Examples of org.springframework.security.oauth2.common.OAuth2AccessToken

• org.springframework.security.oauth2.common.OAuth2AccessToken
  @author Dave Syer

  public void storeRefreshToken(OAuth2RefreshToken refreshToken, OAuth2Authentication authentication) {
  }

  @Override
  public OAuth2RefreshToken readRefreshToken(String tokenValue) {
    OAuth2AccessToken encodedRefreshToken = readAccessToken(tokenValue);
    ExpiringOAuth2RefreshToken refreshToken = new DefaultExpiringOAuth2RefreshToken(encodedRefreshToken.getValue(),
        encodedRefreshToken.getExpiration());
    if (approvalStore != null) {
      OAuth2Authentication authentication = readAuthentication(tokenValue);
      if (authentication.getUserAuthentication() != null) {
        String userId = authentication.getUserAuthentication().getName();
        String clientId = authentication.getOAuth2Request().getClientId();

    if (isRefreshTokenRequest(parameters)) {
      // A refresh token has its own default scopes, so we should ignore any added by the factory here.
      tokenRequest.setScope(OAuth2Utils.parseParameterList(parameters.get(OAuth2Utils.SCOPE)));
    }

    OAuth2AccessToken token = getTokenGranter().grant(tokenRequest.getGrantType(), tokenRequest);
    if (token == null) {
      throw new UnsupportedGrantTypeException("Unsupported grant type: " + tokenRequest.getGrantType());
    }

    return getResponse(token);

  }

  public OAuth2AccessToken obtainAccessToken(OAuth2ProtectedResourceDetails resource, AccessTokenRequest request)
      throws UserRedirectRequiredException, AccessDeniedException {

    OAuth2AccessToken accessToken = null;
    OAuth2AccessToken existingToken = null;
    Authentication auth = SecurityContextHolder.getContext().getAuthentication();

    if (auth instanceof AnonymousAuthenticationToken) {
      if (!resource.isClientOnly()) {
        throw new InsufficientAuthenticationException(
            "Authentication is required to obtain an access token (anonymous not allowed)");
      }
    }

    if (resource.isClientOnly() || (auth != null && auth.isAuthenticated())) {
      existingToken = request.getExistingToken();
      if (existingToken == null && clientTokenServices != null) {
        existingToken = clientTokenServices.getAccessToken(resource, auth);
      }

      if (existingToken != null) {
        if (existingToken.isExpired()) {
          if (clientTokenServices != null) {
            clientTokenServices.removeAccessToken(resource, auth);
          }
          OAuth2RefreshToken refreshToken = existingToken.getRefreshToken();
          if (refreshToken != null) {
            accessToken = refreshAccessToken(resource, refreshToken, request);
          }
        }
        else {

      throws UserRedirectRequiredException, AccessDeniedException, OAuth2AccessDeniedException {

    ImplicitResourceDetails resource = (ImplicitResourceDetails) details;
    try {
      // We can assume here that the request contains all the parameters needed for authentication etc.
      OAuth2AccessToken token = retrieveToken(request,
          resource, getParametersForTokenRequest(resource, request), getHeadersForTokenRequest(request));
      if (token==null) {
        // Probably an authenticated request, but approval is required.  TODO: prompt somehow?
        throw new UserRedirectRequiredException(resource.getUserAuthorizationUri(), request.toSingleValueMap());
      }

      URI location = response.getHeaders().getLocation();
      if (location == null) {
        return null;
      }
      String fragment = location.getFragment();
      OAuth2AccessToken accessToken = DefaultOAuth2AccessToken.valueOf(OAuth2Utils.extractMap(fragment));
      if (accessToken.getValue() == null) {
        throw new UserRedirectRequiredException(location.toString(), Collections.<String, String> emptyMap());
      }

      return accessToken;
    }

  @Override
  public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response)
      throws AuthenticationException, IOException, ServletException {

    OAuth2AccessToken accessToken = restTemplate.getAccessToken();
    try {
      OAuth2Authentication result = tokenServices.loadAuthentication(accessToken.getValue());
      if (authenticationDetailsSource!=null) {
        request.setAttribute(OAuth2AuthenticationDetails.ACCESS_TOKEN_VALUE, accessToken.getValue());
        result.setDetails(authenticationDetailsSource.buildDetails(request));
      }
      return result;
    }
    catch (InvalidTokenException e) {

   * tests the check_token endpoint
   */
  @Test
  @OAuth2ContextConfiguration(ClientCredentials.class)
  public void testCheckToken() throws Exception {
    OAuth2AccessToken token = context.getAccessToken();
    HttpHeaders headers = new HttpHeaders();
    headers.set("Content-Type", MediaType.APPLICATION_FORM_URLENCODED_VALUE);
    @SuppressWarnings("rawtypes")
    ResponseEntity<Map> response = new TestRestTemplate("my-client-with-secret", "secret").exchange(http
        .getUrl(checkTokenPath()), HttpMethod.POST,
        new HttpEntity<String>("token=" + token.getValue(), headers), Map.class);
    assertEquals(HttpStatus.OK, response.getStatusCode());
    @SuppressWarnings("unchecked")
    Map<String, Object> map = (Map<String, Object>) response.getBody();
    assertTrue(map.containsKey(AccessTokenConverter.EXP));
    assertEquals("my-client-with-secret", map.get(AccessTokenConverter.CLIENT_ID));

   * tests the basic provider with form based client credentials
   */
  @Test
  @OAuth2ContextConfiguration(FormClientCredentials.class)
  public void testPostForTokenWithForm() throws Exception {
    OAuth2AccessToken token = context.getAccessToken();
    assertNull(token.getRefreshToken());
  }

    return expiryQueue.size();
  }

  public OAuth2AccessToken getAccessToken(OAuth2Authentication authentication) {
    String key = authenticationKeyGenerator.extractKey(authentication);
    OAuth2AccessToken accessToken = authenticationToAccessTokenStore.get(key);
    if (accessToken != null
        && !key.equals(authenticationKeyGenerator.extractKey(readAuthentication(accessToken.getValue())))) {
      // Keep the stores consistent (maybe the same user is represented by this authentication but the details
      // have changed)
      storeAccessToken(accessToken, authentication);
    }
    return accessToken;

  public OAuth2AccessToken readAccessToken(String tokenValue) {
    return this.accessTokenStore.get(tokenValue);
  }

  public void removeAccessToken(String tokenValue) {
    OAuth2AccessToken removed = this.accessTokenStore.remove(tokenValue);
    this.accessTokenToRefreshTokenStore.remove(tokenValue);
    // Don't remove the refresh token - it's up to the caller to do that
    OAuth2Authentication authentication = this.authenticationStore.remove(tokenValue);
    if (authentication != null) {
      this.authenticationToAccessTokenStore.remove(authenticationKeyGenerator.extractKey(authentication));