth2AccessToken, expectedAuthentication);
    }
View Full Code Here


  }

  @Test
  public void testTokenCountConsistentWithExpiryQueue() throws Exception {
    OAuth2Authentication expectedAuthentication = new OAuth2Authentication(RequestTokenFactory.createOAuth2Request("id", false), new TestAuthentication("test", false));
    DefaultOAuth2AccessToken expectedOAuth2AccessToken = new DefaultOAuth2AccessToken("testToken");
    expectedOAuth2AccessToken.setExpiration(new Date(System.currentTimeMillis()+10000));
    for (int i = 0; i <= 10; i++) {
      getTokenStore().storeAccessToken(expectedOAuth2AccessToken, expectedAuthentication);
      assertEquals(getTokenStore().getAccessTokenCount(), getTokenStore().getExpiryTokenCount());
    }
  }
View Full Code Here

  @Test
  public void testAutoFlush() throws Exception {
    getTokenStore().setFlushInterval(3);
    for (int i = 0; i <= 10; i++) {
      OAuth2Authentication expectedAuthentication = new OAuth2Authentication(RequestTokenFactory.createOAuth2Request("id" + i, false), new TestAuthentication("test", false));
      DefaultOAuth2AccessToken expectedOAuth2AccessToken = new DefaultOAuth2AccessToken("testToken" + i);
      expectedOAuth2AccessToken.setExpiration(new Date(System.currentTimeMillis() - 1000));
      if (i > 2) {
        assertEquals((i % 3 + 1), getTokenStore().getAccessTokenCount());
      }
      getTokenStore().storeAccessToken(expectedOAuth2AccessToken, expectedAuthentication);
    }
View Full Code Here

   * @param account the member requesting the termination of the access grant
   * @return A redirect back to settings page.
   */
  @RequestMapping(value="/settings/apps/{accessToken}", method=RequestMethod.DELETE)
  public String disconnectApp(@PathVariable String accessToken, Account account) {
    tokenStore.removeAccessToken(new DefaultOAuth2AccessToken(accessToken));
    return "redirect:/settings";
  }
View Full Code Here

      jdbcTemplate = new JdbcTemplate(db);
      controller = new SettingsController(tokenStore, jdbcTemplate);
     
      AuthorizationRequest authorizationRequest = new DefaultAuthorizationRequest("a08318eb478a1ee31f69a55276f3af64", Arrays.asList("read", "write"));
    Authentication userAuthentication = new UsernamePasswordAuthenticationToken("1", "whateveryouwantittobe");
    tokenStore.storeAccessToken(new DefaultOAuth2AccessToken("authme"), new OAuth2Authentication(authorizationRequest, userAuthentication));
      assertEquals(1, tokenStore.findTokensByUserName("1").size());
    }
View Full Code Here

  }

  private Collection<OAuth2AccessToken> enhance(Collection<OAuth2AccessToken> tokens) {
    Collection<OAuth2AccessToken> result = new ArrayList<OAuth2AccessToken>();
    for (OAuth2AccessToken prototype : tokens) {
      DefaultOAuth2AccessToken token = new DefaultOAuth2AccessToken(prototype);
      String clientId = tokenServices.getClientId(token.getValue());
      if (clientId != null) {
        Map<String, Object> map = new HashMap<String, Object>(token.getAdditionalInformation());
        map.put("client_id", clientId);
        token.setAdditionalInformation(map);
        result.add(token);
      }
    }
    return result;
  }
View Full Code Here

  private Authentication createAuthentication(JsonObject token) {
    return new PreAuthenticatedAuthenticationToken(token.get("sub").getAsString(), token, introspectionAuthorityGranter.getAuthorities(token));
  }

  private OAuth2AccessToken createAccessToken(final JsonObject token, final String tokenString) {
    OAuth2AccessToken accessToken = new OAuth2AccessTokenImpl(token, tokenString);
    return accessToken;
  }
View Full Code Here

        return false;
      }
      // create an OAuth2Authentication
      OAuth2Authentication auth = new OAuth2Authentication(createStoredRequest(tokenResponse), createAuthentication(tokenResponse));
      // create an OAuth2AccessToken
      OAuth2AccessToken token = createAccessToken(tokenResponse, accessToken);

      if (token.getExpiration().after(new Date())) {
        // Store them in the cache
        authCache.put(accessToken, new TokenCacheObject(token, auth));

        return true;
      }
View Full Code Here

        }

        ClientDetailsEntity client = clientDetailsService.loadClientByClientId(request.getClientId());

        if (client == null) {
          throw new InvalidClientException("Client not found: " + request.getClientId());
        }


