Examples of org.springframework.security.oauth2.common.OAuth2AccessToken

• org.springframework.security.oauth2.common.OAuth2AccessToken
  @author Dave Syer

   * tests a happy-day flow of the refresh token provider.
   */
  @Test
  public void testHappyDay() throws Exception {

    OAuth2AccessToken accessToken = getAccessToken("read write", "my-trusted-client");

    // now use the refresh token to get a new access token.
    assertNotNull(accessToken.getRefreshToken());
    OAuth2AccessToken newAccessToken = refreshAccessToken(accessToken.getRefreshToken().getValue());
    assertFalse(newAccessToken.getValue().equals(accessToken.getValue()));

    verifyAccessTokens(accessToken, newAccessToken);

  }

    @SuppressWarnings("rawtypes")
    ResponseEntity<Map> response = http.postForMap(tokenPath(), headers, formData);
    assertEquals(HttpStatus.OK, response.getStatusCode());
    assertTrue("Wrong cache control: " + response.getHeaders().getFirst("Cache-Control"), response.getHeaders()
        .getFirst("Cache-Control").contains("no-store"));
    @SuppressWarnings("unchecked")
    OAuth2AccessToken newAccessToken = DefaultOAuth2AccessToken.valueOf(response.getBody());
    return newAccessToken;

  }

    ResponseEntity<Map> response = http.postForMap(tokenPath(), headers, formData);
    assertEquals(HttpStatus.OK, response.getStatusCode());
    assertTrue("Wrong cache control: " + response.getHeaders().getFirst("Cache-Control"), response.getHeaders()
        .getFirst("Cache-Control").contains("no-store"));

    @SuppressWarnings("unchecked")
    OAuth2AccessToken accessToken = DefaultOAuth2AccessToken.valueOf(response.getBody());
    return accessToken;
  }

public class ResourceOwnerPasswordProviderTests extends AbstractResourceOwnerPasswordProviderTests {

  @Test
  @OAuth2ContextConfiguration(ResourceOwner.class)
  public void testCheckToken() throws Exception {
    OAuth2AccessToken token = context.getAccessToken();
    HttpHeaders headers = new HttpHeaders();
    headers.set("Content-Type", MediaType.APPLICATION_FORM_URLENCODED_VALUE);
    @SuppressWarnings("rawtypes")
    ResponseEntity<Map> response = new TestRestTemplate("my-client-with-secret", "secret").exchange(http
        .getUrl(checkTokenPath()), HttpMethod.POST, new HttpEntity<String>("token=" + token.getValue(),
        headers), Map.class);
    assertEquals(HttpStatus.OK, response.getStatusCode());
    @SuppressWarnings("unchecked")
    Map<String, Object> map = (Map<String, Object>) response.getBody();
    assertTrue(map.containsKey(AccessTokenConverter.EXP));

   * tests the check_token endpoint
   */
  @Test
  @OAuth2ContextConfiguration(ClientCredentials.class)
  public void testCheckToken() throws Exception {
    OAuth2AccessToken token = context.getAccessToken();
    HttpHeaders headers = new HttpHeaders();
    headers.set("Content-Type", MediaType.APPLICATION_FORM_URLENCODED_VALUE);
    @SuppressWarnings("rawtypes")
    ResponseEntity<Map> response = new TestRestTemplate("my-client-with-secret", "secret").exchange(http
        .getUrl(checkTokenPath()), HttpMethod.POST,
        new HttpEntity<String>("token=" + token.getValue(), headers), Map.class);
    assertEquals(HttpStatus.OK, response.getStatusCode());
    @SuppressWarnings("unchecked")
    Map<String, Object> map = (Map<String, Object>) response.getBody();
    assertTrue(map.containsKey(AccessTokenConverter.EXP));
    assertEquals("my-client-with-secret", map.get(AccessTokenConverter.CLIENT_ID));

   * tests a happy-day flow of the refresh token provider.
   */
  @Test
  public void testHappyDay() throws Exception {

    OAuth2AccessToken accessToken = getAccessToken("read write", "my-trusted-client");

    // now use the refresh token to get a new access token.
    assertNotNull(accessToken.getRefreshToken());
    OAuth2AccessToken newAccessToken = refreshAccessToken(accessToken.getRefreshToken().getValue());
    assertFalse(newAccessToken.getValue().equals(accessToken.getValue()));

    verifyAccessTokens(accessToken, newAccessToken);

  }

    @SuppressWarnings("rawtypes")
    ResponseEntity<Map> response = http.postForMap(tokenPath(), headers, formData);
    assertEquals(HttpStatus.OK, response.getStatusCode());
    assertTrue("Wrong cache control: " + response.getHeaders().getFirst("Cache-Control"), response.getHeaders()
        .getFirst("Cache-Control").contains("no-store"));
    @SuppressWarnings("unchecked")
    OAuth2AccessToken newAccessToken = DefaultOAuth2AccessToken.valueOf(response.getBody());
    return newAccessToken;

  }

    ResponseEntity<Map> response = http.postForMap(tokenPath(), headers, formData);
    assertEquals(HttpStatus.OK, response.getStatusCode());
    assertTrue("Wrong cache control: " + response.getHeaders().getFirst("Cache-Control"), response.getHeaders()
        .getFirst("Cache-Control").contains("no-store"));

    @SuppressWarnings("unchecked")
    OAuth2AccessToken accessToken = DefaultOAuth2AccessToken.valueOf(response.getBody());
    return accessToken;
  }

  }

  @Test
  public void readAccessToken() throws IOException {
    when(inputMessage.getBody()).thenReturn(createInputStream(OAUTH_ACCESSTOKEN));
    OAuth2AccessToken token = converter.read(OAuth2AccessToken.class, inputMessage);
    assertTokenEquals(accessToken,token);
  }

  @Test
  public void readAccessTokenNoRefresh() throws IOException {
    accessToken.setRefreshToken(null);
    when(inputMessage.getBody()).thenReturn(createInputStream(OAUTH_ACCESSTOKEN_NOREFRESH));
    OAuth2AccessToken token = converter.read(OAuth2AccessToken.class, inputMessage);
    assertTokenEquals(accessToken,token);
  }