Examples of org.springframework.security.oauth2.provider.AuthorizationRequest

• org.springframework.security.oauth2.provider.AuthorizationRequest
  A request for authorization by an OAuth 2 Client, normally received and processed by the AuthorizationEndpoint. This class is meant to be manipulated throughout the authorization process, and is therefore treated as ephemeral and not to be stored long term. For long term storage, use the read-only {@link OAuth2Request} class.HTTP request parameters are stored in the parameters map, and any processing the server makes throughout the lifecycle of a request are stored on individual properties. The original request parameters will remain available through the parameters map. For convenience, constants are defined in order to get at those original values. However, the parameters map is unmodifiable so that processing cannot drop the original values. This class is {@link Serializable} in order to support storage of theauthorization request as a {@link SessionAttributes} member while the enduser through the authorization process (which may span several page requests). @author Ryan Heaton @author Dave Syer @author Amanda Anganes

   * Ensure that if the approval endpoint is called without a resolved redirect URI, the request fails.
   * @throws Exception
   */
  @Test(expected = InvalidRequestException.class)
  public void testApproveOrDenyWithOAuth2RequestWithoutRedirectUri() throws Exception {
    AuthorizationRequest request = getAuthorizationRequest("foo", null, null, null, Collections.singleton("code"));
    request.setApproved(true);
    Map<String, String> approvalParameters = new HashMap<String, String>();
    approvalParameters.put("user_oauth_approval", "true");
    model.put("authorizationRequest", request);
    endpoint.approveOrDeny(approvalParameters, model, sessionStatus, principal);

  @Test
  public void testBasicApproval() {
    HashMap<String, String> parameters = new HashMap<String, String>();
    parameters.put(OAuth2Utils.USER_OAUTH_APPROVAL, "true");
    AuthorizationRequest request = new AuthorizationRequest(parameters, null, null, null, null, null, false, null, null, null);
    request.setApproved(true); // This is enough to be explicitly approved
    assertTrue(handler.isApproved(request , new TestAuthentication("marissa", true)));
  }

  @Test
  public void testMemorizedApproval() {
    HashMap<String, String> parameters = new HashMap<String, String>();
    parameters.put(OAuth2Utils.USER_OAUTH_APPROVAL, "false");
    parameters.put("client_id", "foo");
    AuthorizationRequest authorizationRequest = new AuthorizationRequest(parameters, null, "foo", null, null, null, false, null, null, null);
    authorizationRequest.setApproved(false);
    TestAuthentication userAuthentication = new TestAuthentication("marissa", true);
    OAuth2Request storedOAuth2Request = requestFactory.createOAuth2Request(authorizationRequest);

    tokenServices.createAccessToken(new OAuth2Authentication(storedOAuth2Request, userAuthentication));
    authorizationRequest = handler.checkForPreApproval(authorizationRequest, userAuthentication);

    for (String clientId : clientIds.keySet()) {
      Map<String, Set<String>> users = clientIds.get(clientId);
      for (String userId : users.keySet()) {
        Authentication user = new UsernamePasswordAuthenticationToken(userId, "N/A", AuthorityUtils.commaSeparatedStringToAuthorityList("USER"));
        AuthorizationRequest authorizationRequest = new AuthorizationRequest();
        authorizationRequest.setClientId(clientId);
        Set<String> scopes = users.get(userId);
        authorizationRequest.setScope(scopes);
        OAuth2Request request = authorizationRequest.createOAuth2Request();
        OAuth2Authentication authentication = new OAuth2Authentication(request, user);
        DefaultOAuth2AccessToken token = new DefaultOAuth2AccessToken(UUID.randomUUID().toString());
        token.setScope(scopes);
        tokenStore.storeAccessToken(token, authentication);
      }

  private DefaultUserApprovalHandler handler = new DefaultUserApprovalHandler();

  @Test
  public void testBasicApproval() {
    AuthorizationRequest request = new AuthorizationRequest(new HashMap<String, String>(), null, null, null, null, null, false, null, null, null);
    request.setApproved(true); // This is enough to be explicitly approved
    assertTrue(handler.isApproved(request, new TestAuthentication("marissa", true)));
  }

        AuthorityUtils.commaSeparatedStringToAuthorityList("USER"));
  }

  @Test
  public void testExplicitlyApprovedScopes() {
    AuthorizationRequest authorizationRequest = new AuthorizationRequest("client", Arrays.asList("read"));
    authorizationRequest.setApprovalParameters(Collections.singletonMap("scope.read", "approved"));
    AuthorizationRequest result = handler.updateAfterApproval(authorizationRequest, userAuthentication);
    assertTrue(handler.isApproved(result, userAuthentication));
    assertEquals(1, store.getApprovals("user", "client").size());
    assertEquals(1, result.getScope().size());
    assertTrue(result.isApproved());
  }

    assertTrue(result.isApproved());
  }

  @Test
  public void testImplicitlyDeniedScope() {
    AuthorizationRequest authorizationRequest = new AuthorizationRequest("client", Arrays.asList("read", "write"));
    authorizationRequest.setApprovalParameters(Collections.singletonMap("scope.read", "approved"));
    AuthorizationRequest result = handler.updateAfterApproval(authorizationRequest, userAuthentication);
    assertTrue(handler.isApproved(result, userAuthentication));
    Collection<Approval> approvals = store.getApprovals("user", "client");
    assertEquals(2, approvals.size());
    approvals.contains(new Approval("user", "client", "read", new Date(), Approval.ApprovalStatus.APPROVED));
    approvals.contains(new Approval("user", "client", "write", new Date(), Approval.ApprovalStatus.DENIED));
    assertEquals(1, result.getScope().size());
  }

  @Test
  public void testExplicitlyPreapprovedScopes() {
    store.addApprovals(Arrays.asList(new Approval("user", "client", "read", new Date(
        System.currentTimeMillis() + 10000), Approval.ApprovalStatus.APPROVED)));
    AuthorizationRequest authorizationRequest = new AuthorizationRequest("client", Arrays.asList("read"));
    AuthorizationRequest result = handler.checkForPreApproval(authorizationRequest, userAuthentication);
    assertTrue(result.isApproved());
  }

  public void testAutoapprovedScopes() {
    handler.setClientDetailsService(clientDetailsService);
    BaseClientDetails client = new BaseClientDetails("client", null, "read", "authorization_code", null);
    client.setAutoApproveScopes(new HashSet<String>(Arrays.asList("read")));
    clientDetailsService.setClientDetailsStore(Collections.singletonMap("client", client));
    AuthorizationRequest authorizationRequest = new AuthorizationRequest("client", Arrays.asList("read"));
    AuthorizationRequest result = handler.checkForPreApproval(authorizationRequest, userAuthentication);
    assertTrue(result.isApproved());
  }

  public void testAutoapprovedWildcardScopes() {
    handler.setClientDetailsService(clientDetailsService);
    BaseClientDetails client = new BaseClientDetails("client", null, "read", "authorization_code", null);
    client.setAutoApproveScopes(new HashSet<String>(Arrays.asList(".*")));
    clientDetailsService.setClientDetailsStore(Collections.singletonMap("client", client));
    AuthorizationRequest authorizationRequest = new AuthorizationRequest("client", Arrays.asList("read"));
    AuthorizationRequest result = handler.checkForPreApproval(authorizationRequest, userAuthentication);
    assertTrue(result.isApproved());
  }