Package org.springframework.security.oauth2.provider

Examples of org.springframework.security.oauth2.provider.ClientDetails


    return tokenRequest.createOAuth2Request(client);
  }

  private Set<String> extractScopes(Map<String, String> requestParameters, String clientId) {
    Set<String> scopes = OAuth2Utils.parseParameterList(requestParameters.get(OAuth2Utils.SCOPE));
    ClientDetails clientDetails = clientDetailsService.loadClientByClientId(clientId);

    if ((scopes == null || scopes.isEmpty())) {
      // If no scopes are specified in the incoming data, use the default values registered with the client
      // (the spec allows us to choose between this option and rejecting the request completely, so we'll take the
      // least obnoxious choice as a default).
      scopes = clientDetails.getScope();
    }

    if (checkUserScopes) {
      scopes = checkUserScopes(scopes, clientDetails);
    }
View Full Code Here


    if (!this.grantType.equals(grantType)) {
      return null;
    }
   
    String clientId = tokenRequest.getClientId();
    ClientDetails client = clientDetailsService.loadClientByClientId(clientId);
    validateGrantType(grantType, client);
   
    logger.debug("Getting access token for: " + clientId);

    return getAccessToken(client, tokenRequest);
View Full Code Here

public class InMemoryClientDetailsService implements ClientDetailsService {

  private Map<String, ClientDetails> clientDetailsStore = new HashMap<String, ClientDetails>();

  public ClientDetails loadClientByClientId(String clientId) throws ClientRegistrationException {
    ClientDetails details = clientDetailsStore.get(clientId);
    if (details == null) {
      throw new NoSuchClientException("No client with requested id: " + clientId);
    }
    return details;
  }
View Full Code Here

  public void setPasswordEncoder(PasswordEncoder passwordEncoder) {
    this.passwordEncoder = passwordEncoder;
  }

  public ClientDetails loadClientByClientId(String clientId) throws InvalidClientException {
    ClientDetails details;
    try {
      details = jdbcTemplate.queryForObject(selectClientDetailsSql, new ClientDetailsRowMapper(), clientId);
    }
    catch (EmptyResultDataAccessException e) {
      throw new NoSuchClientException("No client with requested id: " + clientId);
View Full Code Here

  public void setPasswordEncoder(PasswordEncoder passwordEncoder) {
    this.emptyPassword = passwordEncoder.encode("");
  }

  public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
    ClientDetails clientDetails = clientDetailsService.loadClientByClientId(username);
    String clientSecret = clientDetails.getClientSecret();
    if (clientSecret== null || clientSecret.trim().length()==0) {
      clientSecret = emptyPassword;
    }
    return new User(username, clientSecret, clientDetails.getAuthorities());
  }
View Full Code Here

   * @param authorizationRequest the current authorization request
   * @return the access token validity period in seconds
   */
  protected int getAccessTokenValiditySeconds(OAuth2Request clientAuth) {
    if (clientDetailsService != null) {
      ClientDetails client = clientDetailsService.loadClientByClientId(clientAuth.getClientId());
      Integer validity = client.getAccessTokenValiditySeconds();
      if (validity != null) {
        return validity;
      }
    }
    return accessTokenValiditySeconds;
View Full Code Here

   * @param authorizationRequest the current authorization request
   * @return the refresh token validity period in seconds
   */
  protected int getRefreshTokenValiditySeconds(OAuth2Request clientAuth) {
    if (clientDetailsService != null) {
      ClientDetails client = clientDetailsService.loadClientByClientId(clientAuth.getClientId());
      Integer validity = client.getRefreshTokenValiditySeconds();
      if (validity != null) {
        return validity;
      }
    }
    return refreshTokenValiditySeconds;
View Full Code Here

   * @param authorizationRequest the current authorization request
   * @return boolean to indicate if refresh token is supported
   */
  protected boolean isSupportRefreshToken(OAuth2Request clientAuth) {
    if (clientDetailsService != null) {
      ClientDetails client = clientDetailsService.loadClientByClientId(clientAuth.getClientId());
      return client.getAuthorizedGrantTypes().contains("refresh_token");
    }
    return this.supportRefreshToken;
  }
View Full Code Here

      if (!(principal instanceof Authentication) || !((Authentication) principal).isAuthenticated()) {
        throw new InsufficientAuthenticationException(
            "User must be authenticated with Spring Security before authorization can be completed.");
      }

      ClientDetails client = getClientDetailsService().loadClientByClientId(authorizationRequest.getClientId());

      // The resolved redirect URI is either the redirect_uri from the parameters or the one from
      // clientDetails. Either way we need to store it on the AuthorizationRequest.
      String redirectUriParameter = authorizationRequest.getRequestParameters().get(OAuth2Utils.REDIRECT_URI);
      String resolvedRedirect = redirectResolver.resolveRedirect(redirectUriParameter, client);
View Full Code Here

  @Test
  public void testClientDetailsFromNonPropertyFile() {

    // valid client details NOT from property file
    ClientDetails clientDetails = clientDetailsService.loadClientByClientId("my-client-id-non-property-file");
    assertNotNull(clientDetailsService);
    assertEquals("my-client-id-non-property-file", clientDetails.getClientId());
    assertEquals("my-client-secret-non-property-file", clientDetails.getClientSecret());

    Set<String> grantTypes = clientDetails.getAuthorizedGrantTypes();
    assertNotNull(grantTypes);
    assertEquals(2, grantTypes.size());
    assertTrue(grantTypes.contains("password"));
    assertTrue(grantTypes.contains("authorization_code"));

    Set<String> scopes = clientDetails.getScope();
    assertNotNull(scopes);
    assertEquals(2, scopes.size());
    assertTrue(scopes.contains("scope1"));
    assertTrue(scopes.contains("scope2"));

    Collection<GrantedAuthority> authorities = clientDetails.getAuthorities();
    assertNotNull(authorities);
    assertEquals(2, authorities.size());
    assertTrue(AuthorityUtils.authorityListToSet(authorities).contains("ROLE_USER"));
    assertTrue(AuthorityUtils.authorityListToSet(authorities).contains("ROLE_ANONYMOUS"));
  }
View Full Code Here

TOP

Related Classes of org.springframework.security.oauth2.provider.ClientDetails

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.