Package org.springframework.security.oauth2.common

Examples of org.springframework.security.oauth2.common.OAuth2AccessToken

51
52
53
54
55
56
57
58
59
60
61
62
        result.setValue("I'mEnhanced");
        return result;
      }
    });

    OAuth2AccessToken accessToken = getTokenServices().createAccessToken(createAuthentication());
    assertTrue(accessToken.getValue().startsWith("I'mEnhanced"));
    TokenRequest tokenRequest = new TokenRequest(Collections.singletonMap("client_id", "id"), "id", null, null);
    OAuth2AccessToken refreshedAccessToken = getTokenServices().refreshAccessToken(
        accessToken.getRefreshToken().getValue(), tokenRequest);
    assertTrue(refreshedAccessToken.getValue().startsWith("I'mEnhanced"));
  }
View Full Code Here
62
63
64
65
66
67
68
69
70
71
72
73
74
  }

  @Test
  public void testOneAccessTokenPerAuthentication() throws Exception {
    OAuth2Authentication authentication = createAuthentication();
    OAuth2AccessToken first = getTokenServices().createAccessToken(authentication);
    assertEquals(1, getAccessTokenCount());
    assertEquals(1, getRefreshTokenCount());
    OAuth2AccessToken second = getTokenServices().createAccessToken(authentication);
    assertEquals(first, second);
    assertEquals(1, getAccessTokenCount());
    assertEquals(1, getRefreshTokenCount());
  }
View Full Code Here
90
91
92
93
94
95
96
97
98
99
100
101
102
  }

  @Test
  public void testRefreshTokenMaintainsState() throws Exception {
    getTokenServices().setSupportRefreshToken(true);
    OAuth2AccessToken accessToken = getTokenServices().createAccessToken(createAuthentication());
    OAuth2RefreshToken expectedExpiringRefreshToken = accessToken.getRefreshToken();
    TokenRequest tokenRequest = new TokenRequest(Collections.singletonMap("client_id", "id"), "id", null, null);
    OAuth2AccessToken refreshedAccessToken = getTokenServices().refreshAccessToken(
        expectedExpiringRefreshToken.getValue(), tokenRequest);
    assertNotNull(refreshedAccessToken);
    assertEquals(1, getAccessTokenCount());
  }
View Full Code Here
103
104
105
106
107
108
109
110
111
112
113
114
115
  @Test
  public void testNotReuseRefreshTokenMaintainsState() throws Exception {
    getTokenServices().setSupportRefreshToken(true);
    getTokenServices().setReuseRefreshToken(false);
    OAuth2AccessToken accessToken = getTokenServices().createAccessToken(createAuthentication());
    OAuth2RefreshToken expectedExpiringRefreshToken = accessToken.getRefreshToken();
    TokenRequest tokenRequest = new TokenRequest(Collections.singletonMap("client_id", "id"), "id", null, null);
    OAuth2AccessToken refreshedAccessToken = getTokenServices().refreshAccessToken(
        expectedExpiringRefreshToken.getValue(), tokenRequest);
    assertNotNull(refreshedAccessToken);
    assertEquals(1, getRefreshTokenCount());
  }
View Full Code Here
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
    TestChangeAuthentication testAuthentication = new TestChangeAuthentication("test2", false,
        new SimpleGrantedAuthority("USER"));
    OAuth2Authentication oauth2Authentication = new OAuth2Authentication(RequestTokenFactory.createOAuth2Request(
        "id", false, Collections.singleton("read")), testAuthentication);

    OAuth2AccessToken createAccessToken = getTokenServices().createAccessToken(oauth2Authentication);
    // First time. The Authentication has 2 roles;
    assertEquals(testAuthentication.getAuthorities(),
        getTokenServices().loadAuthentication(createAccessToken.getValue()).getAuthorities());
    // Now I change the authorities from testAuthentication
    testAuthentication = new TestChangeAuthentication("test2", false, new SimpleGrantedAuthority("NONE"));
    // I recreate the request
    oauth2Authentication = new OAuth2Authentication(RequestTokenFactory.createOAuth2Request("id", false,
        Collections.singleton("read")), testAuthentication);
    // I create the authentication again
    createAccessToken = getTokenServices().createAccessToken(oauth2Authentication);
    assertEquals(testAuthentication.getAuthorities(),
        getTokenServices().loadAuthentication(createAccessToken.getValue()).getAuthorities());

