Package org.springframework.security.oauth2.common.exceptions

Examples of org.springframework.security.oauth2.common.exceptions.UnauthorizedClientException


        Date expirationDate1 = DateUtil.utcToDate(expiration1);
       
        ClientDetailsEntity mockedClient1 = mock(ClientDetailsEntity.class);
        when(mockedClient1.getClientId()).thenReturn("mocked_client_1");
       
        OAuth2Request req1 = new OAuth2Request(new HashMap<String, String>(), "client1", new ArrayList<GrantedAuthority>(),
                                               true, new HashSet<String>(), new HashSet<String>(), "http://foo.com",
                                               new HashSet<String>(), null);
        Authentication mockAuth1 = mock(Authentication.class, withSettings().serializable());
        OAuth2Authentication auth1 = new OAuth2Authentication(req1, mockAuth1);
       
        AuthenticationHolderEntity holder1 = new AuthenticationHolderEntity();
        holder1.setId(1L);
        holder1.setAuthentication(auth1);
       
        OAuth2RefreshTokenEntity token1 = new OAuth2RefreshTokenEntity();
        token1.setId(1L);
        token1.setClient(mockedClient1);
        token1.setExpiration(expirationDate1);
        token1.setValue("eyJhbGciOiJub25lIn0.eyJqdGkiOiJmOTg4OWQyOS0xMTk1LTQ4ODEtODgwZC1lZjVlYzAwY2Y4NDIifQ.");
        token1.setAuthenticationHolder(holder1);
       
        String expiration2 = "2015-01-07T18:31:50.079+0000";
        Date expirationDate2 = DateUtil.utcToDate(expiration2);
       
        ClientDetailsEntity mockedClient2 = mock(ClientDetailsEntity.class);
        when(mockedClient2.getClientId()).thenReturn("mocked_client_2");
       
        OAuth2Request req2 = new OAuth2Request(new HashMap<String, String>(), "client2", new ArrayList<GrantedAuthority>(),
                                               true, new HashSet<String>(), new HashSet<String>(), "http://bar.com",
                                               new HashSet<String>(), null);
        Authentication mockAuth2 = mock(Authentication.class, withSettings().serializable());
        OAuth2Authentication auth2 = new OAuth2Authentication(req2, mockAuth2);
       
View Full Code Here


  @Override
  public OAuth2AccessTokenEntity createAccessToken(OAuth2Authentication authentication) throws AuthenticationException, InvalidClientException {
    if (authentication != null && authentication.getOAuth2Request() != null) {
      // look up our client
      OAuth2Request clientAuth = authentication.getOAuth2Request();

      ClientDetailsEntity client = clientDetailsService.loadClientByClientId(clientAuth.getClientId());

      if (client == null) {
        throw new InvalidClientException("Client not found: " + clientAuth.getClientId());
      }

      OAuth2AccessTokenEntity token = new OAuth2AccessTokenEntity();//accessTokenFactory.createNewAccessToken();

      // attach the client
      token.setClient(client);

      // inherit the scope from the auth, but make a new set so it is
      //not unmodifiable. Unmodifiables don't play nicely with Eclipselink, which
      //wants to use the clone operation.
      Set<String> scopes = Sets.newHashSet(clientAuth.getScope());
      // remove any of the special system scopes
      scopes = scopeService.removeRestrictedScopes(scopes);
      token.setScope(scopes);

      // make it expire if necessary
      if (client.getAccessTokenValiditySeconds() != null && client.getAccessTokenValiditySeconds() > 0) {
        Date expiration = new Date(System.currentTimeMillis() + (client.getAccessTokenValiditySeconds() * 1000L));
        token.setExpiration(expiration);
      }

      // attach the authorization so that we can look it up later
      AuthenticationHolderEntity authHolder = new AuthenticationHolderEntity();
      authHolder.setAuthentication(authentication);
      authHolder = authenticationHolderRepository.save(authHolder);

      token.setAuthenticationHolder(authHolder);

      // attach a refresh token, if this client is allowed to request them and the user gets the offline scope
      if (client.isAllowRefresh() && scopes.contains(SystemScopeService.OFFLINE_ACCESS)) {
        OAuth2RefreshTokenEntity refreshToken = new OAuth2RefreshTokenEntity(); //refreshTokenFactory.createNewRefreshToken();
        JWTClaimsSet refreshClaims = new JWTClaimsSet();