        JWSAlgorithm alg = signedJwt.getHeader().getAlgorithm();

        if (client.getRequestObjectSigningAlg() == null ||
            !client.getRequestObjectSigningAlg().equals(alg)) {
          throw new InvalidClientException("Client's registered request object signing algorithm (" + client.getRequestObjectSigningAlg() + ") does not match request object's actual algorithm (" + alg.getName() + ")");
        }

        if (alg.equals(JWSAlgorithm.RS256)
            || alg.equals(JWSAlgorithm.RS384)
            || alg.equals(JWSAlgorithm.RS512)) {

          // it's RSA, need to find the JWK URI and fetch the key

          if (client.getJwksUri() == null) {
            throw new InvalidClientException("Client must have a JWKS URI registered to use signed request objects.");
          }

          // check JWT signature
          JwtSigningAndValidationService validator = validators.getValidator(client.getJwksUri());

          if (validator == null) {
            throw new InvalidClientException("Unable to create signature validator for client's JWKS URI: " + client.getJwksUri());
          }

          if (!validator.validateSignature(signedJwt)) {
            throw new InvalidClientException("Signature did not validate for presented JWT request object.");
          }
        } else if (alg.equals(JWSAlgorithm.HS256)
            || alg.equals(JWSAlgorithm.HS384)
            || alg.equals(JWSAlgorithm.HS512)) {

          // it's HMAC, we need to make a validator based on the client secret

          JwtSigningAndValidationService validator = symmetricCacheService.getSymmetricValidtor(client);

          if (validator == null) {
            throw new InvalidClientException("Unable to create signature validator for client's secret: " + client.getClientSecret());
          }

          if (!validator.validateSignature(signedJwt)) {
            throw new InvalidClientException("Signature did not validate for presented JWT request object.");
          }


        }


      } else if (jwt instanceof PlainJWT) {
        PlainJWT plainJwt = (PlainJWT)jwt;

        // need to check clientId first so that we can load the client to check other fields
        if (request.getClientId() == null) {
          request.setClientId(plainJwt.getJWTClaimsSet().getStringClaim("client_id"));
        }

        ClientDetailsEntity client = clientDetailsService.loadClientByClientId(request.getClientId());

        if (client == null) {
          throw new InvalidClientException("Client not found: " + request.getClientId());
        }

        if (client.getRequestObjectSigningAlg() == null) {
          throw new InvalidClientException("Client is not registered for unsigned request objects (no request_object_signing_alg registered)");
        } else if (!client.getRequestObjectSigningAlg().equals(Algorithm.NONE)) {
          throw new InvalidClientException("Client is not registered for unsigned request objects (request_object_signing_alg is " + client.getRequestObjectSigningAlg() +")");
        }

        // if we got here, we're OK, keep processing

      } else if (jwt instanceof EncryptedJWT) {

        EncryptedJWT encryptedJWT = (EncryptedJWT)jwt;

        // decrypt the jwt if we can

        encryptionService.decryptJwt(encryptedJWT);

        // TODO: what if the content is a signed JWT? (#525)

        if (!encryptedJWT.getState().equals(State.DECRYPTED)) {
          throw new InvalidClientException("Unable to decrypt the request object");
        }

        // need to check clientId first so that we can load the client to check other fields
        if (request.getClientId() == null) {
          request.setClientId(encryptedJWT.getJWTClaimsSet().getStringClaim("client_id"));
        }

        ClientDetailsEntity client = clientDetailsService.loadClientByClientId(request.getClientId());

        if (client == null) {
          throw new InvalidClientException("Client not found: " + request.getClientId());
        }


      }
View Full Code Here

    OAuth2AccessTokenEntity incomingToken = tokenServices.readAccessToken(incomingTokenValue);

    if (incomingToken.getScope().contains(SystemScopeService.ID_TOKEN_SCOPE)) {

      if (!client.getClientId().equals(tokenRequest.getClientId())) {
        throw new InvalidClientException("Not the right client for this token");
      }

      // it's an ID token, process it accordingly

      try {
View Full Code Here

TOP

Related Classes of org.springframework.security.oauth2.common.DefaultOAuth2AccessToken

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.