  }
View Full Code Here
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
  @Test
  @OAuth2ContextConfiguration(ResourceOwnerWriteOnly.class)
  public void testRevokeTokenByUser() throws Exception {

    OAuth2AccessToken token = context.getAccessToken();
    String tokenValueBeforeDeletion = token.getValue();

    HttpHeaders headers = new HttpHeaders();
    headers.setAccept(Arrays.asList(MediaType.APPLICATION_JSON));

    HttpEntity<?> request = new HttpEntity<Void>(headers);
    assertEquals(
        HttpStatus.NO_CONTENT,
        serverRunning
            .getRestTemplate()
            .exchange(serverRunning.getUrl("/sparklr2/oauth/users/{user}/tokens/{token}"),
                HttpMethod.DELETE, request, Void.class, "marissa", token.getValue()).getStatusCode());
    try {
      // The request above will delete the oauth token so that the next request will initially fail. However,
      // the failure will be detected and a new access token will be obtained.  The new access token
      // only has "write" scope and the requested resource needs "read" scope.  So, an insufficient_scope
      // exception should be thrown.
View Full Code Here
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
   * tests a happy-day flow of the refresh token provider.
   */
  @Test
  public void testHappyDay() throws Exception {

    OAuth2AccessToken accessToken = getAccessToken("read", "my-trusted-client");

    // now use the refresh token to get a new access token.
    assertNotNull(accessToken.getRefreshToken());
    OAuth2AccessToken newAccessToken = refreshAccessToken(accessToken.getRefreshToken().getValue());
    assertFalse(newAccessToken.getValue().equals(accessToken.getValue()));

    // make sure the new access token can be used.
    verifyTokenResponse(newAccessToken.getValue(), HttpStatus.OK);
    // make sure the old access token isn't valid anymore.
    verifyTokenResponse(accessToken.getValue(), HttpStatus.UNAUTHORIZED);

  }
View Full Code Here
63
64
65
66
67
68
69
70
71
72
    @SuppressWarnings("rawtypes")
    ResponseEntity<Map> response = serverRunning.postForMap("/sparklr2/oauth/token", headers, formData);
    assertEquals(HttpStatus.OK, response.getStatusCode());
    assertTrue("Wrong cache control: " + response.getHeaders().getFirst("Cache-Control"), response.getHeaders().getFirst("Cache-Control").contains("no-store"));
    @SuppressWarnings("unchecked")
    OAuth2AccessToken newAccessToken = DefaultOAuth2AccessToken.valueOf(response.getBody());
    return newAccessToken;

  }
View Full Code Here
78
79
80
81
82
83
84
85
86
    @SuppressWarnings("rawtypes")
    ResponseEntity<Map> response = serverRunning.postForMap("/sparklr2/oauth/token", headers, formData);
    assertEquals(HttpStatus.OK, response.getStatusCode());
    assertTrue("Wrong cache control: " + response.getHeaders().getFirst("Cache-Control"), response.getHeaders().getFirst("Cache-Control").contains("no-store"));

    @SuppressWarnings("unchecked")
    OAuth2AccessToken accessToken = DefaultOAuth2AccessToken.valueOf(response.getBody());
    return accessToken;
  }
View Full Code Here
66
67
68
69
70
71
72
73
74
75
76
        client.setRefreshTokenValiditySeconds(100);
        client.setAuthorizedGrantTypes(Arrays.asList("authorization_code", "refresh_token"));
        return client;
      }
    });
    OAuth2AccessToken accessToken = getTokenServices().createAccessToken(createAuthentication());
    DefaultExpiringOAuth2RefreshToken refreshToken = (DefaultExpiringOAuth2RefreshToken) accessToken
        .getRefreshToken();
    Date expectedExpiryDate = new Date(System.currentTimeMillis() + 102 * 1000L);
    assertTrue(expectedExpiryDate.after(refreshToken.getExpiration()));
  }
 
View Full Code Here
TOP

Related Classes of org.springframework.security.oauth2.common.OAuth2AccessToken

  • client.ClientServerInteractionTests
  • com.springsource.greenhouse.settings.SettingsControllerTest
  • demo.Application
  • demo.Application$OAuth2Config
  • demo.Application$TokenEndpointSecurity
  • demo.ClientCredentialsProviderTests
  • OAuth2AuthenticationReadConverter
  • org.codehaus.jackson.map.ObjectMapper
  • org.mitre.oauth2.introspectingfilter.IntrospectingTokenService
  • org.mitre.oauth2.repository.impl.JpaAuthorizationCodeRepository
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.