        // make it expire if necessary
        if (client.getRefreshTokenValiditySeconds() != null) {
          Date expiration = new Date(System.currentTimeMillis() + (client.getRefreshTokenValiditySeconds() * 1000L));
          refreshToken.setExpiration(expiration);
          refreshClaims.setExpirationTime(expiration);
        }

        // set a random identifier
        refreshClaims.setJWTID(UUID.randomUUID().toString());

        // TODO: add issuer fields, signature to JWT

        PlainJWT refreshJwt = new PlainJWT(refreshClaims);
        refreshToken.setJwt(refreshJwt);

        //Add the authentication
        refreshToken.setAuthenticationHolder(authHolder);
        refreshToken.setClient(client);



        // save the token first so that we can set it to a member of the access token (NOTE: is this step necessary?)
        OAuth2RefreshTokenEntity savedRefreshToken = tokenRepository.saveRefreshToken(refreshToken);

        token.setRefreshToken(savedRefreshToken);
      }
     
      OAuth2AccessTokenEntity enhancedToken = (OAuth2AccessTokenEntity) tokenEnhancer.enhance(token, authentication);

      OAuth2AccessTokenEntity savedToken = tokenRepository.saveAccessToken(enhancedToken);

      //Add approved site reference, if any
      OAuth2Request originalAuthRequest = authHolder.getAuthentication().getOAuth2Request();

      if (originalAuthRequest.getExtensions() != null && originalAuthRequest.getExtensions().containsKey("approved_site")) {

        Long apId = (Long) originalAuthRequest.getExtensions().get("approved_site");
        ApprovedSite ap = approvedSiteService.getById(apId);
        Set<OAuth2AccessTokenEntity> apTokens = ap.getApprovedAccessTokens();
        apTokens.add(savedToken);
        ap.setApprovedAccessTokens(apTokens);
        approvedSiteService.save(ap);
View Full Code Here

        assertThat(savedSites.get(1).getApprovedAccessTokens().size(), equalTo(site2.getApprovedAccessTokens().size()));
    }
   
    @Test
    public void testImportAuthenticationHolders() throws IOException {
        OAuth2Request req1 = new OAuth2Request(new HashMap<String, String>(), "client1", new ArrayList<GrantedAuthority>(),
                                               true, new HashSet<String>(), new HashSet<String>(), "http://foo.com",
                                               new HashSet<String>(), null);
        Authentication mockAuth1 = mock(Authentication.class, withSettings().serializable());
        OAuth2Authentication auth1 = new OAuth2Authentication(req1, mockAuth1);
       
        AuthenticationHolderEntity holder1 = new AuthenticationHolderEntity();
        holder1.setId(1L);
        holder1.setAuthentication(auth1);
       
        OAuth2Request req2 = new OAuth2Request(new HashMap<String, String>(), "client2", new ArrayList<GrantedAuthority>(),
                                               true, new HashSet<String>(), new HashSet<String>(), "http://bar.com",
                                               new HashSet<String>(), null);
        Authentication mockAuth2 = mock(Authentication.class, withSettings().serializable());
        OAuth2Authentication auth2 = new OAuth2Authentication(req2, mockAuth2);
       
View Full Code Here

        Date expirationDate1 = DateUtil.utcToDate(expiration1);
       
        ClientDetailsEntity mockedClient1 = mock(ClientDetailsEntity.class);
        when(mockedClient1.getClientId()).thenReturn("mocked_client_1");
       
        OAuth2Request req1 = new OAuth2Request(new HashMap<String, String>(), "client1", new ArrayList<GrantedAuthority>(),
                                               true, new HashSet<String>(), new HashSet<String>(), "http://foo.com",
                                               new HashSet<String>(), null);
        Authentication mockAuth1 = mock(Authentication.class, withSettings().serializable());
        OAuth2Authentication auth1 = new OAuth2Authentication(req1, mockAuth1);
       
        AuthenticationHolderEntity holder1 = new AuthenticationHolderEntity();
        holder1.setId(1L);
        holder1.setAuthentication(auth1);
       
        OAuth2RefreshTokenEntity token1 = new OAuth2RefreshTokenEntity();
        token1.setId(1L);
        token1.setClient(mockedClient1);
        token1.setExpiration(expirationDate1);
        token1.setValue("eyJhbGciOiJub25lIn0.eyJqdGkiOiJmOTg4OWQyOS0xMTk1LTQ4ODEtODgwZC1lZjVlYzAwY2Y4NDIifQ.");
        token1.setAuthenticationHolder(holder1);
       
