Package org.springframework.security.oauth2.provider

Examples of org.springframework.security.oauth2.provider.OAuth2Authentication


  public OAuth2Authentication readAuthenticationForRefreshToken(OAuth2RefreshToken token) {
    return readAuthenticationForRefreshToken(token.getValue());
  }

  public OAuth2Authentication readAuthenticationForRefreshToken(String value) {
    OAuth2Authentication authentication = null;

    try {
      authentication = jdbcTemplate.queryForObject(selectRefreshTokenAuthenticationSql,
          new RowMapper<OAuth2Authentication>() {
            public OAuth2Authentication mapRow(ResultSet rs, int rowNum) throws SQLException {
View Full Code Here


  }

  @Override
  public void removeAccessToken(OAuth2AccessToken token) {
    if (approvalStore != null) {
      OAuth2Authentication auth = readAuthentication(token);
      String clientId = auth.getOAuth2Request().getClientId();
      Authentication user = auth.getUserAuthentication();
      if (user != null) {
        Collection<Approval> approvals = new ArrayList<Approval>();
        for (String scope : auth.getOAuth2Request().getScope()) {
          approvals.add(new Approval(user.getName(), clientId, scope, new Date(), ApprovalStatus.APPROVED));
        }
        approvalStore.revokeApprovals(approvals);
      }
    }
View Full Code Here

  public OAuth2RefreshToken readRefreshToken(String tokenValue) {
    OAuth2AccessToken encodedRefreshToken = readAccessToken(tokenValue);
    ExpiringOAuth2RefreshToken refreshToken = new DefaultExpiringOAuth2RefreshToken(encodedRefreshToken.getValue(),
        encodedRefreshToken.getExpiration());
    if (approvalStore != null) {
      OAuth2Authentication authentication = readAuthentication(tokenValue);
      if (authentication.getUserAuthentication() != null) {
        String userId = authentication.getUserAuthentication().getName();
        String clientId = authentication.getOAuth2Request().getClientId();
        Collection<Approval> approvals = approvalStore.getApprovals(userId, clientId);
        Collection<String> approvedScopes = new HashSet<String>();
        for (Approval approval : approvals) {
          if (approval.isApproved()) {
            approvedScopes.add(approval.getScope());
          }
        }
        if (!approvedScopes.containsAll(authentication.getOAuth2Request().getScope())) {
          return null;
        }
      }
    }
    return refreshToken;
View Full Code Here

    this.jwtTokenEnhancer = tokenEnhancer;
  }

  private void remove(String token) {
    if (approvalStore != null) {
      OAuth2Authentication auth = readAuthentication(token);
      String clientId = auth.getOAuth2Request().getClientId();
      Authentication user = auth.getUserAuthentication();
      if (user != null) {
        Collection<Approval> approvals = new ArrayList<Approval>();
        for (String scope : auth.getOAuth2Request().getScope()) {
          approvals.add(new Approval(user.getName(), clientId, scope, new Date(), ApprovalStatus.APPROVED));
        }
        approvalStore.revokeApprovals(approvals);
      }
    }
View Full Code Here

    return code;
  }

  public OAuth2Authentication consumeAuthorizationCode(String code)
      throws InvalidGrantException {
    OAuth2Authentication auth = this.remove(code);
    if (auth == null) {
      throw new InvalidGrantException("Invalid authorization code: " + code);
    }
    return auth;
  }
View Full Code Here

    if (authorizationCode == null) {
      throw new InvalidRequestException("An authorization code must be supplied.");
    }

    OAuth2Authentication storedAuth = authorizationCodeServices.consumeAuthorizationCode(authorizationCode);
    if (storedAuth == null) {
      throw new InvalidGrantException("Invalid authorization code: " + authorizationCode);
    }

    OAuth2Request pendingOAuth2Request = storedAuth.getOAuth2Request();
    // https://jira.springsource.org/browse/SECOAUTH-333
    // This might be null, if the authorization was done without the redirect_uri parameter
    String redirectUriApprovalParameter = pendingOAuth2Request.getRequestParameters().get(
        OAuth2Utils.REDIRECT_URI);

    if ((redirectUri != null || redirectUriApprovalParameter != null)
        && !pendingOAuth2Request.getRedirectUri().equals(redirectUri)) {
      throw new RedirectMismatchException("Redirect URI mismatch.");
    }

    String pendingClientId = pendingOAuth2Request.getClientId();
    String clientId = tokenRequest.getClientId();
    if (clientId != null && !clientId.equals(pendingClientId)) {
      // just a sanity check.
      throw new InvalidClientException("Client ID mismatch");
    }

    // Secret is not required in the authorization request, so it won't be available
    // in the pendingAuthorizationRequest. We do want to check that a secret is provided
    // in the token request, but that happens elsewhere.

    Map<String, String> combinedParameters = new HashMap<String, String>(pendingOAuth2Request
        .getRequestParameters());
    // Combine the parameters adding the new ones last so they override if there are any clashes
    combinedParameters.putAll(parameters);
   
    // Make a new stored request with the combined parameters
    OAuth2Request finalStoredOAuth2Request = pendingOAuth2Request.createOAuth2Request(combinedParameters);
   
    Authentication userAuth = storedAuth.getUserAuthentication();
   
    return new OAuth2Authentication(finalStoredOAuth2Request, userAuth);

  }
View Full Code Here

    this.authorizationCodeStore.put(code, authentication);
  }

  @Override
  public OAuth2Authentication remove(String code) {
    OAuth2Authentication auth = this.authorizationCodeStore.remove(code);
    return auth;
  }
View Full Code Here

  public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response)
      throws AuthenticationException, IOException, ServletException {

    OAuth2AccessToken accessToken = restTemplate.getAccessToken();
    try {
      OAuth2Authentication result = tokenServices.loadAuthentication(accessToken.getValue());
      if (authenticationDetailsSource!=null) {
        request.setAttribute(OAuth2AuthenticationDetails.ACCESS_TOKEN_VALUE, accessToken.getValue());
        result.setDetails(authenticationDetailsSource.buildDetails(request));
      }
      return result;
    }
    catch (InvalidTokenException e) {
      throw new BadCredentialsException("Could not obtain user details from token", e);
View Full Code Here

    if (!(authentication instanceof OAuth2Authentication)) {
      return result;
    }

    OAuth2Authentication oauth2Authentication = (OAuth2Authentication) authentication;
    OAuth2Request clientAuthentication = oauth2Authentication.getOAuth2Request();
    ClientDetails client = clientDetailsService.loadClientByClientId(clientAuthentication.getClientId());
    Set<String> scopes = clientAuthentication.getScope();
    if (oauth2Authentication.isClientOnly() && clientAuthoritiesAreScopes) {
      scopes = AuthorityUtils.authorityListToSet(clientAuthentication.getAuthorities());
    }

    for (ConfigAttribute attribute : attributes) {
      if (this.supports(attribute)) {
View Full Code Here

        new Object[] { code, new SqlLobValue(SerializationUtils.serialize(authentication)) }, new int[] {
            Types.VARCHAR, Types.BLOB });
  }

  public OAuth2Authentication remove(String code) {
    OAuth2Authentication authentication;

    try {
      authentication = jdbcTemplate.queryForObject(selectAuthenticationSql,
          new RowMapper<OAuth2Authentication>() {
            public OAuth2Authentication mapRow(ResultSet rs, int rowNum)
View Full Code Here

TOP

Related Classes of org.springframework.security.oauth2.provider.OAuth2Authentication

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.