        String expiration2 = "2015-01-07T18:31:50.079+0000";
        Date expirationDate2 = DateUtil.utcToDate(expiration2);
       
        ClientDetailsEntity mockedClient2 = mock(ClientDetailsEntity.class);
        when(mockedClient2.getClientId()).thenReturn("mocked_client_2");
       
        OAuth2Request req2 = new OAuth2Request(new HashMap<String, String>(), "client2", new ArrayList<GrantedAuthority>(),
                                               true, new HashSet<String>(), new HashSet<String>(), "http://bar.com",
                                               new HashSet<String>(), null);
        Authentication mockAuth2 = mock(Authentication.class, withSettings().serializable());
        OAuth2Authentication auth2 = new OAuth2Authentication(req2, mockAuth2);
       
View Full Code Here

  private static final String USERNAME = "username";

  public String extractKey(OAuth2Authentication authentication) {
    Map<String, String> values = new LinkedHashMap<String, String>();
    OAuth2Request authorizationRequest = authentication.getOAuth2Request();
    if (!authentication.isClientOnly()) {
      values.put(USERNAME, authentication.getName());
    }
    values.put(CLIENT_ID, authorizationRequest.getClientId());
    if (authorizationRequest.getScope() != null) {
      values.put(SCOPE, OAuth2Utils.formatParameterList(authorizationRequest.getScope()));
    }
    MessageDigest digest;
    try {
      digest = MessageDigest.getInstance("MD5");
    }
View Full Code Here

    refreshToken = Mockito.mock(OAuth2RefreshTokenEntity.class);
    Mockito.when(tokenRepository.getRefreshTokenByValue(refreshTokenValue)).thenReturn(refreshToken);
    Mockito.when(refreshToken.getClient()).thenReturn(client);
    Mockito.when(refreshToken.isExpired()).thenReturn(false);

    tokenRequest = new TokenRequest(null, clientId, null, null);

    storedAuthentication = authentication;
    storedAuthRequest = clientAuth;
    storedAuthHolder = Mockito.mock(AuthenticationHolderEntity.class);
    storedScope = Sets.newHashSet(scope);
View Full Code Here

    return newClient;
  }
 
  private OAuth2AccessTokenEntity fetchValidRegistrationToken(OAuth2Authentication auth, ClientDetailsEntity client) {
   
    OAuth2AuthenticationDetails details = (OAuth2AuthenticationDetails) auth.getDetails();
    OAuth2AccessTokenEntity token = tokenService.readAccessToken(details.getTokenValue());
   
    if (config.getRegTokenLifeTime() != null) {
   
      try {
        // Re-issue the token if it has been issued before [currentTime - validity]
View Full Code Here

    return newClient;
  }
 
  private OAuth2AccessTokenEntity fetchValidRegistrationToken(OAuth2Authentication auth, ClientDetailsEntity client) {
   
    OAuth2AuthenticationDetails details = (OAuth2AuthenticationDetails) auth.getDetails();
    OAuth2AccessTokenEntity token = tokenService.readAccessToken(details.getTokenValue());
   
    if (config.getRegTokenLifeTime() != null) {
   
      try {
        // Re-issue the token if it has been issued before [currentTime - validity]
View Full Code Here

    @EnableGlobalMethodSecurity(prePostEnabled = true, jsr250Enabled = true)
    private static class GlobalSecurityConfiguration extends GlobalMethodSecurityConfiguration {<% if (authenticationType == 'token') { %>

        @Override
        protected MethodSecurityExpressionHandler createExpressionHandler() {
            return new OAuth2MethodSecurityExpressionHandler();
        }<% } %>
View Full Code Here

  private OAuth2RequestFactory defaultOAuth2RequestFactory;

  public void afterPropertiesSet() throws Exception {
    Assert.state(tokenGranter != null, "TokenGranter must be provided");
    Assert.state(clientDetailsService != null, "ClientDetailsService must be provided");
    defaultOAuth2RequestFactory = new DefaultOAuth2RequestFactory(getClientDetailsService());
    if (oAuth2RequestFactory == null) {
      oAuth2RequestFactory = defaultOAuth2RequestFactory;
    }
  }
View Full Code Here

TOP

Related Classes of org.springframework.security.oauth2.common.exceptions.UnauthorizedClientException

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.